From: Frank Ch. Eigler <fche@redhat.com>
Date: Mon, 26 Apr 2021 16:21:03 +0000 (-0400)
Subject: PR27571: debuginfod client cache - file permissions
X-Git-Tag: elfutils-0.184~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=92980edc829c816fabd00df8694acd0a4976902f;p=thirdparty%2Felfutils.git

PR27571: debuginfod client cache - file permissions

Files in the download cache should be read-only.

Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
---

diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
index 9af641ec0..390910090 100644
--- a/debuginfod/ChangeLog
+++ b/debuginfod/ChangeLog
@@ -1,3 +1,9 @@
+2021-04-26  Frank Ch. Eigler <fche@redhat.com>
+
+	PR27571
+	* debuginfod-client.c (debuginfod_query_server): Chmod 0400 files
+	delivered into the cache to prevent accidental modification.
+
 2021-04-26  Frank Ch. Eigler <fche@redhat.com>
 
 	PR26125
diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
index 0170500fa..374989e26 100644
--- a/debuginfod/debuginfod-client.c
+++ b/debuginfod/debuginfod-client.c
@@ -720,7 +720,7 @@ debuginfod_query_server (debuginfod_client *c,
   /* Because of a race with cache cleanup / rmdir, try to mkdir/mkstemp up to twice. */
   for(int i=0; i<2; i++) {
     /* (re)create target directory in cache */
-    (void) mkdir(target_cache_dir, 0700);
+    (void) mkdir(target_cache_dir, 0700); /* files will be 0400 later */
 
     /* NB: write to a temporary file first, to avoid race condition of
        multiple clients checking the cache, while a partially-written or empty
@@ -1054,6 +1054,9 @@ debuginfod_query_server (debuginfod_client *c,
   tvs[0].tv_usec = tvs[1].tv_usec = 0;
   (void) futimes (fd, tvs);  /* best effort */
 
+  /* PR27571: make cache files casually unwriteable; dirs are already 0700 */
+  (void) fchmod(fd, 0400);
+                
   /* rename tmp->real */
   rc = rename (target_cache_tmppath, target_cache_path);
   if (rc < 0)
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 0d2c5edd5..f6e540d4c 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,8 @@
+2021-04-26  Frank Ch. Eigler <fche@redhat.com>
+
+	PR27571
+	* run-debuginfod-find.sh: Add test case for unwriteable cache files.
+
 2021-04-23  Omar Sandoval  <osandov@fb.com>
 
 	* run-low_high_pc-dw-form-indirect.sh: New file.
diff --git a/tests/run-debuginfod-find.sh b/tests/run-debuginfod-find.sh
index 3b9a5a6e8..d17a8d88b 100755
--- a/tests/run-debuginfod-find.sh
+++ b/tests/run-debuginfod-find.sh
@@ -177,6 +177,10 @@ testrun ${abs_builddir}/debuginfod_build_id_find -e F/prog 1
 rm -rf $DEBUGINFOD_CACHE_PATH # clean it from previous tests
 filename=`testrun ${abs_top_builddir}/debuginfod/debuginfod-find debuginfo $BUILDID`
 cmp $filename F/prog.debug
+if [ -w $filename ]; then
+    echo "cache file writable, boo"
+    exit 1
+fi
 
 filename=`testrun ${abs_top_builddir}/debuginfod/debuginfod-find executable F/prog`
 cmp $filename F/prog