From: Pablo Neira Ayuso Date: Tue, 9 Jul 2024 14:59:53 +0000 (+0200) Subject: libnftables: skip useable checks for /dev/stdin X-Git-Tag: v1.0.6.1~193 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ab0cc625e895ca9c1666443a494ccf864bdc8443;p=thirdparty%2Fnftables.git libnftables: skip useable checks for /dev/stdin commit 477fd8218777b75bdfa3a5643f692adae4f002fe upstream. /dev/stdin is a placeholder, read() from STDIN_FILENO is used to fetch the standard input into a buffer. Since 5c2b2b0a2ba7 ("src: error reporting with -f and read from stdin") stdin is stored in a buffer to fix error reporting. This patch requires: ("parser_json: use stdin buffer if available") Fixes: 149b1c95d129 ("libnftables: refuse to open onput files other than named pipes or regular files") Acked-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- diff --git a/src/libnftables.c b/src/libnftables.c index 8c532dc2..b99dff4a 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -654,6 +654,7 @@ retry: /* need to use stat() to, fopen() will block for named fifos and * libjansson makes no checks before or after open either. + * /dev/stdin is *never* used, read() from STDIN_FILENO is used instead. */ static struct error_record *filename_is_useable(struct nft_ctx *nft, const char *name) { @@ -661,6 +662,9 @@ static struct error_record *filename_is_useable(struct nft_ctx *nft, const char struct stat sb; int err; + if (!strcmp(name, "/dev/stdin")) + return NULL; + err = stat(name, &sb); if (err) return error(&internal_location, "Could not open file \"%s\": %s\n", @@ -671,9 +675,6 @@ static struct error_record *filename_is_useable(struct nft_ctx *nft, const char if (type == S_IFREG || type == S_IFIFO) return NULL; - if (type == S_IFCHR && 0 == strcmp(name, "/dev/stdin")) - return NULL; - return error(&internal_location, "Not a regular file: \"%s\"\n", name); }