From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 25 Oct 2024 08:34:55 +0000 (+0000)
Subject: linter: Seal the file after reading it into memory
X-Git-Tag: 0.9.30~908
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c1daf69ab0d14d73e4470ab77164424921c22309;p=pakfire.git

linter: Seal the file after reading it into memory

This avoids that something (either intentionally or unintentionally) can
be changed when the file is being analyzed.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/libpakfire/linter.c b/src/libpakfire/linter.c
index 3f033ae15..ae796e027 100644
--- a/src/libpakfire/linter.c
+++ b/src/libpakfire/linter.c
@@ -19,6 +19,7 @@
 #############################################################################*/
 
 #include <errno.h>
+#include <fcntl.h>
 #include <stdlib.h>
 #include <sys/mman.h>
 #include <sys/queue.h>
@@ -228,7 +229,7 @@ static int pakfire_linter_read_file(
 	const char* path = pakfire_file_get_path(file);
 
 	// Allocate a new buffer
-	fd = memfd_create(path, MFD_CLOEXEC);
+	fd = memfd_create(path, MFD_ALLOW_SEALING|MFD_CLOEXEC);
 	if (fd < 0) {
 		CTX_ERROR(linter->ctx, "memfd_create() failed: %m\n");
 		r = -errno;
@@ -285,6 +286,15 @@ static int pakfire_linter_read_file(
 		goto ERROR;
 	}
 
+	// Seal the file so that nothing can be changed
+	r = fcntl(fd, F_ADD_SEALS,
+			F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW|F_SEAL_WRITE|F_SEAL_FUTURE_WRITE);
+	if (r < 0) {
+		CTX_ERROR(linter->ctx, "Could not seal the file: %m\n");
+		r = -errno;
+		goto ERROR;
+	}
+
 	return fd;
 
 ERROR: