From: Pádraig Brady <P@draigBrady.com>
Date: Wed, 20 Sep 2017 05:21:28 +0000 (-0700)
Subject: maint: fix new syntax check failures from copy restrictions
X-Git-Tag: v8.29~58
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0be99382d94f0f0b173e5b3333abb289d875e718;p=thirdparty%2Fcoreutils.git

maint: fix new syntax check failures from copy restrictions

* doc/coreutils.texi: Remove doubled word.
* src/targetdir.c: Explicitly mark exported function.
* tests/local.mk: This is not a root only test.
* tests/mv/vulnerable-target.sh: Use returns_.
Introduced in v8.28-3-g44ccd1c
---

diff --git a/doc/coreutils.texi b/doc/coreutils.texi
index 98b04644ce..9fa680a012 100644
--- a/doc/coreutils.texi
+++ b/doc/coreutils.texi
@@ -1296,7 +1296,7 @@ destination's name, or by using the @option{--target-directory}
 (For @command{cp}, @command{ln}, and @command{mv} you can also
 suppress the heuristic by setting the @env{POSIXLY_CORRECT}
 environment variable.)  For example, if @file{/tmp/risky/d} is a
-directory whose parent @file{/tmp/risky} is is world-writable and is
+directory whose parent @file{/tmp/risky} is world-writable and is
 not sticky, the command @samp{cp passwd /tmp/risky/d} fails with
 a diagnostic reporting a vulnerable target directory, as an attacker
 could replace @file{/tmp/risky/d} by a symbolic link to a victim
diff --git a/src/targetdir.c b/src/targetdir.c
index 0adaa1af00..d577893ed1 100644
--- a/src/targetdir.c
+++ b/src/targetdir.c
@@ -20,13 +20,9 @@
 #include <targetdir.h>
 
 #include <die.h>
-#include <dirname.h>
 #include <root-uid.h>
 
-#include <stdlib.h>
-#include <string.h>
-#include <sys/stat.h>
-#include <unistd.h>
+#include "system.h"
 
 /* Check whether DIR, which the caller presumably has already verified
    is a directory or a symlink to a directory, is likely to be
@@ -43,7 +39,7 @@
    This function might temporarily modify the DIR string; it restores
    the string to its original value before returning.  */
 
-enum targetdir
+extern enum targetdir
 targetdir_operand_type (char *restrict dir,
                         struct stat const *restrict dir_lstat)
 {
@@ -53,7 +49,7 @@ targetdir_operand_type (char *restrict dir,
   /* If DIR ends in / or has a last component of . or .. then it is
      good enough.  */
   if (lclen == 0 || ISSLASH (lc[lclen - 1])
-      || strcmp (lc, ".") == 0 || strcmp (lc, "..") == 0)
+      || STREQ (lc, ".") || STREQ (lc, ".."))
     return TARGETDIR_OK;
 
   char lc0 = *lc;
diff --git a/tests/local.mk b/tests/local.mk
index 8cf63cd9dd..70c49e8b7d 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -130,7 +130,6 @@ all_root_tests =				\
   tests/mkdir/smack-root.sh			\
   tests/mv/hardlink-case.sh			\
   tests/mv/sticky-to-xpart.sh			\
-  tests/mv/vulnerable-target.sh			\
   tests/rm/fail-2eperm.sh			\
   tests/rm/no-give-up.sh			\
   tests/rm/one-file-system.sh			\
@@ -663,6 +662,7 @@ all_tests =					\
   tests/mv/to-symlink.sh			\
   tests/mv/trailing-slash.sh			\
   tests/mv/update.sh				\
+  tests/mv/vulnerable-target.sh			\
   tests/readlink/can-e.sh			\
   tests/readlink/can-f.sh			\
   tests/readlink/can-m.sh			\
diff --git a/tests/mv/vulnerable-target.sh b/tests/mv/vulnerable-target.sh
index 99240346bf..49ee363c69 100755
--- a/tests/mv/vulnerable-target.sh
+++ b/tests/mv/vulnerable-target.sh
@@ -25,7 +25,7 @@ mkdir -m a+rwx risky || framework_failure_
 mkdir risky/d || framework_failure_
 echo foo >foo || framework_failure_
 
-mv foo risky/d && fail=1
+returns_ 1 mv foo risky/d || fail=1
 mv foo risky/d/ || fail=1
 mv risky/d/foo . || fail=1
 mv -t risky/d foo || fail=1