touch: Restrict touch to regular files only (RHBZ#582484).

2026-03-21 22:53:37 +00:00 · 2010-06-04 11:55:54 +01:00
parent e3befe5a2e
commit 74958b0ad4
2 changed files with 24 additions and 1 deletions
--- a/daemon/file.c
+++ b/daemon/file.c
@@ -34,6 +34,26 @@ do_touch (const char *path)
 {
  int fd;
  int r;
+  struct stat buf;
+
+  /* RHBZ#582484: Restrict touch to regular files.  It's also OK
+   * here if the file does not exist, since we will create it.
+   */
+  CHROOT_IN;
+  r = lstat (path, &buf);
+  CHROOT_OUT;
+
+  if (r == -1) {
+    if (errno != ENOENT) {
+      reply_with_perror ("lstat: %s", path);
+      return -1;
+    }
+  } else {
+    if (! S_ISREG (buf.st_mode)) {
+      reply_with_error ("%s: touch can only be used on a regular files", path);
+      return -1;
+    }
+  }

  CHROOT_IN;
  fd = open (path, O_WRONLY | O_CREAT | O_NOCTTY, 0666);
--- a/src/generator.ml
+++ b/src/generator.ml
@@ -992,7 +992,10 @@ closing the handle.");
   "\
 Touch acts like the L<touch(1)> command.  It can be used to
 update the timestamps on a file, or, if the file does not exist,
-to create a new zero-length file.");
+to create a new zero-length file.
+
+This command only works on regular files, and will fail on other
+file types such as directories, symbolic links, block special etc.");

  ("cat", (RString "content", [Pathname "path"]), 4, [ProtocolLimitWarning],
   [InitISOFS, Always, TestOutput (