From 50caae7b92b787ea938df736b0d29349839f138e Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 8 Apr 2019 14:15:10 +0900
Subject: fileio: read_full_file_full() also warns when file is world readable
 and secure flag is set

---
 src/basic/fileio.c | 6 +++++-
 src/basic/fileio.h | 4 ++--
 2 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'src/basic')

diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 7196516b9e..78928979e9 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -266,6 +266,7 @@ int verify_file(const char *fn, const char *blob, bool accept_extra_nl) {
 
 int read_full_stream_full(
                 FILE *f,
+                const char *filename,
                 ReadFullFileFlags flags,
                 char **ret_contents,
                 size_t *ret_size) {
@@ -298,6 +299,9 @@ int read_full_stream_full(
                          * already makes us notice the EOF. */
                         if (st.st_size > 0)
                                 n_next = st.st_size + 1;
+
+                        if (flags & READ_FULL_FILE_SECURE)
+                                (void) warn_file_is_world_accessible(filename, &st, NULL, 0);
                 }
         }
 
@@ -388,7 +392,7 @@ int read_full_file_full(const char *filename, ReadFullFileFlags flags, char **co
 
         (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
 
-        return read_full_stream_full(f, flags, contents, size);
+        return read_full_stream_full(f, filename, flags, contents, size);
 }
 
 int executable_is_script(const char *path, char **interpreter) {
diff --git a/src/basic/fileio.h b/src/basic/fileio.h
index 93e972c2ee..6add67750a 100644
--- a/src/basic/fileio.h
+++ b/src/basic/fileio.h
@@ -48,9 +48,9 @@ int read_full_file_full(const char *filename, ReadFullFileFlags flags, char **co
 static inline int read_full_file(const char *filename, char **contents, size_t *size) {
         return read_full_file_full(filename, 0, contents, size);
 }
-int read_full_stream_full(FILE *f, ReadFullFileFlags flags, char **contents, size_t *size);
+int read_full_stream_full(FILE *f, const char *filename, ReadFullFileFlags flags, char **contents, size_t *size);
 static inline int read_full_stream(FILE *f, char **contents, size_t *size) {
-        return read_full_stream_full(f, 0, contents, size);
+        return read_full_stream_full(f, NULL, 0, contents, size);
 }
 
 int verify_file(const char *fn, const char *blob, bool accept_extra_nl);
-- 
cgit v1.2.1