Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

fileexistsandisreadable() is still broken

From: Kris Katterjohn <katterjohn () gmail com>
Date: Mon, 11 Dec 2006 12:46:48 -0600
Fyodor wrote:

On Tue, Sep 05, 2006 at 01:14:34PM -0500, Kris Katterjohn wrote:

The attached patch fixes fileexistsandisreadable() in nmap.cc by using
access() to test for readability instead of bitwise ANDing the mode and
S_IRUSR. S_IRUSR only tests to see if the FILE's owner has read


Thanks.  This looks good and I've applied it for the next version.

Cheers,
-F


In 4.21ALPHA1:

#ifdef WIN32
#define STAT_READABLE(st) st.st_mode & S_IREAD
#else
#define STAT_READABLE(st) st.st_mode & S_IRUSR
#endif

/* Returns true (nonzero) if the file pathname given exists, is not
 * a directory and is readable by the executing process.  Returns
 * zero if it is not
 */
int fileexistsandisreadable(char *pathname) {
  struct stat st;

  if (stat(pathname, &st) == -1)
    return 0;

  if (!S_ISDIR(st.st_mode) && STAT_READABLE(st))
    return 1;

  if ((st.st_mode & S_IFDIR) && STAT_READABLE(st))
    return 2;

  return 0;
}

This still fails to see if the process can read the file. It still only
tests if the *file*'s owner can read it, not the *process*'s owner.
That's for !WIN32 anyway, I only assume that S_IREAD is equivalent to
S_IRUSR.

I tested it by `chmod u-r /usr/local/share/nmap/*` and trying
nmap-4.21ALPHA1 and a ALPHA1 that uses access() instead of the
STAT_READABLE. Vanilla-ALPHA1 fails to use nmap-services and resorts to
/etc/services, while the one using access() still reads nmap-services.
Besides the warning messages, I've verified this through strace.

Was there something wrong with using access() besides possible
non-portability to Windows? Looking at the man page, access() has
existed for quite a while in the UNIX world :)

(Also, that [st.st_mode & S_IFDIR] can be replaced with another S_IDIR()
macro)

Thanks,
Kris Katterjohn


P.S. I'm kinda in a hurry writing this (though it might not be that
obvious looking at the length :), so if you need anything other info or
think I might've made a typo in an pretty important place just ask.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: