Nmap Development mailing list archives
fileexistsandisreadable() is still broken
From: Kris Katterjohn <katterjohn () gmail com>
Date: Mon, 11 Dec 2006 12:46:48 -0600
Fyodor wrote:
On Tue, Sep 05, 2006 at 01:14:34PM -0500, Kris Katterjohn wrote:The attached patch fixes fileexistsandisreadable() in nmap.cc by using access() to test for readability instead of bitwise ANDing the mode and S_IRUSR. S_IRUSR only tests to see if the FILE's owner has readThanks. This looks good and I've applied it for the next version. Cheers, -F
In 4.21ALPHA1: #ifdef WIN32 #define STAT_READABLE(st) st.st_mode & S_IREAD #else #define STAT_READABLE(st) st.st_mode & S_IRUSR #endif /* Returns true (nonzero) if the file pathname given exists, is not * a directory and is readable by the executing process. Returns * zero if it is not */ int fileexistsandisreadable(char *pathname) { struct stat st; if (stat(pathname, &st) == -1) return 0; if (!S_ISDIR(st.st_mode) && STAT_READABLE(st)) return 1; if ((st.st_mode & S_IFDIR) && STAT_READABLE(st)) return 2; return 0; } This still fails to see if the process can read the file. It still only tests if the *file*'s owner can read it, not the *process*'s owner. That's for !WIN32 anyway, I only assume that S_IREAD is equivalent to S_IRUSR. I tested it by `chmod u-r /usr/local/share/nmap/*` and trying nmap-4.21ALPHA1 and a ALPHA1 that uses access() instead of the STAT_READABLE. Vanilla-ALPHA1 fails to use nmap-services and resorts to /etc/services, while the one using access() still reads nmap-services. Besides the warning messages, I've verified this through strace. Was there something wrong with using access() besides possible non-portability to Windows? Looking at the man page, access() has existed for quite a while in the UNIX world :) (Also, that [st.st_mode & S_IFDIR] can be replaced with another S_IDIR() macro) Thanks, Kris Katterjohn P.S. I'm kinda in a hurry writing this (though it might not be that obvious looking at the length :), so if you need anything other info or think I might've made a typo in an pretty important place just ask. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- fileexistsandisreadable() is still broken Kris Katterjohn (Dec 11)
- Re: fileexistsandisreadable() is still broken Diman Todorov (Dec 11)
- Re: fileexistsandisreadable() is still broken Kris Katterjohn (Dec 11)
- Re: fileexistsandisreadable() is still broken Fyodor (Dec 12)
- Re: fileexistsandisreadable() is still broken Diman Todorov (Dec 11)