Nmap Development mailing list archives
Re: fileexistsandisreadable() is still broken
From: Fyodor <fyodor () insecure org>
Date: Tue, 12 Dec 2006 00:48:27 -0800
On Mon, Dec 11, 2006 at 12:46:48PM -0600, Kris Katterjohn wrote:
This still fails to see if the process can read the file. It still only tests if the *file*'s owner can read it, not the *process*'s owner. That's for !WIN32 anyway, I only assume that S_IREAD is equivalent to S_IRUSR.
Good point. I think I didn't apply your patch because it didn't work on Win32. But I've made adjustments so that it does seem to work on both platform, and applied the following patch for the next version: Index: nbase/nbase.h =================================================================== --- nbase/nbase.h (revision 4242) +++ nbase/nbase.h (working copy) @@ -293,6 +293,18 @@ #define S_ISDIR(m) (((m) & _S_IFMT) == _S_IFDIR) #endif +/* Windows doesn't have the access() defines */ +#ifndef F_OK +#define F_OK 00 +#endif +#ifndef W_OK +#define W_OK 02 +#endif +#ifndef R_OK +#define R_OK 04 +#endif + +#define access _access #define stat _stat /* wtf was ms thinking? */ #define execve _execve #define getpid _getpid Index: nmap.cc =================================================================== --- nmap.cc (revision 4243) +++ nmap.cc (working copy) @@ -2310,26 +2309,21 @@ exit(1); } -#ifdef WIN32 -#define STAT_READABLE(st) st.st_mode & S_IREAD -#else -#define STAT_READABLE(st) st.st_mode & S_IRUSR -#endif - -/* Returns true (nonzero) if the file pathname given exists, is not - * a directory and is readable by the executing process. Returns - * zero if it is not +/* Returns true (nonzero) if the file pathname given exists, is not a + * directory and is readable by the executing process. Returns two if + * it is readable and is a directory. Otherwise returns 0. */ + int fileexistsandisreadable(char *pathname) { struct stat st; if (stat(pathname, &st) == -1) return 0; - if (!S_ISDIR(st.st_mode) && STAT_READABLE(st)) + if (!S_ISDIR(st.st_mode) && (access(pathname, R_OK) != -1)) return 1; - if ((st.st_mode & S_IFDIR) && STAT_READABLE(st)) + if ((st.st_mode & S_IFDIR) && (access(pathname, R_OK) != -1)) return 2; return 0; Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- fileexistsandisreadable() is still broken Kris Katterjohn (Dec 11)
- Re: fileexistsandisreadable() is still broken Diman Todorov (Dec 11)
- Re: fileexistsandisreadable() is still broken Kris Katterjohn (Dec 11)
- Re: fileexistsandisreadable() is still broken Fyodor (Dec 12)
- Re: fileexistsandisreadable() is still broken Diman Todorov (Dec 11)