From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=hui5=74=embecosm.com=arthur.cohen@sourceware.org>
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e])
	by sourceware.org (Postfix) with ESMTPS id 4089E38768B3
	for <gcc-rust@gcc.gnu.org>; Wed,  5 Apr 2023 14:06:18 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 4089E38768B3
Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=embecosm.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=embecosm.com
Received: by mail-wr1-x42e.google.com with SMTP id r11so36319108wrr.12
        for <gcc-rust@gcc.gnu.org>; Wed, 05 Apr 2023 07:06:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=embecosm.com; s=google; t=1680703577;
        h=content-transfer-encoding:mime-version:reply-to:references
         :in-reply-to:message-id:date:subject:cc:to:from:from:to:cc:subject
         :date:message-id:reply-to;
        bh=2JYPPufBm17C8gJ68C7axxWbue6wBAVF6i2JaVFRM8c=;
        b=eLtRHGR1fenvlfTi8zZqV2a2aOuZIATRQANX+TNU5tQV6H3ZDQJWIbRN2Rq9a3dcxL
         VLvggh2rUKRws+jL2CkI8BOnDDRH0az6JMaXfGuMx3+V23L/xRbE8N5W1k1kEYUaItf/
         Z77vLxn5b8Qk6/LManz2Jt/Bh1xbcOKcevkfjjwJna15DM3kmeNdQF2OUNpYEe7KQyhX
         lUjZEWhzEiGRGgn8miWOFTsBUWZe2H+qe66Hqyoio4ludz9eUm+emPZm1UVMwiO2w7En
         tlPzioK8hNboTUsHV739Vyuk+q51yIqh48fREB9CJeyWlllPwbfUnYKSfqLi+51hJz9G
         O4XA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112; t=1680703577;
        h=content-transfer-encoding:mime-version:reply-to:references
         :in-reply-to:message-id:date:subject:cc:to:from:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=2JYPPufBm17C8gJ68C7axxWbue6wBAVF6i2JaVFRM8c=;
        b=WdskM2tcKD5CstUd/WLTY9fuqFXtT9c0zC16F4V3aca9RPmPjM8B48cbMEVjP2QZ1K
         wN5+m4H2ZQlVOoWB2aUrYUi4LZ56FE4WsovchzTjb/hZkEDIqydLgPqzqOY8kGHQhBUu
         boSAV2fn9rm00RhDWkxJAFMf/y7YhGMkBX4ymXNaCyXstqgZV1rQhAQQ/EZyAAj+4OqF
         HKpcnldIYYng48zRODgizhwMh98NLmhMyylX+q86RdbUb2CmpzSiwACAuM+0dGkBk5vi
         SN1NprWw+6lLGZOA9kaG425AMfPx/XuabuqxVr8tLPHPcNJFZpIsfVp6X96uUjSiE9VQ
         3YjA==
X-Gm-Message-State: AAQBX9fVK4a9KNTThfyrcULymRcl0UemWXkGu4x9hM0jIXF9570akRGu
	v3EC+ho2mMVkOz75otTxn6tHsZI6EoJtl6S5qQ==
X-Google-Smtp-Source: AKy350bnrVnoxl+o9w9bP2gLzM0d+cTEQYiqo+DvgnXxVfsJnH6r8mtsbuoEKIaTKjahBoP0kFfRYQ==
X-Received: by 2002:a5d:4ac5:0:b0:2cb:d8f1:1d31 with SMTP id y5-20020a5d4ac5000000b002cbd8f11d31mr3978374wrs.18.1680703577180;
        Wed, 05 Apr 2023 07:06:17 -0700 (PDT)
Received: from platypus.localdomain ([62.23.166.218])
        by smtp.gmail.com with ESMTPSA id ay8-20020a05600c1e0800b003edddae1068sm2330150wmb.9.2023.04.05.07.06.16
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 05 Apr 2023 07:06:16 -0700 (PDT)
From: arthur.cohen@embecosm.com
To: gcc-patches@gcc.gnu.org
Cc: gcc-rust@gcc.gnu.org,
	Pierre-Emmanuel Patry <pierre-emmanuel.patry@embecosm.com>
Subject: [committed 69/88] gccrs: lex: Prevent directories in RAIIFile
Date: Wed,  5 Apr 2023 16:03:53 +0200
Message-Id: <20230405140411.3016563-70-arthur.cohen@embecosm.com>
X-Mailer: git-send-email 2.40.0
In-Reply-To: <20230405140411.3016563-1-arthur.cohen@embecosm.com>
References: <20230405140411.3016563-1-arthur.cohen@embecosm.com>
Reply-To: arthur.cohen@embecosm.com
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-14.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <gcc-rust.gcc.gnu.org>

From: Pierre-Emmanuel Patry <pierre-emmanuel.patry@embecosm.com>

RAIIFile constructor was accepting directory filename. This lead to
unattended directory opening in some part of the code (load_file_bytes)
wich resulted in ice. Since RAIIFile are used for the lexer, removing
the ability to open directories with RAIIFile fixes those issues and
prevent future mistakes.

gcc/rust/ChangeLog:

	* lex/rust-lex.h: Add file type check.

Signed-off-by: Pierre-Emmanuel Patry <pierre-emmanuel.patry@embecosm.com>
---
 gcc/rust/lex/rust-lex.h | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/gcc/rust/lex/rust-lex.h b/gcc/rust/lex/rust-lex.h
index 2dd60b365ef..50424713df9 100644
--- a/gcc/rust/lex/rust-lex.h
+++ b/gcc/rust/lex/rust-lex.h
@@ -38,13 +38,37 @@ private:
       fclose (file);
   }
 
+  static bool allowed_filetype (const struct stat &statbuf)
+  {
+    // The file could be either
+    // - a regular file
+    // - a char device (/dev/null...)
+    return S_ISREG (statbuf.st_mode) || S_ISCHR (statbuf.st_mode);
+  }
+
 public:
   RAIIFile (const char *filename) : filename (filename)
   {
     if (strcmp (filename, "-") == 0)
-      file = stdin;
+      {
+	file = stdin;
+      }
     else
-      file = fopen (filename, "r");
+      {
+	struct stat statbuf;
+	if (!(file = fopen (filename, "r")))
+	  {
+	    return;
+	  }
+
+	if (-1 == fstat (fileno (file), &statbuf)
+	    || !allowed_filetype (statbuf))
+	  {
+	    fclose (file);
+	    file = nullptr;
+	    errno = EISDIR;
+	  }
+      }
   }
 
   /**
-- 
2.40.0