1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
| | // SPDX-License-Identifier: EUPL-1.2+
// SPDX-FileCopyrightText: 2025 Demi Marie Obenour <demiobenour@gmail.com>
#include <assert.h>
#include <errno.h>
#include <stddef.h>
#include <string.h>
#include <sysexits.h>
#include <fcntl.h>
#include <sys/types.h>
#include <dirent.h>
#include <linux/openat2.h>
#include <sys/syscall.h>
#include <unistd.h>
#include <err.h>
static void checkdir(int fd)
{
DIR *d = fdopendir(fd);
if (d == NULL)
err(1, "fdopendir");
bool found_sha256sums = false;
bool found_sha256sums_gpg = false;
for (;;) {
errno = 0;
struct dirent *entry = readdir(d);
if (entry == NULL) {
if (errno)
err(1, "readdir");
break;
}
assert(entry->d_reclen > offsetof(struct dirent, d_name));
size_t len = strnlen(entry->d_name, entry->d_reclen - offsetof(struct dirent, d_name));
assert(len < entry->d_reclen - offsetof(struct dirent, d_name));
assert(len > 0);
if (entry->d_name[0] == '.')
if (len == 1 || (len == 2 && entry->d_name[1] == '.'))
continue;
if (strcmp(entry->d_name, "SHA256SUMS") == 0) {
found_sha256sums = true;
continue;
}
if (strcmp(entry->d_name, "SHA256SUMS.gpg") == 0) {
found_sha256sums_gpg = true;
continue;
}
unsigned char c = (unsigned char)entry->d_name[0];
if (!((c >= 'A' && c <= 'Z') ||
(c >= 'a' && c <= 'z')))
errx(1, "Filename must begin with an ASCII letter");
for (size_t i = 1; i < len; ++i) {
c = (unsigned char)entry->d_name[i];
if (!((c >= 'A' && c <= 'Z') ||
(c >= 'a' && c <= 'z') ||
(c >= '0' && c <= '9') ||
(c == '_') ||
(c == '-') ||
(c == '.'))) {
if (c >= 0x20 && c <= 0x7E)
errx(1, "Forbidden subsequent character in filename: '%c'", (int)c);
else
errx(1, "Forbidden subsequent character in filename: byte %d", (int)c);
}
}
if (entry->d_name[len - 1] == '.')
errx(1, "Filename must not end with a '.'");
if (entry->d_type != DT_REG)
errx(1, "Entry contains non-regular file %s", entry->d_name);
}
if (!found_sha256sums)
errx(1, "SHA256SUMS not found");
if (!found_sha256sums_gpg)
errx(1, "SHA256SUMS.gpg not found");
closedir(d);
}
int main(int argc, char **argv)
{
for (int i = 1; i < argc; ++i) {
// Avoid symlink attacks.
struct open_how how = {
.flags = O_DIRECTORY|O_RDONLY|O_CLOEXEC|O_NOFOLLOW,
.resolve = RESOLVE_NO_SYMLINKS|RESOLVE_NO_MAGICLINKS,
};
int fd = (int)syscall((long)SYS_openat2, (long)AT_FDCWD, (long)argv[i],
(long)&how, (long)sizeof(how));
if (fd < 0)
err(1, "open(%s)", argv[i]);
checkdir(fd);
}
return 0;
}
|