basic: fix touch() creating files with 07777 mode

mode_t is unsigned, so MODE_INVALID < 0 can never be true. This fixes a possible DoS where any user could fill /run by writing to a world-writable /run/elogind/show-status.
author: Mantas Mikulėnas <grawity@gmail.com> 2016-01-29 23:36:08 +0200
committer: Sven Eden <yamakuzure@gmx.net> 2017-05-17 15:22:15 +0200
commit: 66362c85779f341b661e45e90ea1ff26f04f1cf2 (patch)
tree: 45b6d6f19c34cc09e5ca054335f069808a79d92b /src/basic
parent: 9a690abcb2df47d950a321fb1b1de5d41ac797a9 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c
index b13a9cbea..e895cac4f 100644
--- a/src/basic/fs-util.c
+++ b/src/basic/fs-util.c
@@ -333,7 +333,8 @@ int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gi
         if (parents)
                 mkdir_parents(path, 0755);
 
-        fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, mode > 0 ? mode : 0644);
+        fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY,
+                        (mode == 0 || mode == MODE_INVALID) ? 0644 : mode);
         if (fd < 0)
                 return -errno;
author	Mantas Mikulėnas <grawity@gmail.com>	2016-01-29 23:36:08 +0200
committer	Sven Eden <yamakuzure@gmx.net>	2017-05-17 15:22:15 +0200
commit	66362c85779f341b661e45e90ea1ff26f04f1cf2 (patch)
tree	45b6d6f19c34cc09e5ca054335f069808a79d92b /src/basic
parent	9a690abcb2df47d950a321fb1b1de5d41ac797a9 (diff)