Skip to content

Commit

Permalink
tincctl: restrict umask argument for FORTIFY
Browse files Browse the repository at this point in the history 
`umask(mode)` calls that do not verify `(mode & 0777) == mode` are
rejected when the libc FORTIFY checks are enabled [1].

The unrestricted `~perms` was indeed making this assertion fail.

[1]: https://android.googlesource.com/platform/bionic/+/refs/tags/android-11.0.0_r3/libc/bionic/fortify.cpp#404
  • Loading branch information
@pacien @gsliepen
pacien authored and gsliepen committed Jun 27, 2021
1 parent 2c9126a commit 4cc4b9b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/tincctl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,7 @@ static bool parse_options(int argc, char **argv) {
FILE *fopenmask(const char *filename, const char *mode, mode_t perms) {
mode_t mask = umask(0);
perms &= ~mask;
umask(~perms);
umask(~perms & 0777);
FILE *f = fopen(filename, mode);

if(!f) {
Expand Down

0 comments on commit 4cc4b9b

Please sign in to comment.