Okay last time, now if there's any file at all, dont save the .save file. (foolproof? :)

git-svn-id: svn://svn.savannah.gnu.org/nano/trunk/nano@368 35c25a1d-7b9e-4130-9fde-d3aeb78583b8

Okay last time, now if there's any file at all, dont save the .save file. (foolproof? :)
git-svn-id: svn://svn.savannah.gnu.org/nano/trunk/nano@368 35c25a1d-7b9e-4130-9fde-d3aeb78583b8
581bc60d · Chris Allegretta · d7ad75ad · 581bc60d · 581bc60d · 581bc60d
Commit 581bc60d authored 24 years ago by Chris Allegretta
Hide whitespace changes
Inline Side-by-side

Showing

with 7 additions and 9 deletions
+7 -9
--- a/ChangeLog
+++ b/ChangeLog
@@ -23,8 +23,7 @@ CVS code -
 - files.c:
  write_file()
 	- Unsetting modified on temp files bug fixed (Rocco Corsi).
-	- Okay, if tmp == 1 and the file is a symlink the user doesn't
+	- Okay, if tmp == 1 and the file exists, we abort.
-	  own, we return -1.
  do_insertfile()
 	- Added call to real_name_from tilde, oops.  Added check for
 	  DISABLE_TABCOMP.
@@ -66,7 +65,7 @@ CVS code -
  die()
 	- Now creates .save file using variable-length strings.  Also
 	  calls write_file with tmp == 1, which happens to do exactly what
-	  we want (abort on save file is a symlink and use mode 0600).
+	  we want (abort on save file exists and use mode 0600).
  handle_sighup()
 	- Now calls die instead of writing on its own and exiting normally.
 - search.c:

--- a/files.c
+++ b/files.c
@@ -321,7 +321,6 @@ int write_file(char *name, int tmp)
    realname = mallocstrcpy(realname, name);
 #endif
    /* Save the state of file at the end of the symlink */
    realexists = stat(realname, &st);
@@ -330,9 +329,9 @@ int write_file(char *name, int tmp)
       cause unexpected behavior */
    lstat(realname, &st);
-    /* New case: if it's a symlink and tmp is set AND the user does not
+    /* New case: if the file exists, just give up.  Easy way out of
-	own the symlink, abort.  It could be a symlink attack */
+	all security issues */
-    if (tmp && S_ISLNK(st.st_mode) && getuid() != st.st_uid)
+    if (tmp && realexists != -1)
 	 return -1;
    else if (ISSET(FOLLOW_SYMLINKS) || !S_ISLNK(st.st_mode)) {
@@ -430,7 +429,7 @@ int write_file(char *name, int tmp)
 	} else {
 	    /* Use permissions from file we are overwriting. */
 	    mask = st.st_mode;
-	    if (!tmp && unlink(realname) == -1) {
+	    if (unlink(realname) == -1) {
 		if (errno != ENOENT) {
 		    statusbar(_("Could not open %s for writing: %s"),
 			      realname, strerror(errno));

--- a/nano.c
+++ b/nano.c
@@ -136,7 +136,7 @@ void die(char *msg, ...)
    if (i != -1)
 	fprintf(stderr, _("\nBuffer written to %s\n"), name);
    else
-	fprintf(stderr, _("\nNo .save file written (symlink encountered?)\n"));
+	fprintf(stderr, _("\nNo .save file written (file exists?)\n"));
    exit(1);			/* We have a problem: exit w/ errorlevel(1) */
 }