* open a file descriptor in a symlink-safe way when combined with
* the @c O_NOFOLLOW flag.
*
+ * The @c O_PATH flag is not used because we want to fail upon
+ * encountering any symlinks.
+ *
* @param at_fd
* A file descriptor relative to which @c pathname will be opened.
*
* @param pathname
* The path to the file/directory/whatever whose descriptor you want.
*
+ * @param flags
+ * File status flags to be passed to @c openat.
+ *
* @return a file descriptor for @c pathname if everything goes well,
* and @c OPEN_ERROR if not.
*/
int safe_open_ex(int at_fd, char* pathname, int flags) {
- if (pathname != NULL && strlen(pathname) == 0) {
+ /* We're only called by safe_open(), so pathname is guaranteed to be
+ non-NULL */
+ if (strlen(pathname) == 0) {
/* Oops, went one level to deep with nothing to do. */
return at_fd;
}
* @param pathname
* The path to the file/directory/whatever whose descriptor you want.
*
+ * @param flags
+ * File status flags to be passed to @c openat.
+ *
* @return a file descriptor for @c pathname if everything goes well,
* and @c OPEN_ERROR if not.
*/
}
int fd = open("/", flags);
+ if (fd == OPEN_ERROR) {
+ perror("safe_open (open)");
+ return OPEN_ERROR;
+ }
+
if (strcmp(abspath, "/") == 0) {
return fd;
}