]> code.delx.au - pulseaudio/blob - src/pulsecore/pid.c
delx.au / code / pulseaudio / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
use O_NOFOLLOW when creating PID file, to avoid symlink vulnerability
[pulseaudio] / src / pulsecore / pid.c
1 /* $Id$ */
2
3 /***
4 This file is part of PulseAudio.
5
6 Copyright 2004-2006 Lennart Poettering
7 Copyright 2006 Pierre Ossman <ossman@cendio.se> for Cendio AB
8
9 PulseAudio is free software; you can redistribute it and/or modify
10 it under the terms of the GNU Lesser General Public License as
11 published by the Free Software Foundation; either version 2 of the
12 License, or (at your option) any later version.
13
14 PulseAudio is distributed in the hope that it will be useful, but
15 WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with PulseAudio; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
22 USA.
23 ***/
24
25 #ifdef HAVE_CONFIG_H
26 #include <config.h>
27 #endif
28
29 #include <fcntl.h>
30 #include <unistd.h>
31 #include <errno.h>
32 #include <sys/types.h>
33 #include <sys/stat.h>
34 #include <string.h>
35 #include <stdio.h>
36 #include <stdlib.h>
37 #include <limits.h>
38 #include <signal.h>
39
40 #ifdef HAVE_WINDOWS_H
41 #include <windows.h>
42 #endif
43
44 #include <pulse/xmalloc.h>
45
46 #include <pulsecore/core-error.h>
47 #include <pulsecore/core-util.h>
48 #include <pulsecore/log.h>
49 #include <pulsecore/macro.h>
50
51 #include "pid.h"
52
53 /* Read the PID data from the file descriptor fd, and return it. If no
54 * pid could be read, return 0, on failure (pid_t) -1 */
55 static pid_t read_pid(const char *fn, int fd) {
56 ssize_t r;
57 char t[20], *e;
58 uint32_t pid;
59
60 pa_assert(fn);
61 pa_assert(fd >= 0);
62
63 if ((r = pa_loop_read(fd, t, sizeof(t)-1, NULL)) < 0) {
64 pa_log_warn("Failed to read PID file '%s': %s", fn, pa_cstrerror(errno));
65 return (pid_t) -1;
66 }
67
68 if (r == 0)
69 return (pid_t) 0;
70
71 t[r] = 0;
72 if ((e = strchr(t, '\n')))
73 *e = 0;
74
75 if (pa_atou(t, &pid) < 0) {
76 pa_log_warn("Failed to parse PID file '%s'", fn);
77 return (pid_t) -1;
78 }
79
80 return (pid_t) pid;
81 }
82
83 static int open_pid_file(const char *fn, int mode) {
84 int fd = -1;
85
86 pa_assert(fn);
87
88 for (;;) {
89 struct stat st;
90
91 if ((fd = open(fn, mode|O_NOCTTY
92 #ifdef O_NOFOLLOW
93 |O_NOFOLLOW
94 #endif
95 , S_IRUSR|S_IWUSR
96 )) < 0) {
97 if (mode != O_RDONLY || errno != ENOENT)
98 pa_log_warn("Failed to open PID file '%s': %s", fn, pa_cstrerror(errno));
99 goto fail;
100 }
101
102 /* Try to lock the file. If that fails, go without */
103 if (pa_lock_fd(fd, 1) < 0)
104 goto fail;
105
106 if (fstat(fd, &st) < 0) {
107 pa_log_warn("Failed to fstat() PID file '%s': %s", fn, pa_cstrerror(errno));
108 goto fail;
109 }
110
111 /* Does the file still exist in the file system? When ye, w're done, otherwise restart */
112 if (st.st_nlink >= 1)
113 break;
114
115 if (pa_lock_fd(fd, 0) < 0)
116 goto fail;
117
118 if (pa_close(fd) < 0) {
119 pa_log_warn("Failed to close file '%s': %s", fn, pa_cstrerror(errno));
120 fd = -1;
121 goto fail;
122 }
123
124 fd = -1;
125 }
126
127 return fd;
128
129 fail:
130
131 if (fd >= 0) {
132 pa_lock_fd(fd, 0);
133 pa_close(fd);
134 }
135
136 return -1;
137 }
138
139 /* Create a new PID file for the current process. */
140 int pa_pid_file_create(void) {
141 int fd = -1;
142 int ret = -1;
143 char fn[PATH_MAX];
144 char t[20];
145 pid_t pid;
146 size_t l;
147
148 #ifdef OS_IS_WIN32
149 HANDLE process;
150 #endif
151
152 pa_runtime_path("pid", fn, sizeof(fn));
153
154 if ((fd = open_pid_file(fn, O_CREAT|O_RDWR)) < 0)
155 goto fail;
156
157 if ((pid = read_pid(fn, fd)) == (pid_t) -1)
158 pa_log_warn("Corrupt PID file, overwriting.");
159 else if (pid > 0) {
160 #ifdef OS_IS_WIN32
161 if ((process = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, pid)) != NULL) {
162 CloseHandle(process);
163 #else
164 if (kill(pid, 0) >= 0 || errno != ESRCH) {
165 #endif
166 pa_log("Daemon already running.");
167 goto fail;
168 }
169
170 pa_log_warn("Stale PID file, overwriting.");
171 }
172
173 /* Overwrite the current PID file */
174 if (lseek(fd, 0, SEEK_SET) == (off_t) -1 || ftruncate(fd, 0) < 0) {
175 pa_log("Failed to truncate PID file '%s': %s", fn, pa_cstrerror(errno));
176 goto fail;
177 }
178
179 pa_snprintf(t, sizeof(t), "%lu\n", (unsigned long) getpid());
180 l = strlen(t);
181
182 if (pa_loop_write(fd, t, l, NULL) != (ssize_t) l) {
183 pa_log("Failed to write PID file.");
184 goto fail;
185 }
186
187 ret = 0;
188
189 fail:
190 if (fd >= 0) {
191 pa_lock_fd(fd, 0);
192
193 if (pa_close(fd) < 0) {
194 pa_log("Failed to close PID file '%s': %s", fn, pa_cstrerror(errno));
195 ret = -1;
196 }
197 }
198
199 return ret;
200 }
201
202 /* Remove the PID file, if it is ours */
203 int pa_pid_file_remove(void) {
204 int fd = -1;
205 char fn[PATH_MAX];
206 int ret = -1;
207 pid_t pid;
208
209 pa_runtime_path("pid", fn, sizeof(fn));
210
211 if ((fd = open_pid_file(fn, O_RDWR)) < 0) {
212 pa_log_warn("Failed to open PID file '%s': %s", fn, pa_cstrerror(errno));
213 goto fail;
214 }
215
216 if ((pid = read_pid(fn, fd)) == (pid_t) -1)
217 goto fail;
218
219 if (pid != getpid()) {
220 pa_log("PID file '%s' not mine!", fn);
221 goto fail;
222 }
223
224 if (ftruncate(fd, 0) < 0) {
225 pa_log_warn("Failed to truncate PID file '%s': %s", fn, pa_cstrerror(errno));
226 goto fail;
227 }
228
229 #ifdef OS_IS_WIN32
230 pa_lock_fd(fd, 0);
231 close(fd);
232 fd = -1;
233 #endif
234
235 if (unlink(fn) < 0) {
236 pa_log_warn("Failed to remove PID file '%s': %s", fn, pa_cstrerror(errno));
237 goto fail;
238 }
239
240 ret = 0;
241
242 fail:
243
244 if (fd >= 0) {
245 pa_lock_fd(fd, 0);
246
247 if (pa_close(fd) < 0) {
248 pa_log_warn("Failed to close PID file '%s': %s", fn, pa_cstrerror(errno));
249 ret = -1;
250 }
251 }
252
253 return ret;
254 }
255
256 /* Check whether the daemon is currently running, i.e. if a PID file
257 * exists and the PID therein too. Returns 0 on succcess, -1
258 * otherwise. If pid is non-NULL and a running daemon was found,
259 * return its PID therein */
260 int pa_pid_file_check_running(pid_t *pid) {
261 return pa_pid_file_kill(0, pid);
262 }
263
264 #ifndef OS_IS_WIN32
265
266 /* Kill a current running daemon. Return non-zero on success, -1
267 * otherwise. If successful *pid contains the PID of the daemon
268 * process. */
269 int pa_pid_file_kill(int sig, pid_t *pid) {
270 int fd = -1;
271 char fn[PATH_MAX];
272 int ret = -1;
273 pid_t _pid;
274
275 if (!pid)
276 pid = &_pid;
277
278 pa_runtime_path("pid", fn, sizeof(fn));
279
280 if ((fd = open_pid_file(fn, O_RDONLY)) < 0)
281 goto fail;
282
283 if ((*pid = read_pid(fn, fd)) == (pid_t) -1)
284 goto fail;
285
286 ret = kill(*pid, sig);
287
288 fail:
289
290 if (fd >= 0) {
291 pa_lock_fd(fd, 0);
292 pa_close(fd);
293 }
294
295 return ret;
296
297 }
298
299 #else /* OS_IS_WIN32 */
300
301 int pa_pid_file_kill(int sig, pid_t *pid) {
302 return -1;
303 }
304
305 #endif