xdg-document-portal: Honour O_NOFOLLOW on open

Resolve the symlink from /proc before opening See flatpak#1117
hfiguiere · Nov 11, 2023 · 96365d2 · 96365d2
1 parent 7c6d6fd
commit 96365d2
Showing 1 changed file with 14 additions and 1 deletion.
diff --git a/document-portal/document-portal-fuse.c b/document-portal/document-portal-fuse.c
@@ -1861,7 +1861,9 @@ xdp_fuse_open (fuse_req_t req,
   int open_flags = fi->flags;
   g_autofree char *open_flags_string = open_flags_to_string (open_flags);
   int fd;
+  int res;
   g_autofree char *path = NULL;
+  char actual_path[PATH_MAX + 1];
   XdpFile *file = NULL;
   XdpDocumentChecks checks;
   const char *op = "OPEN";
@@ -1877,7 +1879,18 @@ xdp_fuse_open (fuse_req_t req,
     return;
 
   path = fd_to_path (inode->physical->fd);
-  fd = open (path, open_flags, 0);
+  /*
+   * `path` is a path to the fd entry in `/proc`, which is a symlink
+   * to the actual file. Opening it directly with `O_NOFOLLOW` will
+   * fail. So we should resolve it first then we can honour the no
+   * follow flag.
+   */
+  res = readlink (path, actual_path, sizeof (actual_path));
+  if (res == -1)
+    return xdp_reply_err (op, req, errno);
+  actual_path[res] = '\0';
+
+  fd = open (actual_path, open_flags, 0);
   if (fd == -1)
     return xdp_reply_err (op, req, errno);