ipc: fix removal of temp dir if chmod fails

author: Dmitry Vyukov <dvyukov@google.com> 2015-12-16 17:01:32 +0100
committer: Dmitry Vyukov <dvyukov@google.com> 2015-12-17 14:38:46 +0100
commit: ce0bb4c05d45db0bba56c5ab11d2b1d7c17e002a (patch)
tree: 0ece81cde2ad1d382d34d303b8a5e800255d07ef /ipc
parent: 3d96383e0e6a372909149c5c20404007cf60f371 (diff)
1 files changed, 8 insertions, 4 deletions
diff --git a/ipc/ipc.go b/ipc/ipc.go
index d01b6bb3a..360125053 100644
--- a/ipc/ipc.go
+++ b/ipc/ipc.go
@@ -207,10 +207,11 @@ func createMapping(size int) (f *os.File, mem []byte, err error) {
 		return
 	}
 	f.Close()
+	fname := f.Name()
 	f, err = os.OpenFile(f.Name(), os.O_RDWR, 0)
 	if err != nil {
 		err = fmt.Errorf("failed to open shm file: %v", err)
-		os.Remove(f.Name())
+		os.Remove(fname)
 		return
 	}
 	mem, err = syscall.Mmap(int(f.Fd()), 0, size, syscall.PROT_READ|syscall.PROT_WRITE, syscall.MAP_SHARED)
@@ -253,9 +254,6 @@ func makeCommand(bin []string, timeout time.Duration, flags uint64, inFile *os.F
 	if err != nil {
 		return nil, fmt.Errorf("failed to create temp dir: %v", err)
 	}
-	if err := os.Chmod(dir, 0777); err != nil {
-		return nil, fmt.Errorf("failed to chmod temp dir: %v", err)
-	}
 
 	c := &command{timeout: timeout, dir: dir}
 	defer func() {
@@ -264,6 +262,12 @@ func makeCommand(bin []string, timeout time.Duration, flags uint64, inFile *os.F
 		}
 	}()
 
+	if flags&FlagDropPrivs != 0 {
+		if err := os.Chmod(dir, 0777); err != nil {
+			return nil, fmt.Errorf("failed to chmod temp dir: %v", err)
+		}
+	}
+
 	// Output capture pipe.
 	rp, wp, err := os.Pipe()
 	if err != nil {
author	Dmitry Vyukov <dvyukov@google.com>	2015-12-16 17:01:32 +0100
committer	Dmitry Vyukov <dvyukov@google.com>	2015-12-17 14:38:46 +0100
commit	ce0bb4c05d45db0bba56c5ab11d2b1d7c17e002a (patch)
tree	0ece81cde2ad1d382d34d303b8a5e800255d07ef /ipc
parent	3d96383e0e6a372909149c5c20404007cf60f371 (diff)