From ce0bb4c05d45db0bba56c5ab11d2b1d7c17e002a Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Wed, 16 Dec 2015 17:01:32 +0100
Subject: ipc: fix removal of temp dir if chmod fails

---
 ipc/ipc.go | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'ipc')

diff --git a/ipc/ipc.go b/ipc/ipc.go
index d01b6bb3a..360125053 100644
--- a/ipc/ipc.go
+++ b/ipc/ipc.go
@@ -207,10 +207,11 @@ func createMapping(size int) (f *os.File, mem []byte, err error) {
 		return
 	}
 	f.Close()
+	fname := f.Name()
 	f, err = os.OpenFile(f.Name(), os.O_RDWR, 0)
 	if err != nil {
 		err = fmt.Errorf("failed to open shm file: %v", err)
-		os.Remove(f.Name())
+		os.Remove(fname)
 		return
 	}
 	mem, err = syscall.Mmap(int(f.Fd()), 0, size, syscall.PROT_READ|syscall.PROT_WRITE, syscall.MAP_SHARED)
@@ -253,9 +254,6 @@ func makeCommand(bin []string, timeout time.Duration, flags uint64, inFile *os.F
 	if err != nil {
 		return nil, fmt.Errorf("failed to create temp dir: %v", err)
 	}
-	if err := os.Chmod(dir, 0777); err != nil {
-		return nil, fmt.Errorf("failed to chmod temp dir: %v", err)
-	}
 
 	c := &command{timeout: timeout, dir: dir}
 	defer func() {
@@ -264,6 +262,12 @@ func makeCommand(bin []string, timeout time.Duration, flags uint64, inFile *os.F
 		}
 	}()
 
+	if flags&FlagDropPrivs != 0 {
+		if err := os.Chmod(dir, 0777); err != nil {
+			return nil, fmt.Errorf("failed to chmod temp dir: %v", err)
+		}
+	}
+
 	// Output capture pipe.
 	rp, wp, err := os.Pipe()
 	if err != nil {
-- 
cgit mrf-deployment