Commit fcfdcfbb authored by Julian Rother's avatar Julian Rother

Added sanity checks

parent 831c1a69
......@@ -23,6 +23,7 @@ int main(int argc, char *argv[])
jobid = atoi(argv[1]);
path = mprintf("%s/%s", getenv(WORKER_RELEASED), jstr(jlookup(argv[4], "path"), ""));
tmp = mprintf("%s/.tmp-%i", getenv(WORKER_TMP), jobid);
overwrite_check(path);
ping_job(jobid, "running", 0);
demux = 0;
......@@ -74,6 +75,9 @@ int main(int argc, char *argv[])
if (err = av_write_trailer(mux))
job_failed("Error writing trailer to temporary file", av_err2str(err));
avio_closep(&mux->pb);
if (!filesize(tmp))
job_failed("Sanity check failed: Output file is empty");
overwrite_check(path);
if (rename(tmp, path))
job_failed("Overwriting output file failed: %s", strerror(errno));
unlink(tmp);
......
......@@ -98,6 +98,8 @@ int main(int argc, char *argv[])
if (err = av_write_trailer(mux))
job_failed("Error writing trailer to temporary file: %s", av_err2str(err));
avio_closep(&mux->pb);
if (!filesize(tmp))
job_failed("Sanity check failed: Output file is empty");
if (rename(tmp, dest))
job_failed("Overwriting output file failed: %s", strerror(errno));
unlink(tmp);
......
......@@ -274,6 +274,7 @@ int main(int argc, char *argv[])
output = jlookup(argv[4], "output");
outpath = mprintf("%s/%s", getenv(WORKER_RELEASED), jstr(jlookup(output, "path"), ""));
tmppath = mprintf("%s/.tmp-%i", getenv(WORKER_TMP), jobid);
overwrite_check(outpath);
demux = 0;
opts = 0;
......@@ -356,6 +357,9 @@ int main(int argc, char *argv[])
if (err = av_write_trailer(mux))
job_failed("Error writing trailer to temporary file", av_err2str(err));
avio_closep(&mux->pb);
if (!filesize(tmppath))
job_failed("Sanity check failed: Output file is empty");
overwrite_check(outpath);
if (rename(tmppath, outpath))
job_failed("Overwriting output file \"%s\" failed: %s", outpath, strerror(errno));
unlink(tmppath);
......
......@@ -16,6 +16,7 @@ char *hashfile(char *path);
double fileduration(char *path);
size_t filesize(char *path);
char *json_fileinfo(char *path);
void overwrite_check(char *path);
#define WORKER_APIKEY "WORKER_APIKEY"
#define WORKER_APIBASE "WORKER_APIBASE"
......
#include <unistd.h>
#include <sys/stat.h>
#include "../util.h"
void overwrite_check(char *path)
{
struct stat s;
if (stat(path, &s) || !s.st_size)
return; /* We can overwrite non-existing or empty files */
if (s.st_uid != getuid())
job_failed("Refusing to overwrite output file \"%s\": File was not created by worker");
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment