pkgs/development/python-modules/fmpy/0003-remoting-client-create-lockfile-with-explicit-r-w.patch at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / pkgs / development / python-modules / fmpy / 0003-remoting-client-create-lockfile-with-explicit-r-w.patch

at master 2.2 kB view raw

 1From bf0f536776d2554a99af3fbcc08fa4c43bba1c7e Mon Sep 17 00:00:00 2001
 2From: Viktor Sonesten <v@tmplt.dev>
 3Date: Mon, 5 May 2025 17:40:10 +0200
 4Subject: [PATCH] remoting/client: create lockfile with explicit r+w
 5MIME-Version: 1.0
 6Content-Type: text/plain; charset=UTF-8
 7Content-Transfer-Encoding: 8bit
 8
 9This fixes the compilation error below, which is triggered in hardened
10build environments (e.g. NixOS):
11
12       > In file included from /nix/store/aaaaaaaa-glibc-2.40-66-dev/include/fcntl.h:341,
13       >                  from /build/source/native/remoting/client_tcp.cpp:12:
14       > In function ‘int open(const char*, int, ...)’,
15       >     inlined from ‘void* fmi2Instantiate(fmi2String, fmi2Type, fmi2String, fmi2String, const fmi2CallbackFunctions*, fmi2Boolean, fmi2Boolean)’ at /build/source/native/remoting/client_tcp.cpp:217:28:
16       > /nix/store/aaaaaaaa-glibc-2.40-66-dev/include/bits/fcntl2.h:52:31: error: call to ‘__open_missing_mode’ declared with attribute error: open with O_CREAT or O_TMPFILE in second argument needs 3 arguments
17       >    52 |           __open_missing_mode ();
18       >       |           ~~~~~~~~~~~~~~~~~~~~^~
19
20In short: O_CREAT without explicit mode params may generate a file
21with suid/sgid. Error triggered by _FORTIFY_SOURCE. This commit
22explicitly creates the file with read/write permissions for the file
23owner.
24
25Adopted from https://github.com/facebook/hhvm/issues/168
26---
27 native/remoting/client_tcp.cpp | 2 +-
28 1 file changed, 1 insertion(+), 1 deletion(-)
29
30diff --git a/native/remoting/client_tcp.cpp b/native/remoting/client_tcp.cpp
31index 708c895..7acbc80 100644
32--- a/native/remoting/client_tcp.cpp
33+++ b/native/remoting/client_tcp.cpp
34@@ -214,7 +214,7 @@ fmi2Component fmi2Instantiate(fmi2String instanceName, fmi2Type fmuType, fmi2Str
35         // create lock file
36         const char *lockFilePath = tempnam(NULL, "");
37
38-        int lockFile = open(lockFilePath, O_CREAT | O_EXCL);
39+        int lockFile = open(lockFilePath, O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
40
41         if (lockFile == -1) {
42             s_logger(s_componentEnvironment, instanceName, fmi2Error, "error", "Failed to create lock file %s.", lockFilePath);
43--
442.47.1