app-accessibility/brltty/files/brltty-6.3-use-fchmod-on-socket.patch

commit 81cc72e023f6ca0fe6952d9b266ed937b38d28bc
Author: Dave Mielke <Dave@Mielke.cc>
Date:   Thu Jun 17 21:07:40 2021 -0400

    Use fchmod (not chmod) to adjust the BrlAPI socket permissions. (dm)

diff --git a/Programs/brlapi_server.c b/Programs/brlapi_server.c
index 74bac5b09..c567264fb 100644
--- a/Programs/brlapi_server.c
+++ b/Programs/brlapi_server.c
@@ -3036,32 +3036,28 @@ static int readPid(char *path)
 }
 
 static int
-adjustPermissions (const char *path) {
-  int adjust = !geteuid();
+adjustPermissions (
+  const void *object, const char *container,
+  int (*getStatus) (const void *object, struct stat *status),
+  int (*setPermissions) (const void *object, mode_t permissions)
+) {
+  uid_t user = geteuid();
+  int adjust = !user;
 
   if (!adjust) {
-    char *directory = getPathDirectory(path);
-
-    if (directory) {
-      struct stat status;
-
-      if (stat(directory, &status) == -1) {
-        logSystemError("stat");
-      } else if (status.st_uid == geteuid()) {
-        adjust = 1;
-      }
+    struct stat status;
 
-      free(directory);
+    if (stat(container, &status) == -1) {
+      logSystemError("stat");
+    } else if (status.st_uid == user) {
+      adjust = 1;
     }
   }
 
   if (adjust) {
     struct stat status;
 
-    if (stat(path, &status) == -1) {
-      logSystemError("stat");
-      return 0;
-    }
+    if (!getStatus(object, &status)) return 0;
 
     {
       mode_t oldPermissions = status.st_mode & ~S_IFMT;
@@ -3074,8 +3070,7 @@ adjustPermissions (const char *path) {
 #endif
 
       if (newPermissions != oldPermissions) {
-        if (chmod(path, newPermissions) == -1) {
-          logSystemError("chmod");
+        if (!setPermissions(object, newPermissions)) {
           return 0;
         }
       }
@@ -3084,6 +3079,60 @@ adjustPermissions (const char *path) {
 
   return 1;
 }
+
+static int
+getPathStatus (const void *object, struct stat *status) {
+  const char *path = object;
+  if (stat(path, status) != -1) return 1;
+  logSystemError("stat");
+  return 0;
+}
+
+static int
+setPathPermissions (const void *object, mode_t permissions) {
+  const char *path = object;
+  if (chmod(path, permissions) != -1) return 1;
+  logSystemError("chmod");
+  return 0;
+}
+
+static int
+adjustPathPermissions (const char *path) {
+  int ok = 0;
+  char *parent = getPathDirectory(path);
+
+  if (parent) {
+    if (adjustPermissions(path, parent, getPathStatus, setPathPermissions)) ok = 1;
+    free(parent);
+  }
+
+  return ok;
+}
+
+static int
+getFileStatus (const void *object, struct stat *status) {
+  const int *fd = object;
+  if (fstat(*fd, status) != -1) return 1;
+  logSystemError("fstat");
+  return 0;
+}
+
+static int
+setFilePermissions (const void *object, mode_t permissions) {
+  const int *fd = object;
+  if (fchmod(*fd, permissions) != -1) return 1;
+  logSystemError("fchmod");
+  return 0;
+}
+
+static int
+adjustFilePermissions (int fd, const char *directory) {
+  return adjustPermissions(
+    &fd, directory,
+    getFileStatus,
+    setFilePermissions
+  );
+}
 #endif /* __MINGW32__ */
 
 /* Function : createLocalSocket */
@@ -3169,7 +3218,7 @@ static FileDescriptor createLocalSocket(struct socketInfo *info)
     approximateDelay(1000);
   }
 
-  if (!adjustPermissions(BRLAPI_SOCKETPATH)) {
+  if (!adjustPathPermissions(BRLAPI_SOCKETPATH)) {
     goto outfd;
   }
 
@@ -3281,7 +3330,7 @@ static FileDescriptor createLocalSocket(struct socketInfo *info)
     goto outfd;
   }
 
-  if (!adjustPermissions(sa.sun_path)) {
+  if (!adjustFilePermissions(fd, BRLAPI_SOCKETPATH)) {
     goto outfd;
   }