thodg/got

Browse

Commit 85993e64e5ae8fab33cece26e3628509d56f9ec7

Tracey Emery 2020-02-17T17:09:49

apply unveil earlier in gw_summary, instead of waiting on gw_briefs 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

diff --git a/gotweb/gotweb.c b/gotweb/gotweb.c
index 90aca11..b6a5311 100644
--- a/gotweb/gotweb.c
+++ b/gotweb/gotweb.c
@@ -1076,9 +1076,11 @@ gw_briefs(struct gw_trans *gw_trans)
 		goto done;
 	}
 
-	error = gw_apply_unveil(gw_trans->gw_dir->path);
-	if (error)
-		goto done;
+	if (gw_trans->action != GW_SUMMARY) {
+		error = gw_apply_unveil(gw_trans->gw_dir->path);
+		if (error)
+			goto done;
+	}
 
 	if (gw_trans->action == GW_SUMMARY)
 		error = gw_get_header(gw_trans, header, D_MAXSLCOMMDISP);
@@ -1251,7 +1253,9 @@ gw_summary(struct gw_trans *gw_trans)
 	if (pledge("stdio rpath proc exec sendfd unveil", NULL) == -1)
 		return got_error_from_errno("pledge");
 
-	/* unveil is applied with gw_briefs below */
+	error = gw_apply_unveil(gw_trans->gw_dir->path);
+	if (error)
+		goto done;
 
 	kerr = khtml_attr(gw_trans->gw_html_req, KELEM_DIV, KATTR_ID,
 	    "summary_wrapper", KATTR__MAX);
kmx.io     mail     discord kmxgit v0.4.0