diff options
Diffstat (limited to 'src/lib/fs/files.c')
| -rw-r--r-- | src/lib/fs/files.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/lib/fs/files.c b/src/lib/fs/files.c index 55f20dd49e..914a8b8e72 100644 --- a/src/lib/fs/files.c +++ b/src/lib/fs/files.c @@ -85,7 +85,8 @@ tor_open_cloexec(const char *path, int flags, unsigned mode) FILE * tor_fopen_cloexec(const char *path, const char *mode) { - FILE *result = fopen(path, mode); + const char *p = sandbox_intern_string(path); + FILE *result = fopen(p, mode); #ifdef FD_CLOEXEC if (result != NULL) { if (fcntl(fileno(result), F_SETFD, FD_CLOEXEC) == -1) { @@ -572,9 +573,10 @@ write_bytes_to_new_file(const char *fname, const char *str, size_t len, /** * Read the contents of the open file <b>fd</b> presuming it is a FIFO * (or similar) file descriptor for which the size of the file isn't - * known ahead of time. Return NULL on failure, and a NUL-terminated - * string on success. On success, set <b>sz_out</b> to the number of - * bytes read. + * known ahead of time. + * Return NULL on failure, and a NUL-terminated string on success. + * On success, set <b>sz_out</b> to the number of bytes read (not including + * the final NULL, which wasn't read from <b>fd</fd>). */ char * read_file_to_str_until_eof(int fd, size_t max_bytes_to_read, size_t *sz_out) |