-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose who is using a board when it's blocked #79
base: master
Are you sure you want to change the base?
Conversation
Allow it to be accessed outside cdba-server.c Signed-off-by: Caleb Connolly <[email protected]>
Keep track of who is using a board by writing $CDBA_USER to the lockfile and display it when the board is blocked. Signed-off-by: Caleb Connolly <[email protected]>
err(1, "failed to truncate lockfile %s", lock); | ||
|
||
lseek(fd, 0, SEEK_SET); | ||
if (write(fd, user, n) < 0) |
Check warning
Code scanning / CodeQL
Exposure of system data to an unauthorized control sphere Medium
*call to getenv
This operation exposes system data from
*call to getenv
if (fd < 0) | ||
err(1, "failed to open lockfile %s", lock); | ||
|
||
/* Read current user out of the lockfile if there is one */ | ||
n = read(fd, user, sizeof(user)-1); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should happen under the read-lock (so that reading doesn't collide with unfinished write call). But then we don't want to give away exclusive lock on the file. Maybe it's better to have two files: one for the lock and another one for the username.
|
||
warnx("board is in use, waiting..."); | ||
warnx("board is in use by %s, waiting...", user); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
User is not a constant, it needs to be re-read constantly when printing the message. Consider userB
"stealing" the board while you are waiting for it to be freed by userA
. The message will still print userA
, while you should be pinging userB
.
if (write(fd, user, n) < 0) | ||
err(1, "failed to write lockfile %s", lock); | ||
|
||
warnx("board locked by %s", cdba_user); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
debug message?
|
||
sleep(3); | ||
|
||
/* check that connection isn't gone */ | ||
if (read(STDIN_FILENO, &c, 1) == 0) | ||
errx(1, "connection is gone"); | ||
} | ||
|
||
/* Write our username to the lockfile */ | ||
n = snprintf(user, sizeof(user), "%s\n", cdba_user); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think skipping \n
might be a better choice, it saves the code on both read and write sides.
For peace of mind, the ability to pester said user, and to catch deadlocks.