From c37d413e82fbd6f779ad7200e7bcf8b7c0fe1699 Mon Sep 17 00:00:00 2001 From: damachine Date: Sat, 11 Oct 2025 17:21:02 +0200 Subject: [PATCH 1/4] fix issue file creation with O_NOFOLLOW --- src/main.c | 33 ++++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) diff --git a/src/main.c b/src/main.c index 94305f6..1400af5 100644 --- a/src/main.c +++ b/src/main.c @@ -480,21 +480,32 @@ static void send_shutdown_image_if_needed(void) return; } - // Check if shutdown image file exists - FILE *image_file = fopen(shutdown_image_path, "r"); - if (image_file) + // Sicheres Öffnen der Shutdown-Image-Datei + int img_fd = open(shutdown_image_path, O_RDONLY | O_NOFOLLOW); + if (img_fd != -1) { - // Image exists, send it normally - fclose(image_file); - send_image_to_lcd(g_config_ptr, shutdown_image_path, device_uid); - send_image_to_lcd(g_config_ptr, shutdown_image_path, device_uid); // Send twice for better reliability + struct stat img_st; + if (fstat(img_fd, &img_st) == 0 && S_ISREG(img_st.st_mode)) + { + // Datei ist regulär, kann verwendet werden + close(img_fd); + send_image_to_lcd(g_config_ptr, shutdown_image_path, device_uid); + send_image_to_lcd(g_config_ptr, shutdown_image_path, device_uid); // Send twice for better reliability + } + else + { + // Nicht reguläre Datei oder Fehler + close(img_fd); + log_message(LOG_WARNING, "Shutdown image '%s' ist kein reguläres File oder nicht lesbar", shutdown_image_path); + goto shutdown_image_missing; + } } else { - // Image doesn't exist, create temporary config with brightness 0 to turn off LCD - log_message(LOG_WARNING, "Shutdown image '%s' not found, turning off LCD display", shutdown_image_path); - - // Create a temporary config copy with brightness set to 0 + // Datei existiert nicht oder konnte nicht sicher geöffnet werden + log_message(LOG_WARNING, "Shutdown image '%s' nicht gefunden oder nicht lesbar, turning off LCD display", shutdown_image_path); + // Fallback für fehlende Datei + shutdown_image_missing: Config temp_config = *g_config_ptr; temp_config.lcd_brightness = 0; From d3a09f8c990c0f558f4b9b6caa5e331294d1add7 Mon Sep 17 00:00:00 2001 From: damachine Date: Sat, 11 Oct 2025 17:50:57 +0200 Subject: [PATCH 2/4] fix logging: do not log empty messages --- src/config.c | 31 ++++++++++++++++++++++++++++--- src/main.c | 32 ++++++++++++++++++++++++++++---- 2 files changed, 56 insertions(+), 7 deletions(-) diff --git a/src/config.c b/src/config.c index 2b80f7c..4af5091 100644 --- a/src/config.c +++ b/src/config.c @@ -24,12 +24,24 @@ #include #include #include +#include +#include // cppcheck-suppress-end missingIncludeSystem // Include project headers #include "config.h" #include "coolercontrol.h" +// Define O_NOFOLLOW if not defined (for portability) +#ifndef O_NOFOLLOW +#define O_NOFOLLOW 0 +#endif + +// Ensure fdopen is declared if not available in the environment +#ifndef HAVE_DECL_FDOPEN +FILE *fdopen(int fd, const char *mode); +#endif + /** * @brief Global logging implementation for all modules except main.c * @details Provides unified log output for info, status, warning and error messages. @@ -735,12 +747,25 @@ int load_config(const char *path, Config *config) // Initialize config struct with zeros to ensure fallbacks work memset(config, 0, sizeof(Config)); - // Check if file exists and is readable - FILE *file = fopen(path, "r"); + // Sicheres Öffnen der Konfigurationsdatei + int cfd = open(path, O_RDONLY | O_NOFOLLOW); + FILE *file = NULL; + if (cfd != -1) + { + struct stat cst; + if (fstat(cfd, &cst) == 0 && S_ISREG(cst.st_mode)) + { + file = fdopen(cfd, "r"); + } + else + { + close(cfd); + } + } if (!file) { // File doesn't exist - use fallbacks only - log_message(LOG_INFO, "Config file '%s' not found, using fallback values", path); + log_message(LOG_INFO, "Config file '%s' not found oder nicht regulär, using fallback values", path); get_config_defaults(config); return 0; // Return success, fallbacks are valid } diff --git a/src/main.c b/src/main.c index 1400af5..c4a52b0 100644 --- a/src/main.c +++ b/src/main.c @@ -87,14 +87,38 @@ static const char *read_version_from_file(void) return version_buffer[0] ? version_buffer : DEFAULT_VERSION; } - // Try to read from VERSION file - FILE *fp = fopen("VERSION", "r"); + // Try to read from VERSION file sicher + int vfd = open("VERSION", O_RDONLY | O_NOFOLLOW); + FILE *fp = NULL; + if (vfd != -1) + { + struct stat vst; + if (fstat(vfd, &vst) == 0 && S_ISREG(vst.st_mode)) + { + fp = fdopen(vfd, "r"); + } + else + { + close(vfd); + } + } if (!fp) { // Try alternative path for installed version - fp = fopen("/opt/coolerdash/VERSION", "r"); + vfd = open("/opt/coolerdash/VERSION", O_RDONLY | O_NOFOLLOW); + if (vfd != -1) + { + struct stat vst2; + if (fstat(vfd, &vst2) == 0 && S_ISREG(vst2.st_mode)) + { + fp = fdopen(vfd, "r"); + } + else + { + close(vfd); + } + } } - if (!fp) { log_message(LOG_WARNING, "Could not open VERSION file, using default version"); From 49f5965c5086a14c92fe169b45280f51cc27c589 Mon Sep 17 00:00:00 2001 From: damachine Date: Sat, 11 Oct 2025 17:55:41 +0200 Subject: [PATCH 3/4] fix: sending shutdown image to LCD and fallback to turning off display if image is missing --- src/main.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/main.c b/src/main.c index c4a52b0..7acb3d3 100644 --- a/src/main.c +++ b/src/main.c @@ -504,21 +504,21 @@ static void send_shutdown_image_if_needed(void) return; } - // Sicheres Öffnen der Shutdown-Image-Datei + // Check if shutdown image file exists and is a regular file int img_fd = open(shutdown_image_path, O_RDONLY | O_NOFOLLOW); if (img_fd != -1) { struct stat img_st; if (fstat(img_fd, &img_st) == 0 && S_ISREG(img_st.st_mode)) { - // Datei ist regulär, kann verwendet werden + // Send shutdown image to LCD close(img_fd); send_image_to_lcd(g_config_ptr, shutdown_image_path, device_uid); send_image_to_lcd(g_config_ptr, shutdown_image_path, device_uid); // Send twice for better reliability } else { - // Nicht reguläre Datei oder Fehler + // Not a regular file close(img_fd); log_message(LOG_WARNING, "Shutdown image '%s' ist kein reguläres File oder nicht lesbar", shutdown_image_path); goto shutdown_image_missing; @@ -526,9 +526,9 @@ static void send_shutdown_image_if_needed(void) } else { - // Datei existiert nicht oder konnte nicht sicher geöffnet werden + // File doesn't exist or can't be opened log_message(LOG_WARNING, "Shutdown image '%s' nicht gefunden oder nicht lesbar, turning off LCD display", shutdown_image_path); - // Fallback für fehlende Datei + // Fallback to turning off the display shutdown_image_missing: Config temp_config = *g_config_ptr; temp_config.lcd_brightness = 0; From 00d76e180df977dbb01c5702c3f00122d0531a69 Mon Sep 17 00:00:00 2001 From: damachine Date: Sat, 11 Oct 2025 17:58:27 +0200 Subject: [PATCH 4/4] bump version to 1.84 --- .SRCINFO | 2 +- VERSION | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.SRCINFO b/.SRCINFO index 67ae45f..dc271cb 100644 --- a/.SRCINFO +++ b/.SRCINFO @@ -1,6 +1,6 @@ pkgbase = coolerdash pkgdesc = Extends CoolerControl with a polished LCD dashboard - pkgver = 1.83 + pkgver = 1.84 pkgrel = 1 url = https://github.com/damachine/coolerdash install = coolerdash.install diff --git a/VERSION b/VERSION index 74c280f..40671b9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.83 +1.84