Fix broker not quiting if password_file is specified as a directory.

Closes #2241. Thanks to Bryan Pearson.
eclipse · Aug 21, 2021 · 6608e85 · 6608e85
1 parent 526b843
commit 6608e85
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/ChangeLog.txt b/ChangeLog.txt
@@ -24,6 +24,8 @@ Broker:
  These clients are now rejected if their keepalive value exceeds
  max_keepalive. This option allows CVE-2020-13849, which is for the MQTT
  v3.1.1 protocol itself rather than an implementation, to be addressed.
+- Fix broker not quiting if e.g. the `password_file` is specified as a
+ directory. Closes #2241.
 
 Client library:
 - If a client uses TLS-PSK then force the default cipher list to use "PSK"

diff --git a/lib/misc_mosq.c b/lib/misc_mosq.c
@@ -37,6 +37,7 @@ SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
 #endif
 
 #include "misc_mosq.h"
+#include "logging_mosq.h"
 
 
 FILE *mosquitto__fopen(const char *path, const char *mode, bool restrict_read)
@@ -116,6 +117,16 @@ FILE *mosquitto__fopen(const char *path, const char *mode, bool restrict_read)
  }
  }
 #else
+ struct stat statbuf;
+ if(stat(path, &statbuf) < 0){
+ return NULL;
+ }
+
+ if(!S_ISREG(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode)){
+ log__printf(NULL, MOSQ_LOG_ERR, "Error: %s is not a file.", path);
+ return NULL;
+ }
+
  if (restrict_read) {
  FILE *fptr;
  mode_t old_mask;
@@ -164,7 +175,7 @@ char *fgets_extending(char **buf, int *buflen, FILE *stream)
 
  do{
  rc = fgets(&((*buf)[offset]), (*buflen)-offset, stream);
- if(feof(stream)){
+ if(feof(stream) || rc == NULL){
  return rc;
  }