gpg: Use is_secured_filename before opening the file.

* g10/gpg.c (print_mds): Check by is_secured_filename, earlier. * g10/tdbdump.c (import_ownertrust): Likewise. -- GnuPG-bug-id: 6508 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
author: NIIBE Yutaka <gniibe@fsij.org> 2023-07-14 08:49:23 +0200
committer: NIIBE Yutaka <gniibe@fsij.org> 2023-07-14 08:49:23 +0200
commit: 5d375bb1682548a70882f270f8c8bba7033ab642 (patch)
tree: 61e5c426ad01a9fa49db58bf1acdf07581c18268 /g10/tdbdump.c
parent: sm: Fix open_es_fread and open_es_fwrite for gnupg_fd_t. (diff)
download: gnupg2-5d375bb1682548a70882f270f8c8bba7033ab642.tar.xz
gnupg2-5d375bb1682548a70882f270f8c8bba7033ab642.zip
1 files changed, 5 insertions, 8 deletions
diff --git a/g10/tdbdump.c b/g10/tdbdump.c
index 2a02ad108..9ff3f81a3 100644
--- a/g10/tdbdump.c
+++ b/g10/tdbdump.c
@@ -141,19 +141,16 @@ import_ownertrust (ctrl_t ctrl, const char *fname )
 	fname = "[stdin]";
 	is_stdin = 1;
     }
+    else if (is_secured_filename (fname)) {
+        gpg_err_set_errno (EPERM);
+	log_error (_("can't open '%s': %s\n"), fname, strerror(errno) );
+	return;
+    }
     else if( !(fp = es_fopen( fname, "r" )) ) {
 	log_error ( _("can't open '%s': %s\n"), fname, strerror(errno) );
 	return;
     }
 
-    if (is_secured_file (es_fileno (fp)))
-      {
-        es_fclose (fp);
-        gpg_err_set_errno (EPERM);
-	log_error (_("can't open '%s': %s\n"), fname, strerror(errno) );
-	return;
-      }
-
     while (es_fgets (line, DIM(line)-1, fp)) {
 	TRUSTREC rec;
author	NIIBE Yutaka <gniibe@fsij.org>	2023-07-14 08:49:23 +0200
committer	NIIBE Yutaka <gniibe@fsij.org>	2023-07-14 08:49:23 +0200
commit	5d375bb1682548a70882f270f8c8bba7033ab642 (patch)
tree	61e5c426ad01a9fa49db58bf1acdf07581c18268 /g10/tdbdump.c
parent	sm: Fix open_es_fread and open_es_fwrite for gnupg_fd_t. (diff)
download	gnupg2-5d375bb1682548a70882f270f8c8bba7033ab642.tar.xz gnupg2-5d375bb1682548a70882f270f8c8bba7033ab642.zip