From 60e21eabb4c48a966238218bc249b51823f6a65d Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <jak@debian.org>
Date: Sat, 11 Feb 2017 22:17:08 +0100
Subject: Don't use -1 fd and AT_SYMLINK_NOFOLLOW for faccessat()

-1 is not an allowed value for the file descriptor, the only
allowed non-file-descriptor value is AT_FDCWD. So use that
instead.

AT_SYMLINK_NOFOLLOW has a weird semantic: It checks whether
we have the specified access on the symbolic link. It also
is implemented only by glibc on Linux, so it's inherently
non-portable. We should just drop it.

Thanks: James Clarke for debugging these issues
Reported-by: James Clarke <jrtc27@jrtc27.com>
(cherry picked from commit 25f54c960d7a4ceca7bd3e21f87baf48d6cbc2d3)
(cherry picked from commit 21242490e80dadb167a64c1815c08e1d2258fb61)
---
 apt-pkg/contrib/fileutl.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index 1691c8ad4..b53277577 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -2733,7 +2733,7 @@ static std::string APT_NONNULL(1) GetTempDirEnv(char const * const env)	/*{{{*/
 	 stat(tmpdir, &st) != 0 || (st.st_mode & S_IFDIR) == 0) // exists and is directory
       tmpdir = "/tmp";
    else if (geteuid() != 0 && // root can do everything anyway
-	 faccessat(-1, tmpdir, R_OK | W_OK | X_OK, AT_EACCESS | AT_SYMLINK_NOFOLLOW) != 0) // current user has rwx access to directory
+	 faccessat(AT_FDCWD, tmpdir, R_OK | W_OK | X_OK, AT_EACCESS) != 0) // current user has rwx access to directory
       tmpdir = "/tmp";
 
    return string(tmpdir);
-- 
cgit v1.2.3