From 0f72176ddd8d2650524e8dac92a7225de32faf33 Mon Sep 17 00:00:00 2001
From: Alexander Neumann <alexander@bumpern.de>
Date: Mon, 2 Apr 2018 13:02:16 +0200
Subject: [PATCH] Refuse writing the config in append-only mode

---
 handlers.go | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/handlers.go b/handlers.go
index 1a61a8a..de3f328 100644
--- a/handlers.go
+++ b/handlers.go
@@ -206,22 +206,31 @@ func SaveConfig(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	bytes, err := ioutil.ReadAll(r.Body)
-	if err != nil {
+	f, err := os.OpenFile(cfg, os.O_CREATE|os.O_WRONLY|os.O_EXCL, 0600)
+	if err != nil && os.IsExist(err) {
 		if Config.Debug {
 			log.Print(err)
 		}
-		http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
+		http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
 		return
 	}
 
-	if err := ioutil.WriteFile(cfg, bytes, 0600); err != nil {
+	_, err = io.Copy(f, r.Body)
+	if err != nil {
 		if Config.Debug {
 			log.Print(err)
 		}
 		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
 		return
 	}
+
+	err = f.Close()
+	if err != nil {
+		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+	}
+
+	_ = r.Body.Close()
 }
 
 // DeleteConfig removes a config.
@@ -473,6 +482,11 @@ func SaveBlob(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
+	if os.IsExist(err) {
+		http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
+		return
+	}
+
 	if err != nil {
 		if Config.Debug {
 			log.Print(err)