From 1a180c76551fec42a28af26a7f821e07251a8294 Mon Sep 17 00:00:00 2001
From: Michael Santos <michael.santos@gmail.com>
Date: Mon, 5 Jun 2023 06:53:35 -0400
Subject: [PATCH] rlimit: test if stdout is a file

Fix rlimit process restriction in commit 29d29f21:
* fd 1 is opened by the parent: enforce restrictions at startup
* enable RLIMIT_FSIZE if fd 2 is not a regular file
* fix compile error
---
 src/restrict_process_rlimit.c | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/src/restrict_process_rlimit.c b/src/restrict_process_rlimit.c
index a50a911..ed533df 100644
--- a/src/restrict_process_rlimit.c
+++ b/src/restrict_process_rlimit.c
@@ -17,10 +17,22 @@
 #include <sys/time.h>
 #include <unistd.h>
 
+#include <sys/stat.h>
+#include <sys/types.h>
+
 #include "xmppipe.h"
 
 int restrict_process_init(xmppipe_state_t *state) {
   struct rlimit rl_zero = {0};
+  struct stat sb = {0};
+
+  if (fstat(STDOUT_FILENO, &sb) < 0)
+    return -1;
+
+  if (!S_ISREG(sb.st_mode)) {
+    if (setrlimit(RLIMIT_FSIZE, &rl_zero) < 0)
+      return -1;
+  }
 
   return setrlimit(RLIMIT_NPROC, &rl_zero);
 }
@@ -28,11 +40,6 @@ int restrict_process_init(xmppipe_state_t *state) {
 int restrict_process_stdin(xmppipe_state_t *state) {
   struct rlimit rl = {0};
 
-  if (isatty(STDOUT_FILENO)) {
-    if (setrlimit(RLIMIT_FSIZE, &rl_zero) != 0)
-      return -1;
-  }
-
   rl.rlim_cur = RESTRICT_PROCESS_RLIMIT_NOFILE;
   rl.rlim_max = RESTRICT_PROCESS_RLIMIT_NOFILE;