Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/bin/systrace introduce normalize filename function.
details: https://anonhg.NetBSD.org/src/rev/ef148d7b4a0d
branches: trunk
changeset: 550236:ef148d7b4a0d
user: provos <provos%NetBSD.org@localhost>
date: Sat Aug 02 14:29:33 2003 +0000
description:
introduce normalize filename function.
diffstat:
bin/systrace/intercept.c | 51 ++++++++++++++++++++++++++++++++----------------
bin/systrace/intercept.h | 3 +-
2 files changed, 36 insertions(+), 18 deletions(-)
diffs (118 lines):
diff -r 9e0b674b081f -r ef148d7b4a0d bin/systrace/intercept.c
--- a/bin/systrace/intercept.c Sat Aug 02 14:24:30 2003 +0000
+++ b/bin/systrace/intercept.c Sat Aug 02 14:29:33 2003 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: intercept.c,v 1.15 2003/08/02 14:24:30 provos Exp $ */
+/* $NetBSD: intercept.c,v 1.16 2003/08/02 14:29:33 provos Exp $ */
/* $OpenBSD: intercept.c,v 1.29 2002/08/28 03:30:27 itojun Exp $ */
/*
* Copyright 2002 Niels Provos <provos%citi.umich.edu@localhost>
@@ -30,7 +30,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__RCSID("$NetBSD: intercept.c,v 1.15 2003/08/02 14:24:30 provos Exp $");
+__RCSID("$NetBSD: intercept.c,v 1.16 2003/08/02 14:29:33 provos Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -571,17 +571,35 @@
char *
intercept_filename(int fd, pid_t pid, void *addr, int userp)
{
+ char *name;
+
+ if ((name = intercept_get_string(fd, pid, addr)) == NULL)
+ goto abort;
+
+ if ((name = normalize_filename(fd, pid, name, userp)) == NULL)
+ goto abort;
+
+ return (name);
+
+ abort:
+ ic_abort = 1;
+ return (NULL);
+}
+
+/*
+ * Normalizes a pathname so that Systrace policies entries are
+ * invariant to symlinks.
+ */
+
+char *
+normalize_filename(int fd, pid_t pid, char *name, int userp)
+{
static char cwd[2*MAXPATHLEN];
- char *name;
int havecwd = 0;
- name = intercept_get_string(fd, pid, addr);
- if (name == NULL)
- goto abort;
-
- if (intercept.setcwd(fd, pid) == -1) {
+ if (fd != -1 && intercept.setcwd(fd, pid) == -1) {
if (errno == EBUSY)
- goto abort;
+ return (NULL);
getcwderr:
if (strcmp(name, "/") == 0)
return (name);
@@ -608,13 +626,16 @@
if (userp != ICLINK_NONE) {
static char rcwd[2*MAXPATHLEN];
+ char *file = basename(cwd);
int failed = 0;
+ /* The dot may be used by rmdir("/tmp/something/.") */
+ if (strcmp(file, ".") == 0)
+ goto nolast;
+
if (userp == ICLINK_NOLAST) {
- char *file = basename(cwd);
-
/* Check if the last component has special meaning */
- if (strcmp(file, ".") == 0 || strcmp(file, "..") == 0)
+ if (strcmp(file, "..") == 0 || strcmp(file, "/") == 0)
userp = ICLINK_ALL;
else
goto nolast;
@@ -673,7 +694,7 @@
/* Restore working directory and change root space after realpath */
- if (intercept.restcwd(fd) == -1)
+ if (fd != -1 && intercept.restcwd(fd) == -1)
err(1, "%s: restcwd", __func__);
return (name);
@@ -681,10 +702,6 @@
error:
errx(1, "%s: filename too long", __func__);
/* NOTREACHED */
-
- abort:
- ic_abort = 1;
- return (NULL);
}
void
diff -r 9e0b674b081f -r ef148d7b4a0d bin/systrace/intercept.h
--- a/bin/systrace/intercept.h Sat Aug 02 14:24:30 2003 +0000
+++ b/bin/systrace/intercept.h Sat Aug 02 14:29:33 2003 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: intercept.h,v 1.11 2003/08/02 14:24:30 provos Exp $ */
+/* $NetBSD: intercept.h,v 1.12 2003/08/02 14:29:33 provos Exp $ */
/* $OpenBSD: intercept.h,v 1.11 2002/08/04 04:15:50 provos Exp $ */
/*
* Copyright 2002 Niels Provos <provos%citi.umich.edu@localhost>
@@ -184,6 +184,7 @@
int intercept_existpids(void);
char *intercept_get_string(int, pid_t, void *);
+char *normalize_filename(int, pid_t, char *, int);
char *intercept_filename(int, pid_t, void *, int);
void intercept_syscall(int, pid_t, u_int16_t, int, const char *, int,
const char *, void *, int);
Home |
Main Index |
Thread Index |
Old Index