[src/netbsd-3]: src/bin/systrace Pull up revision 1.24 (requested by elad in ...

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/0030a60b819b
branches:  netbsd-3
changeset: 576422:0030a60b819b
user:      tron <tron%NetBSD.org@localhost>
date:      Sat Jul 02 17:53:51 2005 +0000

description:
Pull up revision 1.24 (requested by elad in ticket #487):
>From marius@openbsd:
Add an exec message so that whenever a set-uid/gid process executes a new
image which we may control, the exec does not go by unnoticed.

diffstat:

 bin/systrace/intercept.c |  43 ++++++++++++++++++++++++++++++-------------
 1 files changed, 30 insertions(+), 13 deletions(-)

diffs (71 lines):

diff -r ca4e04fd5444 -r 0030a60b819b bin/systrace/intercept.c
--- a/bin/systrace/intercept.c  Sat Jul 02 17:53:45 2005 +0000
+++ b/bin/systrace/intercept.c  Sat Jul 02 17:53:51 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: intercept.c,v 1.20 2004/01/24 03:44:46 provos Exp $    */
+/*     $NetBSD: intercept.c,v 1.20.6.1 2005/07/02 17:53:51 tron Exp $  */
 /*     $OpenBSD: intercept.c,v 1.29 2002/08/28 03:30:27 itojun Exp $   */
 /*
  * Copyright 2002 Niels Provos <provos%citi.umich.edu@localhost>
@@ -30,7 +30,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: intercept.c,v 1.20 2004/01/24 03:44:46 provos Exp $");
+__RCSID("$NetBSD: intercept.c,v 1.20.6.1 2005/07/02 17:53:51 tron Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -816,17 +816,11 @@
 
        icpid = intercept_getpid(pid);
        if (!strcmp("execve", name)) {
-
-               /* Commit the name of the new image */
-               if (icpid->name)
-                       free(icpid->name);
-               icpid->name = icpid->newname;
-               icpid->newname = NULL;
-
-               if (intercept_newimagecb != NULL)
-                       (*intercept_newimagecb)(fd, pid, policynr, emulation,
-                           icpid->name, intercept_newimagecbarg);
-
+               intercept_newimage(fd, pid, policynr, emulation,
+                                  icpid->newname, icpid);
+               /* we might have detached by now */
+               if (intercept_findpid(pid) == NULL)
+                       return;
        }
 
  out:
@@ -834,6 +828,29 @@
        intercept.answer(fd, pid, seqnr, 0, 0, 0, NULL);
 }
 
+void
+intercept_newimage(int fd, pid_t pid, int policynr, const char *emulation,
+                  char *newname, struct intercept_pid *icpid)
+{
+       if (icpid == NULL)
+               icpid = intercept_getpid(pid);
+
+       if (icpid->name)
+               free(icpid->name);
+       if ((icpid->name = strdup(newname)) == NULL)
+               err(1, "%s:%d: strdup", __func__, __LINE__);
+
+       if (icpid->newname != NULL) {
+               free(icpid->newname);
+               icpid->newname = NULL;
+       }
+
+       if (intercept_newimagecb != NULL)
+               (*intercept_newimagecb)(fd, pid, policynr, emulation,
+                   icpid->name, intercept_newimagecbarg);
+
+}
+
 int
 intercept_newpolicy(int fd)
 {