diff options
author | Mike Frysinger <vapier@gentoo.org> | 2010-11-23 07:11:47 -0500 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2010-11-23 07:11:47 -0500 |
commit | 4a383c33005f7ffad6edeed01f78d8e2cca5203d (patch) | |
tree | 392d927cd6b10f1bc0a2c9d643658aabb8be7c0d /libsandbox | |
parent | tests: add another unlinkat test for long paths (diff) | |
download | sandbox-4a383c33005f7ffad6edeed01f78d8e2cca5203d.tar.gz sandbox-4a383c33005f7ffad6edeed01f78d8e2cca5203d.tar.bz2 sandbox-4a383c33005f7ffad6edeed01f78d8e2cca5203d.zip |
libsandbox: fix bug in previous dirfd unificationv2.4
The previous commit (libsandbox: handle dirfd in mkdir/open/unlink *at
prechecks) left a sizeof() in place but unfortunately no longer held the
same meaning. In previous code, the function had access to the buffer
decl and so could get the byte count. In the new code, the function has
access to the pointer only. So sizeof() now wrongly returns the size of
pointers rather than the length of the buffer.
Extend the new helper function to take the length of the buffer it is
given to fix this issue.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Diffstat (limited to 'libsandbox')
-rw-r--r-- | libsandbox/libsandbox.c | 7 | ||||
-rw-r--r-- | libsandbox/libsandbox.h | 2 | ||||
-rw-r--r-- | libsandbox/wrapper-funcs/mkdirat_pre_check.c | 2 | ||||
-rw-r--r-- | libsandbox/wrapper-funcs/openat_pre_check.c | 2 | ||||
-rw-r--r-- | libsandbox/wrapper-funcs/unlinkat_pre_check.c | 2 |
5 files changed, 8 insertions, 7 deletions
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c index 7c97c52..908a150 100644 --- a/libsandbox/libsandbox.c +++ b/libsandbox/libsandbox.c @@ -144,7 +144,8 @@ static const char *sb_get_cmdline(pid_t pid) * 1 - path is in @path (no resolution necessary) * 2 - errno issues -- ignore this path */ -int resolve_dirfd_path(int dirfd, const char *path, char *resolved_path) +int resolve_dirfd_path(int dirfd, const char *path, char *resolved_path, + size_t resolved_path_len) { /* The *at style functions have the following semantics: * - dirfd = AT_FDCWD: same as non-at func: file is based on CWD @@ -158,7 +159,7 @@ int resolve_dirfd_path(int dirfd, const char *path, char *resolved_path) save_errno(); - size_t at_len = sizeof(resolved_path) - 1 - 1 - (path ? strlen(path) : 0); + size_t at_len = resolved_path_len - 1 - 1 - (path ? strlen(path) : 0); sprintf(resolved_path, "/proc/%i/fd/%i", trace_pid ? : getpid(), dirfd); ssize_t ret = readlink(resolved_path, resolved_path, at_len); if (ret == -1) { @@ -1059,7 +1060,7 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in } } - switch (resolve_dirfd_path(dirfd, file, at_file_buf)) { + switch (resolve_dirfd_path(dirfd, file, at_file_buf, sizeof(at_file_buf))) { case -1: return false; case 0: file = at_file_buf; break; case 2: return true; diff --git a/libsandbox/libsandbox.h b/libsandbox/libsandbox.h index 3ef7c71..0324b5b 100644 --- a/libsandbox/libsandbox.h +++ b/libsandbox/libsandbox.h @@ -71,7 +71,7 @@ __attribute__((noreturn)) void sb_abort(void); char *erealpath(const char *, char *); char *egetcwd(char *, size_t); int canonicalize(const char *, char *); -int resolve_dirfd_path(int, const char *, char *); +int resolve_dirfd_path(int, const char *, char *, size_t); /* most linux systems use ENAMETOOLONG, but some (ia64) use ERANGE, as do some BSDs */ #define errno_is_too_long() (errno == ENAMETOOLONG || errno == ERANGE) diff --git a/libsandbox/wrapper-funcs/mkdirat_pre_check.c b/libsandbox/wrapper-funcs/mkdirat_pre_check.c index d037546..4fef14c 100644 --- a/libsandbox/wrapper-funcs/mkdirat_pre_check.c +++ b/libsandbox/wrapper-funcs/mkdirat_pre_check.c @@ -13,7 +13,7 @@ bool sb_mkdirat_pre_check(const char *func, const char *pathname, int dirfd) save_errno(); /* Expand the dirfd path first */ - switch (resolve_dirfd_path(dirfd, pathname, dirfd_path)) { + switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) { case -1: if (is_env_on(ENV_SANDBOX_DEBUG)) SB_EINFO("EARLY FAIL", " %s(%s) @ resolve_dirfd_path: %s\n", diff --git a/libsandbox/wrapper-funcs/openat_pre_check.c b/libsandbox/wrapper-funcs/openat_pre_check.c index 4a63413..23149dc 100644 --- a/libsandbox/wrapper-funcs/openat_pre_check.c +++ b/libsandbox/wrapper-funcs/openat_pre_check.c @@ -17,7 +17,7 @@ bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int /* Expand the dirfd path first */ char dirfd_path[SB_PATH_MAX]; - switch (resolve_dirfd_path(dirfd, pathname, dirfd_path)) { + switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) { case -1: if (is_env_on(ENV_SANDBOX_DEBUG)) SB_EINFO("EARLY FAIL", " %s(%s) @ resolve_dirfd_path: %s\n", diff --git a/libsandbox/wrapper-funcs/unlinkat_pre_check.c b/libsandbox/wrapper-funcs/unlinkat_pre_check.c index 4e4a38d..1c4f7e3 100644 --- a/libsandbox/wrapper-funcs/unlinkat_pre_check.c +++ b/libsandbox/wrapper-funcs/unlinkat_pre_check.c @@ -13,7 +13,7 @@ bool sb_unlinkat_pre_check(const char *func, const char *pathname, int dirfd) save_errno(); /* Expand the dirfd path first */ - switch (resolve_dirfd_path(dirfd, pathname, dirfd_path)) { + switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) { case -1: if (is_env_on(ENV_SANDBOX_DEBUG)) SB_EINFO("EARLY FAIL", " %s(%s) @ resolve_dirfd_path: %s\n", |