Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 43214 Details for
Bug 69137
sys-apps/portage: SANDBOX_DEBUG(|_LOG) lacks sanity checks
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
libsandbox.c additions for checking log paths
sandbox.patch (text/plain), 3.99 KB, created by
Brian Harring (RETIRED)
on 2004-11-03 05:17:15 UTC
(
hide
)
Description:
libsandbox.c additions for checking log paths
Filename:
MIME Type:
Creator:
Brian Harring (RETIRED)
Created:
2004-11-03 05:17:15 UTC
Size:
3.99 KB
patch
obsolete
>Index: libsandbox.c >=================================================================== >RCS file: /var/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v >retrieving revision 1.22 >retrieving revision 1.22.2.1 >diff -u -r1.22 -r1.22.2.1 >--- libsandbox.c 10 Oct 2004 10:07:21 -0000 1.22 >+++ libsandbox.c 3 Nov 2004 13:12:55 -0000 1.22.2.1 >@@ -25,7 +25,7 @@ > * as some of the InstallWatch code was used. > * > * >- * $Header: /var/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v 1.22 2004/10/10 10:07:21 carpaski Exp $ >+ * $Header: /var/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v 1.22.2.1 2004/11/03 13:12:55 ferringb Exp $ > * > */ > >@@ -1180,10 +1180,8 @@ > } else { > tmp_buffer = (char *) malloc(SB_PATH_MAX * sizeof (char)); > egetcwd(tmp_buffer, SB_PATH_MAX - 1); >- absolute_path = (char *) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1) >- * sizeof (char)); >+ absolute_path = (char *) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1) * sizeof (char)); > sprintf(absolute_path, "%s/%s", tmp_buffer, file); >- > if (tmp_buffer) > free(tmp_buffer); > tmp_buffer = NULL; >@@ -1208,23 +1206,30 @@ > if (NULL != log_path) { > sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "", > absolute_path); >- >+ // log_path somehow gets corrupted. figuring out why would be good. >+ char *dpath = strdup(log_path); > if ((0 == lstat(log_path, &log_stat)) > && (0 == S_ISREG(log_stat.st_mode)) > ) { > fprintf(stderr, >- "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", >- log_path); >+ "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", >+ dpath); >+ } else if (0 == check_access(sbcontext, "open_wr", dpath)) { >+ unsetenv("SANDBOX_LOG"); >+ fprintf(stderr, >+ "\e[31;01mSECURITY BREACH\033[0m SANDBOX_LOG %s isn't allowed via SANDBOX_WRITE\n", >+ dpath); > } else { >- log_file = true_open(log_path, >- O_APPEND | O_WRONLY >- | O_CREAT, >- S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); >+ log_file = true_open(dpath, >+ O_APPEND | O_WRONLY >+ | O_CREAT, >+ S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); > if (log_file >= 0) { > write(log_file, buffer, strlen(buffer)); > close(log_file); > } > } >+ free(dpath); > } > } > >@@ -1234,28 +1239,36 @@ > if (0 != strncmp(absolute_path, debug_log_path, strlen(debug_log_path))) { > sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "", > absolute_path); >- >+ //debug_log_path somehow gets corupted, same thing as log_path above. >+ char *dpath = strdup(debug_log_path); > if ((0 == lstat(debug_log_path, &debug_log_stat)) > && (0 == S_ISREG(debug_log_stat.st_mode)) > ) { > fprintf(stderr, >- "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", >- log_path); >- } else { >+ "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", >+ debug_log_path); >+ } else if (0 == check_access(sbcontext, "open_wr", dpath)) { >+ unsetenv("SANDBOX_DEBUG"); >+ unsetenv("SANDBOX_DEBUG_LOG"); >+ fprintf(stderr, >+ "\e[31;01mSECURITY BREACH\033[0m SANDBOX_DEBUG_LOG %s isn't allowed by SANDBOX_WRITE.\n", >+ dpath); >+ } else { > debug_log_file = >- true_open(debug_log_path, >- O_APPEND | O_WRONLY | >- O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); >+ true_open(dpath, >+ O_APPEND | O_WRONLY | >+ O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); > if (debug_log_file >= 0) { > write(debug_log_file, buffer, strlen(buffer)); > close(debug_log_file); > } > } >+ free(dpath); > } > } else { > fprintf(stderr, >- "\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n", >- func, (int) (10 - strlen(func)), "", absolute_path); >+ "\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n", >+ func, (int) (10 - strlen(func)), "", absolute_path); > } > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=43214">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 69137
: 43214
