Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 15076 Details for
Bug 21766
coreutils-5.0 breaks sandbox
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
sandbox-getcwd-fix.patch
sandbox-getcwd-fix.patch (text/plain), 59.25 KB, created by
Martin Schlemmer (RETIRED)
on 2003-07-27 05:29:53 UTC
(
hide
)
Description:
sandbox-getcwd-fix.patch
Filename:
MIME Type:
Creator:
Martin Schlemmer (RETIRED)
Created:
2003-07-27 05:29:53 UTC
Size:
59.25 KB
patch
obsolete
>? coreutils-fix.patch >? sandbox-getcwd-fix.patch >Index: ChangeLog >=================================================================== >RCS file: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/ChangeLog,v >retrieving revision 1.17 >diff -u -b -B -r1.17 ChangeLog >--- ChangeLog 29 Jun 2003 16:20:19 -0000 1.17 >+++ ChangeLog 27 Jul 2003 12:22:31 -0000 >@@ -2,6 +2,22 @@ > # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL v2 > # $Header: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/ChangeLog,v 1.17 2003/06/29 16:20:19 azarah Exp $ > >+ 27 Jul 2003; Martin Schlemmer <azarah@gentoo.org> getcwd.c, libsandbox.c, >+ sandbox_futils.c, canonicalize.c : >+ Once again coreutils fails, as my systems had 2.5 kernel, the getcwd system >+ call handled strings larger than PATH_MAX (bug #21766). It however does not >+ work the same on 2.4 kernels. >+ >+ To fix, I added the posix implementation of getcwd() (from glibc cvs) that >+ do not need the system call. We use the default getcwd() function via a >+ wrapper (egetcwd), and then lstat the returned path. If lstat fails, it >+ means the current directory was removed, OR that the the system call for >+ getcwd failed (curious is that it do not fail and return NULL or set >+ errno, but rather just truncate the retured directory - usually from the >+ start), and if so, we use the generic getcwd() function (__egetcwd). Note >+ that we do not use the generic version all the time, as it calls lstat() >+ a great number of times, and performance degrade much. >+ > 29 Jun 2003; Martin Schlemmer <azarah@gentoo.org> create-localdecls, > libsandbox.c : > Make sure SB_PATH_MAX will not wrap. Fix two possible memory leaks. >Index: Makefile >=================================================================== >RCS file: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/Makefile,v >retrieving revision 1.4 >diff -u -b -B -r1.4 Makefile >--- Makefile 22 Jun 2003 20:01:20 -0000 1.4 >+++ Makefile 27 Jul 2003 12:22:31 -0000 >@@ -22,7 +24,7 @@ > > all: $(TARGETS) > >-sandbox: sandbox.o sandbox_futils.o >+sandbox: sandbox.o sandbox_futils.o getcwd.c > $(CC) $^ -ldl -lc -o $@ > > sandbox.o: sandbox.c sandbox.h >@@ -31,14 +33,11 @@ > sandbox_futils.o: sandbox_futils.c sandbox.h > $(CC) $(CFLAGS) -Wall -c $(OBJ_DEFINES) sandbox_futils.c > >-libsandbox.so: libsandbox.o sandbox_futils.o canonicalize.o >+libsandbox.so: libsandbox.o sandbox_futils.o > $(CC) $^ -shared -fPIC -ldl -lc -o $@ -nostdlib -lgcc > >-libsandbox.o: libsandbox.c localdecls.h >+libsandbox.o: libsandbox.c localdecls.h canonicalize.c getcwd.c > $(CC) $(CFLAGS) -Wall -c $(OBJ_DEFINES) libsandbox.c >- >-canonicalize.o: canonicalize.c localdecls.h >- $(CC) $(CFLAGS) -Wall -c $(OBJ_DEFINES) canonicalize.c > > localdecls.h: create-localdecls libctest.c > ./create-localdecls >Index: canonicalize.c >=================================================================== >RCS file: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/canonicalize.c,v >retrieving revision 1.3 >diff -u -b -B -r1.3 canonicalize.c >--- canonicalize.c 22 Jun 2003 20:01:20 -0000 1.3 >+++ canonicalize.c 27 Jul 2003 12:22:33 -0000 >@@ -1,5 +1,5 @@ > /* Return the canonical absolute name of a given file. >- Copyright (C) 1996, 1997, 1998, 1999, 2000 Free Software Foundation, Inc. >+ Copyright (C) 1996-2001, 2002 Free Software Foundation, Inc. > This file is part of the GNU C Library. > > The GNU C Library is free software; you can redistribute it and/or >@@ -17,10 +17,6 @@ > Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA > 02111-1307 USA. */ > >-/* >- * $Header: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/canonicalize.c,v 1.3 2003/06/22 20:01:20 azarah Exp $ >- */ >- > #include <stdlib.h> > #include <string.h> > #include <unistd.h> >@@ -30,7 +26,7 @@ > #include <errno.h> > #include <stddef.h> > >-#include "localdecls.h" >+//#include <shlib-compat.h> > > #ifndef __set_errno > # define __set_errno(val) errno = (val) >@@ -55,31 +51,28 @@ > * > */ > >-static char * >-ecanonicalize (const char *name, char *resolved) >+char * >+erealpath(const char *name, char *resolved) > { > char *rpath, *dest; > const char *start, *end, *rpath_limit; > long int path_max; > >- if (name == NULL) >- { >+ if (name == NULL) { > /* As per Single Unix Specification V2 we must return an error if > either parameter is a null pointer. We extend this to allow > the RESOLVED parameter to be NULL in case the we are expected to > allocate the room for the return value. */ >- __set_errno (EINVAL); >+ __set_errno(EINVAL); > return NULL; > } > >- if (name[0] == '\0') >- { >+ if (name[0] == '\0') { > /* As per Single Unix Specification V2 we must return an error if > the name argument points to an empty string. */ >- __set_errno (ENOENT); >+ __set_errno(ENOENT); > return NULL; > } >- > #ifdef SB_PATH_MAX > path_max = SB_PATH_MAX; > #else >@@ -83,63 +76,59 @@ > #ifdef SB_PATH_MAX > path_max = SB_PATH_MAX; > #else >- path_max = pathconf (name, _PC_PATH_MAX); >+ path_max = pathconf(name, _PC_SB_PATH_MAX); > if (path_max <= 0) > path_max = 1024; > #endif > >- rpath = resolved ? alloca (path_max) : malloc (path_max); >+ if (resolved == NULL) { >+ rpath = malloc(path_max); >+ if (rpath == NULL) >+ return NULL; >+ } else >+ rpath = resolved; > rpath_limit = rpath + path_max; > >- if (name[0] != '/') >- { >- if (!getcwd (rpath, path_max)) >- { >+ if (name[0] != '/') { >+ if (!egetcwd(rpath, path_max)) { > rpath[0] = '\0'; > goto error; > } >- dest = strchr (rpath, '\0'); >- } >- else >- { >+ dest = strchr(rpath, '\0'); >+ } else { > rpath[0] = '/'; > dest = rpath + 1; > } > >- for (start = end = name; *start; start = end) >- { >+ for (start = end = name; *start; start = end) { > /* Skip sequence of multiple path-separators. */ > while (*start == '/') > ++start; > > /* Find end of path component. */ > for (end = start; *end && *end != '/'; ++end) >- /* Nothing. */; >+ /* Nothing. */ ; > > if (end - start == 0) > break; > else if (end - start == 1 && start[0] == '.') >- /* nothing */; >- else if (end - start == 2 && start[0] == '.' && start[1] == '.') >- { >+ /* nothing */ ; >+ else if (end - start == 2 && start[0] == '.' && start[1] == '.') { > /* Back up to previous component, ignore if at root already. */ > if (dest > rpath + 1) >- while ((--dest)[-1] != '/'); >- } >- else >- { >+ while ((--dest)[-1] != '/') ; >+ } else { > size_t new_size; > > if (dest[-1] != '/') > *dest++ = '/'; > >- if (dest + (end - start) >= rpath_limit) >- { >+ if (dest + (end - start) >= rpath_limit) { > ptrdiff_t dest_offset = dest - rpath; >+ char *new_rpath; > >- if (resolved) >- { >- __set_errno (ENAMETOOLONG); >+ if (resolved) { >+ __set_errno(ENAMETOOLONG); > if (dest > rpath + 1) > dest--; > *dest = '\0'; >@@ -150,47 +139,33 @@ > new_size += end - start + 1; > else > new_size += path_max; >- rpath = realloc (rpath, new_size); >+ new_rpath = (char *) realloc(rpath, new_size); >+ if (new_rpath == NULL) >+ goto error; >+ rpath = new_rpath; > rpath_limit = rpath + new_size; >- if (rpath == NULL) >- return NULL; > > dest = rpath + dest_offset; > } > >- dest = __mempcpy (dest, start, end - start); >+ dest = __mempcpy(dest, start, end - start); > *dest = '\0'; >- > } > } >-#if 0 >+#if 1 > if (dest > rpath + 1 && dest[-1] == '/') > --dest; > #endif > *dest = '\0'; > >- return resolved ? memcpy (resolved, rpath, dest - rpath + 1) : rpath; >+ return resolved ? memcpy(resolved, rpath, dest - rpath + 1) : rpath; > > error: > if (resolved) >- strcpy (resolved, rpath); >+ strcpy(resolved, rpath); > else >- free (rpath); >- return NULL; >-} >- >- >-char * >-erealpath (const char *name, char *resolved) >-{ >- if (resolved == NULL) >- { >- __set_errno (EINVAL); >+ free(rpath); > return NULL; >- } >- >- return ecanonicalize (name, resolved); > } >- > > // vim:expandtab noai:cindent ai >Index: libctest.c >=================================================================== >RCS file: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/libctest.c,v >retrieving revision 1.1 >diff -u -b -B -r1.1 libctest.c >--- libctest.c 25 Aug 2002 06:08:51 -0000 1.1 >+++ libctest.c 27 Jul 2003 12:22:34 -0000 >@@ -1,6 +1,7 @@ > /* Dummy program to check your libc version */ > >-int main(void) { >+int >+main(void) >+{ > return 0; > } >- >Index: libsandbox.c >=================================================================== >RCS file: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/libsandbox.c,v >retrieving revision 1.6 >diff -u -b -B -r1.6 libsandbox.c >--- libsandbox.c 29 Jun 2003 16:20:19 -0000 1.6 >+++ libsandbox.c 27 Jul 2003 12:22:36 -0000 >@@ -1,5 +1,5 @@ > /* >-S * Path sandbox for the gentoo linux portage package system, initially >+ * Path sandbox for the gentoo linux portage package system, initially > * based on the ROCK Linux Wrapper for getting a list of created files > * > * to integrate with bash, bash should have been built like this >@@ -121,20 +119,22 @@ > > typedef struct { > int show_access_violation; >- char** deny_prefixes; >+ char **deny_prefixes; > int num_deny_prefixes; >- char** read_prefixes; >+ char **read_prefixes; > int num_read_prefixes; >- char** write_prefixes; >+ char **write_prefixes; > int num_write_prefixes; >- char** predict_prefixes; >+ char **predict_prefixes; > int num_predict_prefixes; >- char** write_denied_prefixes; >+ char **write_denied_prefixes; > int num_write_denied_prefixes; > } sbcontext_t; > > /* glibc modified realpath() functions */ >-char *erealpath (const char *name, char *resolved); >+char *erealpath(const char *name, char *resolved); >+/* glibc modified getcwd() functions */ >+char *egetcwd(char *, size_t); > > static void init_wrappers(void); > static void *get_dlsym(const char *); >@@ -147,66 +147,67 @@ > static void clean_env_entries(char ***, int *); > static void init_context(sbcontext_t *); > static void init_env_entries(char ***, int *, char *, int); >-static char* filter_path(const char*); >+static char *filter_path(const char *); > static int is_sandbox_on(); > static int is_sandbox_pid(); > > /* Wrapped functions */ > > extern int chmod(const char *, mode_t); >-static int(*true_chmod)(const char *, mode_t); >+static int (*true_chmod) (const char *, mode_t); > extern int chown(const char *, uid_t, gid_t); >-static int(*true_chown)(const char *, uid_t, gid_t); >+static int (*true_chown) (const char *, uid_t, gid_t); > extern int creat(const char *, mode_t); >-static int(*true_creat)(const char *, mode_t); >-extern FILE *fopen(const char *,const char*); >-static FILE *(*true_fopen)(const char *,const char*); >+static int (*true_creat) (const char *, mode_t); >+extern FILE *fopen(const char *, const char *); >+static FILE *(*true_fopen) (const char *, const char *); > extern int lchown(const char *, uid_t, gid_t); >-static int(*true_lchown)(const char *, uid_t, gid_t); >+static int (*true_lchown) (const char *, uid_t, gid_t); > extern int link(const char *, const char *); >-static int(*true_link)(const char *, const char *); >+static int (*true_link) (const char *, const char *); > extern int mkdir(const char *, mode_t); >-static int(*true_mkdir)(const char *, mode_t); >+static int (*true_mkdir) (const char *, mode_t); > extern DIR *opendir(const char *); >-static DIR *(*true_opendir)(const char *); >+static DIR *(*true_opendir) (const char *); > #ifdef WRAP_MKNOD > extern int __xmknod(const char *, mode_t, dev_t); >-static int(*true___xmknod)(const char *, mode_t, dev_t); >+static int (*true___xmknod) (const char *, mode_t, dev_t); > #endif > extern int open(const char *, int, ...); >-static int(*true_open)(const char *, int, ...); >+static int (*true_open) (const char *, int, ...); > extern int rename(const char *, const char *); >-static int(*true_rename)(const char *, const char *); >+static int (*true_rename) (const char *, const char *); > extern int rmdir(const char *); >-static int(*true_rmdir)(const char *); >+static int (*true_rmdir) (const char *); > extern int symlink(const char *, const char *); >-static int(*true_symlink)(const char *, const char *); >+static int (*true_symlink) (const char *, const char *); > extern int truncate(const char *, TRUNCATE_T); >-static int(*true_truncate)(const char *, TRUNCATE_T); >+static int (*true_truncate) (const char *, TRUNCATE_T); > extern int unlink(const char *); >-static int(*true_unlink)(const char *); >+static int (*true_unlink) (const char *); > > #if (GLIBC_MINOR >= 1) > > extern int creat64(const char *, __mode_t); >-static int(*true_creat64)(const char *, __mode_t); >-extern FILE *fopen64(const char *,const char *); >-static FILE *(*true_fopen64)(const char *,const char *); >+static int (*true_creat64) (const char *, __mode_t); >+extern FILE *fopen64(const char *, const char *); >+static FILE *(*true_fopen64) (const char *, const char *); > extern int open64(const char *, int, ...); >-static int(*true_open64)(const char *, int, ...); >+static int (*true_open64) (const char *, int, ...); > extern int truncate64(const char *, __off64_t); >-static int(*true_truncate64)(const char *, __off64_t); >+static int (*true_truncate64) (const char *, __off64_t); > > #endif > >-extern int execve(const char *filename, char *const argv [], char *const envp[]); >-static int (*true_execve)(const char *, char *const [], char *const []); >+extern int execve(const char *filename, char *const argv[], char *const envp[]); >+static int (*true_execve) (const char *, char *const[], char *const[]); > > /* > * Initialize the shabang > */ > >-static void init_wrappers(void) >+static void >+init_wrappers(void) > { > void *libc_handle = NULL; > >@@ -246,7 +247,8 @@ > true_execve = dlsym(libc_handle, "execve"); > } > >-void _init(void) >+void >+_init(void) > { > int old_errno = errno; > char *tmp_string = NULL; >@@ -261,13 +263,15 @@ > tmp_string = get_sandbox_lib("/"); > strncpy(sandbox_lib, tmp_string, 254); > >- if (tmp_string) free(tmp_string); >+ if (tmp_string) >+ free(tmp_string); > tmp_string = NULL; > > errno = old_errno; > } > >-static int canonicalize(const char *path, char *resolved_path) >+static int >+canonicalize(const char *path, char *resolved_path) > { > int old_errno = errno; > char *retval; >@@ -280,7 +284,7 @@ > > retval = erealpath(path, resolved_path); > >- if((!retval) && (path[0] != '/')) { >+ if ((!retval) && (path[0] != '/')) { > /* The path could not be canonicalized, append it > * to the current working directory if it was not > * an absolute path >@@ -288,7 +292,7 @@ > if (errno == ENAMETOOLONG) > return -1; > >- getcwd(resolved_path, SB_PATH_MAX - 2); >+ egetcwd(resolved_path, SB_PATH_MAX - 2); > strcat(resolved_path, "/"); > strncat(resolved_path, path, SB_PATH_MAX - 1); > >@@ -313,7 +317,8 @@ > return 0; > } > >-static void *get_dlsym(const char *symname) >+static void * >+get_dlsym(const char *symname) > { > void *libc_handle = NULL; > void *symaddr = NULL; >@@ -341,14 +346,16 @@ > * Wrapper Functions > */ > >-int chmod(const char *path, mode_t mode) >+int >+chmod(const char *path, mode_t mode) > { > int result = -1; > char canonic[SB_PATH_MAX]; > > canonicalize_int(path, canonic); > >- if FUNCTION_SANDBOX_SAFE("chmod", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("chmod", canonic) { > check_dlsym(chmod); > result = true_chmod(path, mode); > } >@@ -356,14 +363,16 @@ > return result; > } > >-int chown(const char *path, uid_t owner, gid_t group) >+int >+chown(const char *path, uid_t owner, gid_t group) > { > int result = -1; > char canonic[SB_PATH_MAX]; > > canonicalize_int(path, canonic); > >- if FUNCTION_SANDBOX_SAFE("chown", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("chown", canonic) { > check_dlsym(chown); > result = true_chown(path, owner, group); > } >@@ -371,7 +380,8 @@ > return result; > } > >-int creat(const char *pathname, mode_t mode) >+int >+creat(const char *pathname, mode_t mode) > { > /* Is it a system call? */ > int result = -1; >@@ -379,7 +389,8 @@ > > canonicalize_int(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE("creat", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("creat", canonic) { > check_dlsym(open); > result = true_open(pathname, O_CREAT | O_WRONLY | O_TRUNC, mode); > } >@@ -387,22 +398,25 @@ > return result; > } > >-FILE *fopen(const char *pathname, const char *mode) >+FILE * >+fopen(const char *pathname, const char *mode) > { > FILE *result = NULL; > char canonic[SB_PATH_MAX]; > > canonicalize_ptr(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE_CHAR("fopen", canonic, mode) { >+ if FUNCTION_SANDBOX_SAFE_CHAR >+ ("fopen", canonic, mode) { > check_dlsym(fopen); >- result = true_fopen(pathname,mode); >+ result = true_fopen(pathname, mode); > } > > return result; > } > >-int lchown(const char *path, uid_t owner, gid_t group) >+int >+lchown(const char *path, uid_t owner, gid_t group) > { > /* Linux specific? */ > int result = -1; >@@ -410,7 +424,8 @@ > > canonicalize_int(path, canonic); > >- if FUNCTION_SANDBOX_SAFE("lchown", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("lchown", canonic) { > check_dlsym(chown); > result = true_chown(path, owner, group); > } >@@ -418,7 +433,8 @@ > return result; > } > >-int link(const char *oldpath, const char *newpath) >+int >+link(const char *oldpath, const char *newpath) > { > int result = -1; > char old_canonic[SB_PATH_MAX], new_canonic[SB_PATH_MAX]; >@@ -426,7 +442,8 @@ > canonicalize_int(oldpath, old_canonic); > canonicalize_int(newpath, new_canonic); > >- if FUNCTION_SANDBOX_SAFE("link", new_canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("link", new_canonic) { > check_dlsym(link); > result = true_link(oldpath, newpath); > } >@@ -434,14 +451,16 @@ > return result; > } > >-int mkdir(const char *pathname, mode_t mode) >+int >+mkdir(const char *pathname, mode_t mode) > { > int result = -1; > char canonic[SB_PATH_MAX]; > > canonicalize_int(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE("mkdir", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("mkdir", canonic) { > check_dlsym(mkdir); > result = true_mkdir(pathname, mode); > } >@@ -449,14 +468,16 @@ > return result; > } > >-DIR *opendir(const char *name) >+DIR * >+opendir(const char *name) > { > DIR *result = NULL; > char canonic[SB_PATH_MAX]; > > canonicalize_ptr(name, canonic); > >- if FUNCTION_SANDBOX_SAFE("opendir", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("opendir", canonic) { > check_dlsym(opendir); > result = true_opendir(name); > } >@@ -466,14 +487,16 @@ > > #ifdef WRAP_MKNOD > >-int __xmknod(const char *pathname, mode_t mode, dev_t dev) >+int >+__xmknod(const char *pathname, mode_t mode, dev_t dev) > { > int result = -1; > char canonic[SB_PATH_MAX]; > > canonicalize_int(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE("__xmknod", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("__xmknod", canonic) { > check_dlsym(__xmknod); > result = true___xmknod(pathname, mode, dev); > } >@@ -483,7 +506,8 @@ > > #endif > >-int open(const char *pathname, int flags, ...) >+int >+open(const char *pathname, int flags, ...) > { > /* Eventually, there is a third parameter: it's mode_t mode */ > va_list ap; >@@ -499,18 +523,20 @@ > > canonicalize_int(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE_INT("open", canonic, flags) { >+ if FUNCTION_SANDBOX_SAFE_INT >+ ("open", canonic, flags) { > /* We need to resolve open() realtime in some cases, > * else we get a segfault when running /bin/ps, etc > * in a sandbox */ > check_dlsym(open); >- result=true_open(pathname, flags, mode); >+ result = true_open(pathname, flags, mode); > } > > return result; > } > >-int rename(const char *oldpath, const char *newpath) >+int >+rename(const char *oldpath, const char *newpath) > { > int result = -1; > char old_canonic[SB_PATH_MAX], new_canonic[SB_PATH_MAX]; >@@ -518,7 +544,8 @@ > canonicalize_int(oldpath, old_canonic); > canonicalize_int(newpath, new_canonic); > >- if FUNCTION_SANDBOX_SAFE("rename", new_canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("rename", new_canonic) { > check_dlsym(rename); > result = true_rename(oldpath, newpath); > } >@@ -526,14 +553,16 @@ > return result; > } > >-int rmdir(const char *pathname) >+int >+rmdir(const char *pathname) > { > int result = -1; > char canonic[SB_PATH_MAX]; > > canonicalize_int(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE("rmdir", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("rmdir", canonic) { > check_dlsym(rmdir); > result = true_rmdir(pathname); > } >@@ -541,7 +570,8 @@ > return result; > } > >-int symlink(const char *oldpath, const char *newpath) >+int >+symlink(const char *oldpath, const char *newpath) > { > int result = -1; > char old_canonic[SB_PATH_MAX], new_canonic[SB_PATH_MAX]; >@@ -549,7 +579,8 @@ > canonicalize_int(oldpath, old_canonic); > canonicalize_int(newpath, new_canonic); > >- if FUNCTION_SANDBOX_SAFE("symlink", new_canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("symlink", new_canonic) { > check_dlsym(symlink); > result = true_symlink(oldpath, newpath); > } >@@ -557,14 +588,16 @@ > return result; > } > >-int truncate(const char *path, TRUNCATE_T length) >+int >+truncate(const char *path, TRUNCATE_T length) > { > int result = -1; > char canonic[SB_PATH_MAX]; > > canonicalize_int(path, canonic); > >- if FUNCTION_SANDBOX_SAFE("truncate", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("truncate", canonic) { > check_dlsym(truncate); > result = true_truncate(path, length); > } >@@ -572,14 +605,16 @@ > return result; > } > >-int unlink(const char *pathname) >+int >+unlink(const char *pathname) > { > int result = -1; > char canonic[SB_PATH_MAX]; > > canonicalize_int(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE("unlink", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("unlink", canonic) { > check_dlsym(unlink); > result = true_unlink(pathname); > } >@@ -589,7 +624,8 @@ > > #if (GLIBC_MINOR >= 1) > >-int creat64(const char *pathname, __mode_t mode) >+int >+creat64(const char *pathname, __mode_t mode) > { > /* Is it a system call? */ > int result = -1; >@@ -597,7 +633,8 @@ > > canonicalize_int(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE("creat64", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("creat64", canonic) { > check_dlsym(open64); > result = true_open64(pathname, O_CREAT | O_WRONLY | O_TRUNC, mode); > } >@@ -605,22 +642,25 @@ > return result; > } > >-FILE *fopen64(const char *pathname, const char *mode) >+FILE * >+fopen64(const char *pathname, const char *mode) > { > FILE *result = NULL; > char canonic[SB_PATH_MAX]; > > canonicalize_ptr(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE_CHAR("fopen64", canonic, mode) { >+ if FUNCTION_SANDBOX_SAFE_CHAR >+ ("fopen64", canonic, mode) { > check_dlsym(fopen64); >- result = true_fopen(pathname,mode); >+ result = true_fopen(pathname, mode); > } > > return result; > } > >-int open64(const char *pathname, int flags, ...) >+int >+open64(const char *pathname, int flags, ...) > { > /* Eventually, there is a third parameter: it's mode_t mode */ > va_list ap; >@@ -636,22 +676,25 @@ > > canonicalize_int(pathname, canonic); > >- if FUNCTION_SANDBOX_SAFE_INT("open64", canonic, flags) { >+ if FUNCTION_SANDBOX_SAFE_INT >+ ("open64", canonic, flags) { > check_dlsym(open64); >- result=true_open64(pathname, flags, mode); >+ result = true_open64(pathname, flags, mode); > } > > return result; > } > >-int truncate64(const char *path, __off64_t length) >+int >+truncate64(const char *path, __off64_t length) > { > int result = -1; > char canonic[SB_PATH_MAX]; > > canonicalize_int(path, canonic); > >- if FUNCTION_SANDBOX_SAFE("truncate64", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("truncate64", canonic) { > check_dlsym(truncate64); > result = true_truncate64(path, length); > } >@@ -665,7 +708,8 @@ > * Exec Wrappers > */ > >-int execve(const char *filename, char *const argv [], char *const envp[]) >+int >+execve(const char *filename, char *const argv[], char *const envp[]) > { > int old_errno = errno; > int result = -1; >@@ -676,13 +720,15 @@ > > canonicalize_int(filename, canonic); > >- if FUNCTION_SANDBOX_SAFE("execve", canonic) { >+ if FUNCTION_SANDBOX_SAFE >+ ("execve", canonic) { > while (envp[count] != NULL) { > if (strstr(envp[count], "LD_PRELOAD=") == envp[count]) { > if (NULL != strstr(envp[count], sandbox_lib)) { > break; > } else { >- const int max_envp_len = strlen(envp[count]) + strlen(sandbox_lib) + 1; >+ const int max_envp_len = >+ strlen(envp[count]) + strlen(sandbox_lib) + 1; > > /* Backup envp[count], and set it to our own one which > * contains sandbox_lib */ >@@ -697,7 +743,8 @@ > strncpy(new_envp + strlen(old_envp) + 1, sandbox_lib, > max_envp_len - strlen(new_envp)); > } else { >- strncpy(new_envp + strlen(old_envp), sandbox_lib, >+ strncpy(new_envp + >+ strlen(old_envp), sandbox_lib, > max_envp_len - strlen(new_envp)); > } > >@@ -707,7 +754,7 @@ > /* envp[count] = new_envp; > * > * Get rid of the "read-only" warnings */ >- memcpy((void *)&envp[count], &new_envp, sizeof(new_envp)); >+ memcpy((void *) &envp[count], &new_envp, sizeof (new_envp)); > > break; > } >@@ -724,7 +771,7 @@ > /* Restore envp[count] again. > * > * envp[count] = old_envp; */ >- memcpy((void *)&envp[count], &old_envp, sizeof(old_envp)); >+ memcpy((void *) &envp[count], &old_envp, sizeof (old_envp)); > old_envp = NULL; > } > } >@@ -743,10 +790,11 @@ > /* This hack is needed for glibc 2.1.1 (and others?) > * (not really needed, but good example) */ > extern int fclose(FILE *); >-static int (*true_fclose)(FILE *) = NULL; >-int fclose(FILE *file) >+static int (*true_fclose) (FILE *) = NULL; >+int >+fclose(FILE * file) > { >- int result = - 1; >+ int result = -1; > > check_dlsym(fclose); > result = true_fclose(file); >@@ -756,7 +804,8 @@ > > #endif /* GLIBC_MINOR == 1 */ > >-static void init_context(sbcontext_t* context) >+static void >+init_context(sbcontext_t * context) > { > context->show_access_violation = 1; > context->deny_prefixes = NULL; >@@ -771,11 +820,12 @@ > context->num_write_denied_prefixes = 0; > } > >-static int is_sandbox_pid() >+static int >+is_sandbox_pid() > { > int old_errno = errno; > int result = 0; >- FILE* pids_stream = NULL; >+ FILE *pids_stream = NULL; > int pids_file = -1; > int current_pid = 0; > int tmp_pid = 0; >@@ -786,9 +836,7 @@ > > if (NULL == pids_stream) { > perror(">>> pids file fopen"); >- } >- else >- { >+ } else { > pids_file = fileno(pids_stream); > > if (pids_file < 0) { >@@ -815,7 +863,8 @@ > return result; > } > >-static void clean_env_entries(char*** prefixes_array, int* prefixes_num) >+static void >+clean_env_entries(char ***prefixes_array, int *prefixes_num) > { > int old_errno = errno; > int i = 0; >@@ -827,7 +876,8 @@ > (*prefixes_array)[i] = NULL; > } > } >- if (*prefixes_array) free(*prefixes_array); >+ if (*prefixes_array) >+ free(*prefixes_array); > *prefixes_array = NULL; > *prefixes_num = 0; > } >@@ -835,22 +885,23 @@ > errno = old_errno; > } > >-static void init_env_entries(char*** prefixes_array, int* prefixes_num, char* env, int warn) >+static void >+init_env_entries(char ***prefixes_array, int *prefixes_num, char *env, int warn) > { > int old_errno = errno; >- char* prefixes_env = getenv(env); >+ char *prefixes_env = getenv(env); > > if (NULL == prefixes_env) { > fprintf(stderr, > "Sandbox error : the %s environmental variable should be defined.\n", > env); > } else { >- char* buffer = NULL; >+ char *buffer = NULL; > int prefixes_env_length = strlen(prefixes_env); > int i = 0; > int num_delimiters = 0; >- char* token = NULL; >- char* prefix = NULL; >+ char *token = NULL; >+ char *prefix = NULL; > > for (i = 0; i < prefixes_env_length; i++) { > if (':' == prefixes_env[i]) { >@@ -859,7 +910,8 @@ > } > > if (num_delimiters > 0) { >- *prefixes_array = (char **)malloc((num_delimiters + 1) * sizeof(char *)); >+ *prefixes_array = >+ (char **) malloc((num_delimiters + 1) * sizeof (char *)); > buffer = strndupa(prefixes_env, prefixes_env_length); > > #ifdef REENTRANT_STRTOK >@@ -878,12 +930,12 @@ > token = strtok(NULL, ":"); > #endif > >- if (prefix) free(prefix); >+ if (prefix) >+ free(prefix); > prefix = NULL; > } >- } >- else if (prefixes_env_length > 0) { >- (*prefixes_array) = (char **)malloc(sizeof(char *)); >+ } else if (prefixes_env_length > 0) { >+ (*prefixes_array) = (char **) malloc(sizeof (char *)); > > (*prefixes_array)[(*prefixes_num)++] = filter_path(prefixes_env); > } >@@ -892,10 +944,11 @@ > errno = old_errno; > } > >-static char* filter_path(const char* path) >+static char * >+filter_path(const char *path) > { > int old_errno = errno; >- char* filtered_path = (char *)malloc(SB_PATH_MAX * sizeof(char)); >+ char *filtered_path = (char *) malloc(SB_PATH_MAX * sizeof (char)); > > canonicalize_ptr(path, filtered_path); > >@@ -904,23 +957,26 @@ > return filtered_path; > } > >-static int check_access(sbcontext_t* sbcontext, const char* func, const char* path) >+static int >+check_access(sbcontext_t * sbcontext, const char *func, const char *path) > { > int old_errno = errno; > int result = -1; > int i = 0; >- char* filtered_path = filter_path(path); >+ char *filtered_path = filter_path(path); > > if ('/' != filtered_path[0]) { > errno = old_errno; > >- if (filtered_path) free(filtered_path); >+ if (filtered_path) >+ free(filtered_path); > filtered_path = NULL; > > return 0; > } > >- if ((0 == strncmp(filtered_path, "/etc/ld.so.preload", 18)) && (is_sandbox_pid())) { >+ if ((0 == strncmp(filtered_path, "/etc/ld.so.preload", 18)) >+ && (is_sandbox_pid())) { > result = 1; > } > >@@ -929,7 +985,8 @@ > for (i = 0; i < sbcontext->num_deny_prefixes; i++) { > if (NULL != sbcontext->deny_prefixes[i]) { > if (0 == strncmp(filtered_path, >- sbcontext->deny_prefixes[i], >+ sbcontext-> >+ deny_prefixes[i], > strlen(sbcontext->deny_prefixes[i]))) { > result = 0; > break; >@@ -948,22 +1005,22 @@ > (0 == strncmp(func, "execlp", 6)) || > (0 == strncmp(func, "execle", 6)) || > (0 == strncmp(func, "execv", 5)) || >- (0 == strncmp(func, "execvp", 6)) || >- (0 == strncmp(func, "execve", 6)) >+ (0 == strncmp(func, "execvp", 6)) >+ || (0 == strncmp(func, "execve", 6)) > ) > ) { > for (i = 0; i < sbcontext->num_read_prefixes; i++) { > if (NULL != sbcontext->read_prefixes[i]) { > if (0 == strncmp(filtered_path, >- sbcontext->read_prefixes[i], >+ sbcontext-> >+ read_prefixes[i], > strlen(sbcontext->read_prefixes[i]))) { > result = 1; > break; > } > } > } >- } >- else if ((NULL != sbcontext->write_prefixes) && >+ } else if ((NULL != sbcontext->write_prefixes) && > ((0 == strncmp(func, "open_wr", 7)) || > (0 == strncmp(func, "creat", 5)) || > (0 == strncmp(func, "creat64", 7)) || >@@ -990,9 +1047,11 @@ > > for (i = 0; i < sbcontext->num_write_denied_prefixes; i++) { > if (NULL != sbcontext->write_denied_prefixes[i]) { >- if (0 == strncmp(filtered_path, >- sbcontext->write_denied_prefixes[i], >- strlen(sbcontext->write_denied_prefixes[i]))) { >+ if (0 == >+ strncmp(filtered_path, >+ sbcontext-> >+ write_denied_prefixes >+ [i], strlen(sbcontext->write_denied_prefixes[i]))) { > result = 0; > break; > } >@@ -1002,7 +1061,9 @@ > if (-1 == result) { > for (i = 0; i < sbcontext->num_write_prefixes; i++) { > if (NULL != sbcontext->write_prefixes[i]) { >- if (0 == strncmp(filtered_path, >+ if (0 == >+ strncmp >+ (filtered_path, > sbcontext->write_prefixes[i], > strlen(sbcontext->write_prefixes[i]))) { > result = 1; >@@ -1023,8 +1084,11 @@ > if (-1 == result) { > for (i = 0; i < sbcontext->num_predict_prefixes; i++) { > if (NULL != sbcontext->predict_prefixes[i]) { >- if (0 == strncmp(filtered_path, >- sbcontext->predict_prefixes[i], >+ if (0 == >+ strncmp >+ (filtered_path, >+ sbcontext-> >+ predict_prefixes[i], > strlen(sbcontext->predict_prefixes[i]))) { > sbcontext->show_access_violation = 0; > result = 0; >@@ -1043,7 +1107,8 @@ > result = 0; > } > >- if (filtered_path) free(filtered_path); >+ if (filtered_path) >+ free(filtered_path); > filtered_path = NULL; > > errno = old_errno; >@@ -1051,32 +1116,36 @@ > return result; > } > >-static int check_syscall(sbcontext_t* sbcontext, const char* func, const char* file) >+static int >+check_syscall(sbcontext_t * sbcontext, const char *func, const char *file) > { > int old_errno = errno; > int result = 1; > struct stat log_stat; >- char* log_path = NULL; >- char* absolute_path = NULL; >- char* tmp_buffer = NULL; >+ char *log_path = NULL; >+ char *absolute_path = NULL; >+ char *tmp_buffer = NULL; > int log_file = 0; > struct stat debug_log_stat; >- char* debug_log_env = NULL; >- char* debug_log_path = NULL; >+ char *debug_log_env = NULL; >+ char *debug_log_path = NULL; > int debug_log_file = 0; > char buffer[512]; > > init_wrappers(); > > if ('/' == file[0]) { >- absolute_path = (char *)malloc((strlen(file) + 1) * sizeof(char)); >+ absolute_path = (char *) malloc((strlen(file) + 1) * sizeof (char)); > sprintf(absolute_path, "%s", file); > } else { >- tmp_buffer = get_current_dir_name(); >- absolute_path = (char *)malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1) * sizeof(char)); >- sprintf(absolute_path,"%s/%s", tmp_buffer, file); >+ tmp_buffer = (char *) malloc(SB_PATH_MAX * sizeof (char)); >+ egetcwd(tmp_buffer, SB_PATH_MAX - 1); >+ absolute_path = (char *) malloc((strlen(tmp_buffer) + 1 + strlen(file) + 1) >+ * sizeof (char)); >+ sprintf(absolute_path, "%s/%s", tmp_buffer, file); > >- if (tmp_buffer) free(tmp_buffer); >+ if (tmp_buffer) >+ free(tmp_buffer); > tmp_buffer = NULL; > } > >@@ -1088,27 +1157,30 @@ > (0 != strncmp(absolute_path, log_path, strlen(log_path)))) && > ((NULL == debug_log_env) || > (NULL == debug_log_path) || >- (0 != strncmp(absolute_path, debug_log_path, strlen(debug_log_path)))) && >- (0 == check_access(sbcontext, func, absolute_path)) >+ (0 != strncmp(absolute_path, debug_log_path, strlen(debug_log_path)))) >+ && (0 == check_access(sbcontext, func, absolute_path)) > ) { > if (1 == sbcontext->show_access_violation) { >- fprintf(stderr, "\e[31;01mACCESS DENIED\033[0m %s:%*s%s\n", >- func, (int)(10 - strlen(func)), "", absolute_path); >+ fprintf(stderr, >+ "\e[31;01mACCESS DENIED\033[0m %s:%*s%s\n", >+ func, (int) (10 - strlen(func)), "", absolute_path); > > if (NULL != log_path) { >- sprintf(buffer, "%s:%*s%s\n", func, (int)(10 - strlen(func)), "", absolute_path); >+ sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "", >+ absolute_path); > >- if ((0 == lstat(log_path, &log_stat)) && >- (0 == S_ISREG(log_stat.st_mode)) >+ if ((0 == lstat(log_path, &log_stat)) >+ && (0 == S_ISREG(log_stat.st_mode)) > ) { > fprintf(stderr, > "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", > log_path); > } else { > log_file = true_open(log_path, >- O_APPEND | O_WRONLY | O_CREAT, >+ O_APPEND | O_WRONLY >+ | O_CREAT, > S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); >- if(log_file >= 0) { >+ if (log_file >= 0) { > write(log_file, buffer, strlen(buffer)); > close(log_file); > } >@@ -1117,35 +1189,38 @@ > } > > result = 0; >- } >- else if (NULL != debug_log_env) { >+ } else if (NULL != debug_log_env) { > if (NULL != debug_log_path) { > if (0 != strncmp(absolute_path, debug_log_path, strlen(debug_log_path))) { >- sprintf(buffer, "%s:%*s%s\n", func, (int)(10 - strlen(func)), "", absolute_path); >+ sprintf(buffer, "%s:%*s%s\n", func, (int) (10 - strlen(func)), "", >+ absolute_path); > >- if ((0 == lstat(debug_log_path, &debug_log_stat)) && >- (0 == S_ISREG(debug_log_stat.st_mode)) >+ if ((0 == lstat(debug_log_path, &debug_log_stat)) >+ && (0 == S_ISREG(debug_log_stat.st_mode)) > ) { > fprintf(stderr, > "\e[31;01mSECURITY BREACH\033[0m %s already exists and is not a regular file.\n", > log_path); > } else { >- debug_log_file = true_open(debug_log_path, >- O_APPEND | O_WRONLY | O_CREAT, >- S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); >- if(debug_log_file >= 0) { >+ debug_log_file = >+ true_open(debug_log_path, >+ O_APPEND | O_WRONLY | >+ O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); >+ if (debug_log_file >= 0) { > write(debug_log_file, buffer, strlen(buffer)); > close(debug_log_file); > } > } > } > } else { >- fprintf(stderr, "\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n", >- func, (int)(10 - strlen(func)), "", absolute_path); >+ fprintf(stderr, >+ "\e[32;01mACCESS ALLOWED\033[0m %s:%*s%s\n", >+ func, (int) (10 - strlen(func)), "", absolute_path); > } > } > >- if (absolute_path) free(absolute_path); >+ if (absolute_path) >+ free(absolute_path); > absolute_path = NULL; > > errno = old_errno; >@@ -1153,7 +1228,8 @@ > return result; > } > >-static int is_sandbox_on() >+static int >+is_sandbox_on() > { > int old_errno = errno; > >@@ -1180,7 +1256,8 @@ > } > } > >-static int before_syscall(const char* func, const char* file) >+static int >+before_syscall(const char *func, const char *file) > { > int old_errno = errno; > int result = 1; >@@ -1189,24 +1266,18 @@ > init_context(&sbcontext); > > init_env_entries(&(sbcontext.deny_prefixes), >- &(sbcontext.num_deny_prefixes), >- "SANDBOX_DENY", 1); >+ &(sbcontext.num_deny_prefixes), "SANDBOX_DENY", 1); > init_env_entries(&(sbcontext.read_prefixes), >- &(sbcontext.num_read_prefixes), >- "SANDBOX_READ", 1); >+ &(sbcontext.num_read_prefixes), "SANDBOX_READ", 1); > init_env_entries(&(sbcontext.write_prefixes), >- &(sbcontext.num_write_prefixes), >- "SANDBOX_WRITE", 1); >+ &(sbcontext.num_write_prefixes), "SANDBOX_WRITE", 1); > init_env_entries(&(sbcontext.predict_prefixes), >- &(sbcontext.num_predict_prefixes), >- "SANDBOX_PREDICT", 1); >+ &(sbcontext.num_predict_prefixes), "SANDBOX_PREDICT", 1); > > result = check_syscall(&sbcontext, func, file); > >- clean_env_entries(&(sbcontext.deny_prefixes), >- &(sbcontext.num_deny_prefixes)); >- clean_env_entries(&(sbcontext.read_prefixes), >- &(sbcontext.num_read_prefixes)); >+ clean_env_entries(&(sbcontext.deny_prefixes), &(sbcontext.num_deny_prefixes)); >+ clean_env_entries(&(sbcontext.read_prefixes), &(sbcontext.num_read_prefixes)); > clean_env_entries(&(sbcontext.write_prefixes), > &(sbcontext.num_write_prefixes)); > clean_env_entries(&(sbcontext.predict_prefixes), >@@ -1221,7 +1292,8 @@ > return result; > } > >-static int before_syscall_open_int(const char* func, const char* file, int flags) >+static int >+before_syscall_open_int(const char *func, const char *file, int flags) > { > if ((flags & O_WRONLY) || (flags & O_RDWR)) { > return before_syscall("open_wr", file); >@@ -1230,14 +1302,18 @@ > } > } > >-static int before_syscall_open_char(const char* func, const char* file, const char* mode) >+static int >+before_syscall_open_char(const char *func, const char *file, const char *mode) > { >- if ((strcmp(mode, "r") == 0) || (strcmp(mode, "rb") == 0) || (strcmp(mode, "rm") == 0)) { >+ if ((strcmp(mode, "r") == 0) || (strcmp(mode, "rb") == 0) >+ || (strcmp(mode, "rm") == 0)) { > return before_syscall("open_rd", file); > } else { > return before_syscall("open_wr", file); > } > } > >+#include "getcwd.c" >+#include "canonicalize.c" > > // vim:expandtab noai:cindent ai >Index: sandbox.c >=================================================================== >RCS file: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/sandbox.c,v >retrieving revision 1.9 >diff -u -b -B -r1.9 sandbox.c >--- sandbox.c 22 Feb 2003 15:59:15 -0000 1.9 >+++ sandbox.c 27 Jul 2003 12:22:38 -0000 >@@ -38,7 +38,8 @@ > int print_debug = 0; > > /* Read pids file, and load active pids into an array. Return number of pids in array */ >-int load_active_pids(int fd, int **pids) >+int >+load_active_pids(int fd, int **pids) > { > char *data = NULL; > char *ptr = NULL, *ptr2 = NULL; >@@ -51,7 +52,7 @@ > len = file_length(fd); > > /* Allocate and zero datablock to read pids file */ >- data = (char *)malloc((len + 1)*sizeof(char)); >+ data = (char *) malloc((len + 1) * sizeof (char)); > memset(data, 0, len + 1); > > /* Start at beginning of file */ >@@ -76,7 +77,7 @@ > > /* If the PID is still alive, add it to our array */ > if ((0 != my_pid) && (0 == kill(my_pid, 0))) { >- pids[0] = (int *)realloc(pids[0], (num_pids + 1)*sizeof(int)); >+ pids[0] = (int *) realloc(pids[0], (num_pids + 1) * sizeof (int)); > pids[0][num_pids] = my_pid; > num_pids++; > } >@@ -93,7 +94,8 @@ > } > > /* Read ld.so.preload file, and loads dirs into an array. Return number of entries in array */ >-int load_preload_libs(int fd, char ***preloads) >+int >+load_preload_libs(int fd, char ***preloads) > { > char *data = NULL; > char *ptr = NULL, *ptr2 = NULL; >@@ -105,7 +107,7 @@ > len = file_length(fd); > > /* Allocate and zero datablock to read pids file */ >- data = (char *)malloc((len + 1)*sizeof(char)); >+ data = (char *) malloc((len + 1) * sizeof (char)); > memset(data, 0, len + 1); > > /* Start at beginning of file */ >@@ -130,7 +132,8 @@ > > /* If listing does not match our libname, add it to the array */ > if ((strlen(ptr)) && (NULL == strstr(ptr, LIB_NAME))) { >- preloads[0] = (char **)realloc(preloads[0], (num_entries + 1)*sizeof(char **)); >+ preloads[0] = >+ (char **) realloc(preloads[0], (num_entries + 1) * sizeof (char **)); > preloads[0][num_entries] = strdup(ptr); > num_entries++; > } >@@ -149,8 +152,8 @@ > return num_entries; > } > >- >-void cleanup() >+void >+cleanup() > { > int i = 0; > int success = 1; >@@ -211,10 +213,13 @@ > file_truncate(preload_file); > > /* store the other preload libraries back into the /etc/ld.so.preload file */ >- if(num_of_preloads > 0) { >+ if (num_of_preloads > 0) { > for (i = 0; i < num_of_preloads; i++) { > sprintf(preload_entry, "%s\n", preload_array[i]); >- if (write(preload_file, preload_entry, strlen(preload_entry)) != strlen(preload_entry)) { >+ if (write >+ (preload_file, >+ preload_entry, >+ strlen(preload_entry)) != strlen(preload_entry)) { > perror(">>> /etc/ld.so.preload file write"); > success = 0; > break; >@@ -224,7 +229,8 @@ > > /* Free memory used to store preload array */ > for (i = 0; i < num_of_preloads; i++) { >- if (preload_array[i]) free(preload_array[i]); >+ if (preload_array[i]) >+ free(preload_array[i]); > preload_array[i] = NULL; > } > if (preload_array) >@@ -240,12 +246,13 @@ > file_truncate(pids_file); > > /* if pids are still running, write only the running pids back to the file */ >- if(num_of_pids > 1) { >+ if (num_of_pids > 1) { > for (i = 0; i < num_of_pids; i++) { > if (pids_array[i] != getpid()) { > sprintf(pid_string, "%d\n", pids_array[i]); > >- if (write(pids_file, pid_string, strlen(pid_string)) != strlen(pid_string)) { >+ if (write(pids_file, pid_string, strlen(pid_string)) != >+ strlen(pid_string)) { > perror(">>> pids file write"); > success = 0; > break; >@@ -273,20 +280,24 @@ > return; > } > >-void stop(int signum) >+void >+stop(int signum) > { > printf("Caught signal %d\r\n", signum); > cleanup(); > } > >-void setenv_sandbox_write(char *home_dir, char *portage_tmp_dir, char *var_tmp_dir, char *tmp_dir) >+void >+setenv_sandbox_write(char *home_dir, char *portage_tmp_dir, char *var_tmp_dir, >+ char *tmp_dir) > { > char sandbox_write_var[1024]; > > if (!getenv(ENV_SANDBOX_WRITE)) { > /* these should go into make.globals later on */ > strcpy(sandbox_write_var, ""); >- strcat(sandbox_write_var, "/dev/zero:/dev/fd/:/dev/null:/dev/pts/:/dev/vc/:/dev/tty:/tmp/"); >+ strcat(sandbox_write_var, >+ "/dev/zero:/dev/fd/:/dev/null:/dev/pts/:/dev/vc/:/dev/tty:/tmp/"); > strcat(sandbox_write_var, ":"); > /* NGPT support */ > strcat(sandbox_write_var, "/dev/shm/ngpt"); >@@ -349,8 +360,8 @@ > } > } > >- >-void setenv_sandbox_predict(char *home_dir) >+void >+setenv_sandbox_predict(char *home_dir) > { > char sandbox_predict_var[1024]; > >@@ -369,7 +380,8 @@ > } > } > >-int print_sandbox_log(char *sandbox_log) >+int >+print_sandbox_log(char *sandbox_log) > { > int sandbox_log_file = -1; > char *beep_count_env = NULL; >@@ -377,24 +389,26 @@ > long len = 0; > char *buffer = NULL; > >- sandbox_log_file=file_open(sandbox_log, "r", 0); >+ sandbox_log_file = file_open(sandbox_log, "r", 0); > if (-1 == sandbox_log_file) > return 0; > > len = file_length(sandbox_log_file); >- buffer = (char *)malloc((len + 1)*sizeof(char)); >+ buffer = (char *) malloc((len + 1) * sizeof (char)); > memset(buffer, 0, len + 1); > read(sandbox_log_file, buffer, len); > file_close(sandbox_log_file); > >- printf("\e[31;01m--------------------------- ACCESS VIOLATION SUMMARY ---------------------------\033[0m\n"); >+ printf >+ ("\e[31;01m--------------------------- ACCESS VIOLATION SUMMARY ---------------------------\033[0m\n"); > printf("\e[31;01mLOG FILE = \"%s\"\033[0m\n", sandbox_log); > printf("\n"); > printf("%s", buffer); > if (buffer) > free(buffer); > buffer = NULL; >- printf("\e[31;01m--------------------------------------------------------------------------------\033[0m\n"); >+ printf >+ ("\e[31;01m--------------------------------------------------------------------------------\033[0m\n"); > > beep_count_env = getenv(ENV_SANDBOX_BEEP); > if (beep_count_env) >@@ -404,13 +418,14 @@ > > for (i = 0; i < beep_count; i++) { > fputc('\a', stderr); >- if (i < beep_count -1) >+ if (i < beep_count - 1) > sleep(1); > } > return 1; > } > >-int spawn_shell(char *argv_bash[]) >+int >+spawn_shell(char *argv_bash[]) > { > #ifdef USE_SYSTEM_SHELL > int i = 0; >@@ -424,7 +439,7 @@ > break; > if (NULL != sh) > len = strlen(sh); >- sh = (char *)realloc(sh, len+strlen(argv_bash[i]) + 5); >+ sh = (char *) realloc(sh, len + strlen(argv_bash[i]) + 5); > if (first) { > sh[0] = 0; > first = 0; >@@ -471,7 +486,8 @@ > #endif > } > >-int main(int argc, char** argv) >+int >+main(int argc, char **argv) > { > int i = 0, success = 1; > #ifdef USE_LD_SO_PRELOAD >@@ -510,11 +526,13 @@ > print_debug = 1; > > if (print_debug) >- printf("========================== Gentoo linux path sandbox ===========================\n"); >+ printf >+ ("========================== Gentoo linux path sandbox ===========================\n"); > > /* check if a sandbox is already running */ > if (NULL != getenv(ENV_SANDBOX_ON)) { >- fprintf(stderr, "Not launching a new sandbox instance\nAnother one is already running in this process hierarchy.\n"); >+ fprintf(stderr, >+ "Not launching a new sandbox instance\nAnother one is already running in this process hierarchy.\n"); > exit(1); > } else { > >@@ -549,13 +567,14 @@ > printf("Verification of the required files.\n"); > > if (file_exist(sandbox_lib, 0) <= 0) { >- fprintf(stderr, "Could not open the sandbox library at '%s'.\n", sandbox_lib); >+ fprintf(stderr, "Could not open the sandbox library at '%s'.\n", >+ sandbox_lib); > return -1; > } else if (file_exist(sandbox_rc, 0) <= 0) { >- fprintf(stderr, "Could not open the sandbox rc file at '%s'.\n", sandbox_rc); >+ fprintf(stderr, "Could not open the sandbox rc file at '%s'.\n", >+ sandbox_rc); > return -1; > } >- > #ifdef USE_LD_SO_PRELOAD > /* ensure that the /etc/ld.so.preload file contains an entry for the sandbox lib */ > if (print_debug) >@@ -569,7 +588,7 @@ > > if (getuid() == 0) { > /* Our r+ also will create the file if it doesn't exist */ >- preload_file=file_open("/etc/ld.so.preload", "r+", 1, 0644); >+ preload_file = file_open("/etc/ld.so.preload", "r+", 1, 0644); > if (-1 == preload_file) { > preload_adaptable = 0; > /* exit(1);*/ >@@ -591,14 +610,18 @@ > for (i = 0; i < num_of_preloads + 1; i++) { > /* First entry should be our sandbox library */ > if (0 == i) { >- if (write(preload_file, sandbox_lib, strlen(sandbox_lib)) != strlen(sandbox_lib)) { >+ if (write >+ (preload_file, sandbox_lib, >+ strlen(sandbox_lib)) != strlen(sandbox_lib)) { > perror(">>> /etc/ld.so.preload file write"); > success = 0; > break; > } > } else { > /* Output all other preload entries */ >- if (write(preload_file, preload_array[i - 1], strlen(preload_array[i - 1])) != strlen(preload_array[i - 1])) { >+ if (write >+ (preload_file, preload_array[i - 1], >+ strlen(preload_array[i - 1])) != strlen(preload_array[i - 1])) { > perror(">>> /etc/ld.so.preload file write"); > success = 0; > break; >@@ -634,7 +657,7 @@ > printf("Setting up the required environment variables.\n"); > > /* Generate sandbox log full path */ >- tmp_string=get_sandbox_log(); >+ tmp_string = get_sandbox_log(); > strncpy(sandbox_log, tmp_string, 254); > if (tmp_string) > free(tmp_string); >@@ -642,7 +665,8 @@ > > setenv(ENV_SANDBOX_LOG, sandbox_log, 1); > >- snprintf(sandbox_debug_log, 254, "%s%s%s", DEBUG_LOG_FILE_PREFIX, pid_string, LOG_FILE_EXT); >+ snprintf(sandbox_debug_log, 254, "%s%s%s", >+ DEBUG_LOG_FILE_PREFIX, pid_string, LOG_FILE_EXT); > setenv(ENV_SANDBOX_DEBUG_LOG, sandbox_debug_log, 1); > > home_dir = getenv("HOME"); >@@ -656,9 +680,9 @@ > * this, access is denied to /var/tmp, hurtin' ebuilds. > */ > >- realpath(getenv("PORTAGE_TMPDIR"),portage_tmp_dir); >- realpath("/var/tmp",var_tmp_dir); >- realpath("/tmp",tmp_dir); >+ realpath(getenv("PORTAGE_TMPDIR"), portage_tmp_dir); >+ realpath("/var/tmp", var_tmp_dir); >+ realpath("/tmp", tmp_dir); > > setenv(ENV_SANDBOX_DIR, sandbox_dir, 1); > setenv(ENV_SANDBOX_LIB, sandbox_lib, 1); >@@ -680,7 +704,7 @@ > if (NULL != portage_tmp_dir) > chdir(portage_tmp_dir); > >- argv_bash=(char **)malloc(6 * sizeof(char *)); >+ argv_bash = (char **) malloc(6 * sizeof (char *)); > argv_bash[0] = strdup("/bin/bash"); > argv_bash[1] = strdup("-rcfile"); > argv_bash[2] = strdup(sandbox_rc); >@@ -694,13 +718,15 @@ > argv_bash[5] = NULL; > > if (argc >= 2) { >- for (i = 1; i< argc; i++) { >+ for (i = 1; i < argc; i++) { > if (NULL == argv_bash[4]) > len = 0; > else > len = strlen(argv_bash[4]); > >- argv_bash[4]=(char *)realloc(argv_bash[4], (len + strlen(argv[i]) + 2) * sizeof(char)); >+ argv_bash[4] = >+ (char *) realloc(argv_bash[4], >+ (len + strlen(argv[i]) + 2) * sizeof (char)); > > if (0 == len) > argv_bash[4][0] = 0; >@@ -711,7 +737,7 @@ > } > } > #if 0 >- char* argv_bash[] = { >+ char *argv_bash[] = { > "/bin/bash", > "-rcfile", > NULL, >@@ -773,7 +799,8 @@ > else > sprintf(pid_string, "%d\n", pids_array[i]); > >- if (write(pids_file, pid_string, strlen(pid_string)) != strlen(pid_string)) { >+ if (write(pids_file, pid_string, strlen(pid_string)) != >+ strlen(pid_string)) { > perror(">>> pids file write"); > success = 0; > break; >@@ -798,7 +825,8 @@ > /* STARTING PROTECTED ENVIRONMENT */ > if (print_debug) { > printf("The protected environment has been started.\n"); >- printf("--------------------------------------------------------------------------------\n"); >+ printf >+ ("--------------------------------------------------------------------------------\n"); > } > > if (print_debug) >@@ -827,7 +855,8 @@ > cleanup(); > > if (print_debug) { >- printf("========================== Gentoo linux path sandbox ===========================\n"); >+ printf >+ ("========================== Gentoo linux path sandbox ===========================\n"); > printf("The protected environment has been shut down.\n"); > } > >@@ -844,7 +873,8 @@ > > sandbox_log_file = -1; > } else if (print_debug) { >- printf("--------------------------------------------------------------------------------\n"); >+ printf >+ ("--------------------------------------------------------------------------------\n"); > } > > if ((sandbox_log_presence) || (!success)) >Index: sandbox.h >=================================================================== >RCS file: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/sandbox.h,v >retrieving revision 1.3 >diff -u -b -B -r1.3 sandbox.h >Index: sandbox_futils.c >=================================================================== >RCS file: /home/cvsroot/gentoo-src/portage/src/sandbox-1.1/sandbox_futils.c,v >retrieving revision 1.3 >diff -u -b -B -r1.3 sandbox_futils.c >--- sandbox_futils.c 4 Dec 2002 15:29:45 -0000 1.3 >+++ sandbox_futils.c 27 Jul 2003 12:22:38 -0000 >@@ -26,8 +26,11 @@ > > #include "sandbox.h" > >+/* glibc modified getcwd() functions */ >+char *egetcwd(char *, size_t); > >-char *get_sandbox_path(char *argv0) >+char * >+get_sandbox_path(char *argv0) > { > char path[255]; > char *cwd = NULL; >@@ -38,17 +41,19 @@ > > /* ARGV[0] specifies relative path */ > } else { >- getcwd(cwd, 253); >+ egetcwd(cwd, 253); > sprintf(path, "%s/%s", cwd, argv0); >- if (cwd) free(cwd); >+ if (cwd) >+ free(cwd); > cwd = NULL; > } > > /* Return just directory */ >- return(sb_dirname(path)); >+ return (sb_dirname(path)); > } > >-char *get_sandbox_lib(char *sb_path) >+char * >+get_sandbox_lib(char *sb_path) > { > char path[255]; > >@@ -56,10 +61,11 @@ > if (file_exist(path, 0) <= 0) { > snprintf(path, 254, "%s%s", sb_path, LIB_NAME); > } >- return(strdup(path)); >+ return (strdup(path)); > } > >-char *get_sandbox_rc(char *sb_path) >+char * >+get_sandbox_rc(char *sb_path) > { > char path[255]; > >@@ -67,10 +73,11 @@ > if (file_exist(path, 0) <= 0) { > snprintf(path, 254, "%s%s", sb_path, BASHRC_NAME); > } >- return(strdup(path)); >+ return (strdup(path)); > } > >-char *get_sandbox_log() >+char * >+get_sandbox_log() > { > char path[255]; > char pid_string[20]; >@@ -86,11 +93,12 @@ > } > strcat(path, pid_string); > strcat(path, LOG_FILE_EXT); >- return(strdup(path)); >+ return (strdup(path)); > } > > /* Obtain base directory name. Do not allow trailing / */ >-char *sb_dirname(const char *path) >+char * >+sb_dirname(const char *path) > { > char *ret = NULL; > char *ptr = NULL; >@@ -98,19 +106,20 @@ > int cut_len = -1; > > /* don't think NULL will ever be passed, but just in case */ >- if (NULL == path) return(strdup(".")); >+ if (NULL == path) >+ return (strdup(".")); > > /* Grab pointer to last slash */ > ptr = strrchr(path, '/'); > if (NULL == ptr) { >- return(strdup(".")); >+ return (strdup(".")); > } > > /* decimal location of pointer */ > loc = ptr - path; > > /* Remove any trailing slash */ >- for (i = loc-1; i >= 0; i--) { >+ for (i = loc - 1; i >= 0; i--) { > if (path[i] != '/') { > cut_len = i + 1; /* make cut_len the length of the string to keep */ > break; >@@ -118,14 +127,15 @@ > } > > /* It could have been just a plain /, return a 1byte 0 filled string */ >- if (-1 == cut_len) return(strdup("")); >+ if (-1 == cut_len) >+ return (strdup("")); > > /* Allocate memory, and return the directory */ >- ret = (char *)malloc((cut_len + 1) * sizeof(char)); >+ ret = (char *) malloc((cut_len + 1) * sizeof (char)); > memcpy(ret, path, cut_len); > ret[cut_len] = 0; > >- return(ret); >+ return (ret); > } > > /* >@@ -153,7 +163,8 @@ > }*/ > > /* Convert text (string) modes to integer values */ >-int file_getmode(char *mode) >+int >+file_getmode(char *mode) > { > int mde = 0; > if (0 == strcasecmp(mode, "r+")) { >@@ -171,17 +182,19 @@ > } else { > mde = O_RDONLY; > } >- return(mde); >+ return (mde); > } > > /* Get current position in file */ >-long file_tell(int fp) >+long >+file_tell(int fp) > { >- return(lseek(fp, 0L, SEEK_CUR)); >+ return (lseek(fp, 0L, SEEK_CUR)); > } > > /* lock the file, preferrably the POSIX way */ >-int file_lock(int fd, int lock, char *filename) >+int >+file_lock(int fd, int lock, char *filename) > { > int err; > #ifdef USE_FLOCK >@@ -207,7 +220,8 @@ > } > > /* unlock the file, preferrably the POSIX way */ >-int file_unlock(int fd) >+int >+file_unlock(int fd) > { > #ifdef USE_FLOCK > if (flock(fd, LOCK_UN) < 0) { >@@ -232,23 +246,27 @@ > /* Auto-determine from how the file was opened, what kind of lock to lock > * the file with > */ >-int file_locktype(char *mode) >+int >+file_locktype(char *mode) > { > #ifdef USE_FLOCK >- if (NULL != (strchr(mode, 'w')) || (NULL != strchr(mode, '+')) || (NULL != strchr(mode, 'a'))) >- return(LOCK_EX); >- return(LOCK_SH); >+ if (NULL != (strchr(mode, 'w')) || (NULL != strchr(mode, '+')) >+ || (NULL != strchr(mode, 'a'))) >+ return (LOCK_EX); >+ return (LOCK_SH); > #else >- if (NULL != (strchr(mode, 'w')) || (NULL != strchr(mode, '+')) || (NULL != strchr(mode, 'a'))) >- return(F_WRLCK); >- return(F_RDLCK); >+ if (NULL != (strchr(mode, 'w')) || (NULL != strchr(mode, '+')) >+ || (NULL != strchr(mode, 'a'))) >+ return (F_WRLCK); >+ return (F_RDLCK); > #endif > } > > /* Use standard fopen style modes to open the specified file. Also auto-determines and > * locks the file either in shared or exclusive mode depending on opening mode > */ >-int file_open(char *filename, char *mode, int perm_specified, ...) >+int >+file_open(char *filename, char *mode, int perm_specified, ...) > { > int fd; > char error[250]; >@@ -268,7 +286,7 @@ > if (-1 == fd) { > snprintf(error, 249, ">>> %s file mode: %s open", filename, mode); > perror(error); >- return(fd); >+ return (fd); > } > /* Only lock the file if opening succeeded */ > if (-1 != fd) { >@@ -280,11 +298,12 @@ > snprintf(error, 249, ">>> %s file mode:%s open", filename, mode); > perror(error); > } >- return(fd); >+ return (fd); > } > > /* Close and unlock file */ >-void file_close(int fd) >+void >+file_close(int fd) > { > if (-1 != fd) { > file_unlock(fd); >@@ -293,17 +312,19 @@ > } > > /* Return length of file */ >-long file_length(int fd) >+long >+file_length(int fd) > { > long pos, len; > pos = file_tell(fd); > len = lseek(fd, 0L, SEEK_END); > lseek(fd, pos, SEEK_SET); >- return(len); >+ return (len); > } > > /* Zero out file */ >-int file_truncate(int fd) >+int >+file_truncate(int fd) > { > lseek(fd, 0L, SEEK_SET); > if (ftruncate(fd, 0) < 0) { >@@ -314,7 +335,8 @@ > } > > /* Check to see if a file exists Return: 1 success, 0 file not found, -1 error */ >-int file_exist(char *filename, int checkmode) >+int >+file_exist(char *filename, int checkmode) > { > struct stat mystat; >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 21766
:
12472
|
13694
| 15076