diff options
author | Mike Frysinger <vapier@gentoo.org> | 2010-11-15 05:42:11 -0500 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2010-11-15 05:42:11 -0500 |
commit | c473c10a447a285f8c7b762f34c0650f587e1ff4 (patch) | |
tree | 6845a6a1dec1d2a9bab09e7071b3abe068d5ead9 /libsandbox/wrapper-funcs/mkdirat_pre_check.c | |
parent | tests: generalize flag parsing to handle AT_* flags better (diff) | |
download | sandbox-c473c10a447a285f8c7b762f34c0650f587e1ff4.tar.gz sandbox-c473c10a447a285f8c7b762f34c0650f587e1ff4.tar.bz2 sandbox-c473c10a447a285f8c7b762f34c0650f587e1ff4.zip |
libsandbox: handle dirfd in mkdir/open/unlink *at prechecks
Ignoring the dirfd hasn't been a problem in the past as people weren't
really using it, but now that core packages are (like tar), we need to
handle things properly.
URL: http://bugs.gentoo.org/342983
Reported-by: Xake <xake@rymdraket.net>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Diffstat (limited to 'libsandbox/wrapper-funcs/mkdirat_pre_check.c')
-rw-r--r-- | libsandbox/wrapper-funcs/mkdirat_pre_check.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/libsandbox/wrapper-funcs/mkdirat_pre_check.c b/libsandbox/wrapper-funcs/mkdirat_pre_check.c index c999e46..d037546 100644 --- a/libsandbox/wrapper-funcs/mkdirat_pre_check.c +++ b/libsandbox/wrapper-funcs/mkdirat_pre_check.c @@ -8,10 +8,23 @@ bool sb_mkdirat_pre_check(const char *func, const char *pathname, int dirfd) { char canonic[SB_PATH_MAX]; + char dirfd_path[SB_PATH_MAX]; save_errno(); - /* XXX: need to check pathname with dirfd */ + /* Expand the dirfd path first */ + switch (resolve_dirfd_path(dirfd, pathname, dirfd_path)) { + case -1: + if (is_env_on(ENV_SANDBOX_DEBUG)) + SB_EINFO("EARLY FAIL", " %s(%s) @ resolve_dirfd_path: %s\n", + func, pathname, strerror(errno)); + return false; + case 0: + pathname = dirfd_path; + break; + } + + /* Then break down any relative/symlink paths */ if (-1 == canonicalize(pathname, canonic)) /* see comments in check_syscall() */ if (ENAMETOOLONG != errno) { |