diff options
| author |   Martin Schlemmer <azarah@gentoo.org> | 2005-12-01 11:33:20 +0000 |
|---|---|---|
| committer | Martin Schlemmer <azarah@gentoo.org> | 2005-12-01 11:33:20 +0000 |
| commit | d7ff04f399a9392f1fc8f065aa3cb103a03b871b (patch) | |
| tree | 0aa50ebd8b31892a6734a0f0fd665f64101ed6f8 | |
| parent | Rather use fstat() to get file size in file_length() than lseek(). (diff) | |
| download | sandbox-d7ff04f399a9392f1fc8f065aa3cb103a03b871b.tar.gz sandbox-d7ff04f399a9392f1fc8f065aa3cb103a03b871b.tar.bz2 sandbox-d7ff04f399a9392f1fc8f065aa3cb103a03b871b.zip | |
Wrap mknod() as well. Misc cleanups.
Signed-off-by: Martin Schlemmer <azarah@gentoo.org>
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | src/libsandbox.c | 40 | ||||
| -rw-r--r-- | src/sandbox.h | 3 | ||||
| -rw-r--r-- | src/sandbox_futils.c | 2 | ||||
| -rw-r--r-- | src/symbols.h.in | 3 |
5 files changed, 24 insertions, 26 deletions
@@ -34,6 +34,8 @@ Rather use fstat() to get file size in file_length() than lseek(). + Wrap mknod() as well. Misc cleanups. + 28 Nov 2005; Martin Schlemmer <azarah@gentoo.org> configure.in, sandbox.c, sandbox_fdutils.c: diff --git a/src/libsandbox.c b/src/libsandbox.c index aec9834..0afb8eb 100644 --- a/src/libsandbox.c +++ b/src/libsandbox.c @@ -29,10 +29,6 @@ * */ -/* Uncomment below to enable wrapping of mknod(). - * This is broken currently. */ -/* #define WRAP_MKNOD 1 */ - /* Uncomment below to enable the use of strtok_r(). */ #define REENTRANT_STRTOK 1 @@ -42,13 +38,6 @@ #define open xxx_open #define open64 xxx_open64 -/* Wrapping mknod, do not have any effect, and - * wrapping __xmknod causes calls to it to segfault - */ -#ifdef WRAP_MKNOD -# define __xmknod xxx___xmknod -#endif - #include <dirent.h> #include <dlfcn.h> #include <errno.h> @@ -72,10 +61,6 @@ # include <mcheck.h> #endif -#ifdef WRAP_MKNOD -# undef __xmknod -#endif - #undef open #undef open64 @@ -489,8 +474,7 @@ DIR *_name(const char *name) \ return result; \ } -#ifdef WRAP_MKNOD -# define __xmknod(_name) \ +#define mknod_decl(_name) \ \ extern int _name(const char *, mode_t, dev_t); \ static int (*true_ ## _name) (const char *, mode_t, dev_t) = NULL; \ @@ -499,16 +483,30 @@ int _name(const char *pathname, mode_t mode, dev_t dev) \ { \ int result = -1; \ \ - if FUNCTION_SANDBOX_SAFE("__xmknod", pathname) { \ + if FUNCTION_SANDBOX_SAFE("mknod", pathname) { \ check_dlsym(_name); \ result = true_ ## _name(pathname, mode, dev); \ } \ \ return result; \ } -#else -# define __xmknod(_name) -#endif + +#define __xmknod_decl(_name) \ +\ +extern int _name(int, const char *, __mode_t, __dev_t *); \ +static int (*true_ ## _name) (int, const char *, __mode_t, __dev_t *) = NULL; \ +\ +int _name(int ver, const char *pathname, __mode_t mode, __dev_t *dev) \ +{ \ + int result = -1; \ +\ + if FUNCTION_SANDBOX_SAFE("mknod", pathname) { \ + check_dlsym(_name); \ + result = true_ ## _name(ver, pathname, mode, dev); \ + } \ +\ + return result; \ +} #define access_decl(_name) \ \ diff --git a/src/sandbox.h b/src/sandbox.h index cd07230..dbfb6e8 100644 --- a/src/sandbox.h +++ b/src/sandbox.h @@ -13,9 +13,6 @@ #include "localdecls.h" #include "config.h" -/* Uncomment below to use flock instead of fcntl (POSIX way) to lock/unlock files */ -/* #define USE_FLOCK */ - #define LD_PRELOAD_EQ "LD_PRELOAD=" #define LD_PRELOAD_FILE "/etc/ld.so.preload" #define LIB_NAME "libsandbox.so" diff --git a/src/sandbox_futils.c b/src/sandbox_futils.c index e7854d5..0d8ce27 100644 --- a/src/sandbox_futils.c +++ b/src/sandbox_futils.c @@ -157,7 +157,7 @@ long file_length(int fd) int retval; retval = fstat(fd, &st); - if (retval < 0) + if (-1 == retval) return 0; return (st.st_size); diff --git a/src/symbols.h.in b/src/symbols.h.in index b44174e..d2b56bf 100644 --- a/src/symbols.h.in +++ b/src/symbols.h.in @@ -11,7 +11,8 @@ lchown link mkdir opendir -#__xmknod +mknod +__xmknod access rename rmdir |