[apparmor] [PATCH 3/5] Library interface for tasks introspectingconfinement.
Kees Cook
kees.cook at canonical.com
Fri Jul 22 14:36:22 UTC 2011
On Thu, Jul 21, 2011 at 01:40:58PM -0700, John Johansen wrote:
> +int aa_getpeercon_raw(int fd, char *buffer, int *size)
> +{
> + socklen_t optlen = *size;
> + int rc = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, buffer, &optlen);
> + if (rc == -1)
> + goto out;
This should check size and *size>0 before assigning optlen, otherwise we
run a risk of blowing up on the buffer[optlen-1] check. Should check
for buffer!=NULL too.
> + /* check for null termination */
> + if (buffer[optlen - 1] != 0) {
> + if (optlen < *size) {
> + buffer[optlen] = 0;
> + optlen++;
> + } else {
> + /* buffer needs to be bigger by 1 */
> + rc = -1;
> + errno = ERANGE;
> + optlen++;
> + }
> + }
> +out:
> + *size = optlen;
> + return rc;
> +}
> +int aa_getpeercon(int fd, char **con)
> +{
> + int rc, size = INITIAL_GUESS_SIZE;
Check for con != NULL here?
> + char *buffer = NULL;
> +
> + do {
> + buffer = realloc(buffer, size);
> + if (!buffer)
> + return -1;
> + memset(buffer, 0, size);
> +
> + rc = aa_getpeercon_raw(fd, buffer, &size);
> + } while (rc == -1 && errno == ERANGE);
> +
> + if (rc == -1) {
> + free(buffer);
> + size = -1;
> + } else
> + *con = buffer;
> +
> + return size;
> +}
> + aa_getpeercon_raw;
> + aa_getpeercon;
> parse_record;
> free_record;
> aa_getprocattr_raw;
Does it make sense to export the _raw functions? I'm sort of mentally on
the fence about that.
Looks excellent overall :)
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the AppArmor
mailing list