[apparmor] [PATCH 3/4] tests: Modify unix_socket/unix_socket_client to accept abstract names

Seth Arnold seth.arnold at canonical.com
Tue Aug 12 01:08:50 UTC 2014 

On Mon, Aug 11, 2014 at 03:08:11PM -0500, Tyler Hicks wrote:
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>

Acked-by: Seth Arnold <seth.arnold at canonical.com>

.. though the design doesn't allow for giving a unix socket abstract name
with an embedded 0x00 byte in the middle of the name; having an embedded
NUL in the middle of the name sounds like a case that's liable to be buggy
somewhere in the stack, so it'd be nice to have those names be easily
testable.

(The aa-encode and aa-decode scripts may be handy for writing the
shell-script side of things.)

Thanks

> ---
>  tests/regression/apparmor/unix_socket.c        | 22 ++++++++++++++++++----
>  tests/regression/apparmor/unix_socket_client.c | 19 ++++++++++++++++---
>  2 files changed, 34 insertions(+), 7 deletions(-)
> 
> diff --git a/tests/regression/apparmor/unix_socket.c b/tests/regression/apparmor/unix_socket.c
> index 76a4eb8..b6dc0dd 100644
> --- a/tests/regression/apparmor/unix_socket.c
> +++ b/tests/regression/apparmor/unix_socket.c
> @@ -87,17 +87,33 @@ int main (int argc, char *argv[])
>  	struct pollfd pfd;
>  	char msg_buf[MSG_BUF_MAX];
>  	size_t msg_buf_len;
> +	const char *sun_path;
> +	size_t sun_path_len;
>  	pid_t pid;
>  	int sock, type, rc;
>  
>  	if (argc != 5) {
>  		fprintf(stderr,
>  			"Usage: %s <socket> <type> <message> <client>\n\n"
> +			"  socket\t\ta path for a bound socket or a name prepended with '@' for an abstract socket\n"
>  			"  type\t\tstream, dgram, or seqpacket\n",
>  			argv[0]);
>  		exit(1);
>  	}
>  
> +	addr.sun_family = AF_UNIX;
> +	memset(addr.sun_path, 0, sizeof(addr.sun_path));
> +
> +	sun_path = argv[1];
> +	sun_path_len = strlen(sun_path);
> +	if (sun_path[0] == '@') {
> +		memcpy(addr.sun_path, sun_path, sun_path_len);
> +		addr.sun_path[0] = '\0';
> +		sun_path_len = sizeof(addr.sun_path);
> +	} else {
> +		memcpy(addr.sun_path, sun_path, sun_path_len + 1);
> +	}
> +
>  	if (!strcmp(argv[2], "stream")) {
>  		type = SOCK_STREAM;
>  	} else if (!strcmp(argv[2], "dgram")) {
> @@ -122,10 +138,8 @@ int main (int argc, char *argv[])
>  		exit(1);
>  	}
>  
> -	addr.sun_family = AF_UNIX;
> -	strcpy(addr.sun_path, argv[1]);
>  	rc = bind(sock, (struct sockaddr *)&addr,
> -		  strlen(addr.sun_path) + sizeof(addr.sun_family));
> +		  sun_path_len + sizeof(addr.sun_family));
>  	if (rc < 0) {
>  		perror("FAIL - bind");
>  		exit(1);
> @@ -144,7 +158,7 @@ int main (int argc, char *argv[])
>  		perror("FAIL - fork");
>  		exit(1);
>  	} else if (!pid) {
> -		execl(argv[4], argv[4], argv[1], argv[2], NULL);
> +		execl(argv[4], argv[4], sun_path, argv[2], NULL);
>  		exit(0);
>  	}
>  
> diff --git a/tests/regression/apparmor/unix_socket_client.c b/tests/regression/apparmor/unix_socket_client.c
> index 73aa8ba..ac53ecd 100644
> --- a/tests/regression/apparmor/unix_socket_client.c
> +++ b/tests/regression/apparmor/unix_socket_client.c
> @@ -81,6 +81,8 @@ static int connectionless_messaging(int sock)
>  int main(int argc, char *argv[])
>  {
>  	struct sockaddr_un peer_addr;
> +	const char *sun_path;
> +	size_t sun_path_len;
>  	int sock, type, rc;
>  
>  	if (argc != 3) {
> @@ -90,6 +92,19 @@ int main(int argc, char *argv[])
>  		exit(1);
>  	}
>  
> +	peer_addr.sun_family = AF_UNIX;
> +	memset(peer_addr.sun_path, 0, sizeof(peer_addr.sun_path));
> +
> +	sun_path = argv[1];
> +	sun_path_len = strlen(sun_path);
> +	if (sun_path[0] == '@') {
> +		memcpy(peer_addr.sun_path, sun_path, sun_path_len);
> +		peer_addr.sun_path[0] = '\0';
> +		sun_path_len = sizeof(peer_addr.sun_path);
> +	} else {
> +		memcpy(peer_addr.sun_path, sun_path, sun_path_len + 1);
> +	}
> +
>  	if (!strcmp(argv[2], "stream")) {
>  		type = SOCK_STREAM;
>  	} else if (!strcmp(argv[2], "dgram")) {
> @@ -107,10 +122,8 @@ int main(int argc, char *argv[])
>  		exit(1);
>  	}
>  
> -	peer_addr.sun_family = AF_UNIX;
> -	strcpy(peer_addr.sun_path, argv[1]);
>  	rc = connect(sock, (struct sockaddr *)&peer_addr,
> -		     strlen(peer_addr.sun_path) + sizeof(peer_addr.sun_family));
> +		     sun_path_len + sizeof(peer_addr.sun_family));
>  	if (rc < 0) {
>  		perror("FAIL CLIENT - connect");
>  		exit(1);
> -- 
> 2.1.0.rc1
> 
> 
> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140811/fdef06d5/attachment.pgp>

More information about the AppArmor mailing list