libsandbox: add wrappers for _FORTIFY_SOURCE funcsv1.3.8

When glibc is compiled with optimization and higher _FORTIFY_SOURCE
levels, the headers redirect dynamic calls to the open*() functions to the
__open*_2() functions.  The latter provides runtime checking.  But this
means we also need to wrap the latter forms in order to get sandbox
checking on the open() functions.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>

1 files changed, 44 insertions, 0 deletions

diff --git a/libsandbox/wrapper-funcs/__openat_2.c b/libsandbox/wrapper-funcs/__openat_2.c
new file mode 100644
index 0000000..3384b93
--- /dev/null
+++ b/libsandbox/wrapper-funcs/__openat_2.c
@@ -0,0 +1,44 @@
+/*
+ * __openat_2() wrapper (_FORTIFY_SOURCE).
+ *
+ * Copyright 1999-2009 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+#ifndef WRAPPER_ARGS_PROTO /* let open() use us */
+# define WRAPPER_ARGS_PROTO int dirfd, const char *pathname, int flags
+# define WRAPPER_ARGS dirfd, pathname, flags
+# define WRAPPER_SAFE() FUNCTION_SANDBOX_SAFE_OPEN_INT_AT(dirfd, pathname, flags)
+# define USE_AT 1
+#else
+# define USE_AT 0
+#endif
+
+#ifndef PRE_CHECK_FUNC
+# define _PRE_CHECK_FUNC(x) sb_##x##_pre_check
+# define PRE_CHECK_FUNC(x)  _PRE_CHECK_FUNC(x)
+#endif
+static inline bool PRE_CHECK_FUNC(WRAPPER_NAME)(WRAPPER_ARGS_PROTO)
+{
+	if (!(flags & O_CREAT)) {
+		save_errno();
+
+		/* If we're not trying to create, fail normally if
+		 * file does not stat
+		 */
+		struct stat st;
+#if USE_AT
+		if (dirfd == AT_FDCWD || pathname[0] == '/')
+#endif
+#undef USE_AT
+			if (-1 == stat(pathname, &st))
+				return false;
+
+		restore_errno();
+	}
+
+	return true;
+}
+#define WRAPPER_PRE_CHECKS() PRE_CHECK_FUNC(WRAPPER_NAME)(WRAPPER_ARGS)
+
+#include "__wrapper_simple.c"