From 58aaec27050c17f90289181151f0f67648ff8392 Mon Sep 17 00:00:00 2001 From: Martin Schlemmer Date: Thu, 1 Dec 2005 09:46:17 +0000 Subject: Remove the SB_STATIC and including of getcwd.c, etc voodoo, as we new use a symbol map, and all non-exported symbols are local. Cleanup getcwd.c, as the generic getcwd for older 2.4 kernels do not work properly anyhow, and just makes things slower. Some other warning fixes. Signed-off-by: Martin Schlemmer --- ChangeLog | 5 ++ localdecls.h | 6 -- src/Makefile.am | 9 ++- src/canonicalize.c | 5 +- src/getcwd.c | 213 +++------------------------------------------------ src/libsandbox.c | 15 ++-- src/sandbox.h | 20 ++--- src/sandbox_futils.c | 20 ++--- 8 files changed, 50 insertions(+), 243 deletions(-) diff --git a/ChangeLog b/ChangeLog index 55df6d3..fd04b31 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,11 @@ Fix non-versioned libc's to also prepend '__' to internal symbols by using strong aliases. + Remove the SB_STATIC and including of getcwd.c, etc voodoo, as we new use a + symbol map, and all non-exported symbols are local. Cleanup getcwd.c, as + the generic getcwd for older 2.4 kernels do not work properly anyhow, and + just makes things slower. Some other warning fixes. + 28 Nov 2005; Martin Schlemmer configure.in, sandbox.c, sandbox_fdutils.c: diff --git a/localdecls.h b/localdecls.h index 512030c..ab6b8d7 100644 --- a/localdecls.h +++ b/localdecls.h @@ -40,12 +40,6 @@ # error PATH_MAX not defined! #endif -#ifndef OUTSIDE_LIBSANDBOX -# define SB_STATIC static -#else -# define SB_STATIC -#endif - #if !HAVE_DLVSYM # define dlvsym(_lib, _sym, _ver) dlsym(_lib, _sym) #endif diff --git a/src/Makefile.am b/src/Makefile.am index e2a4be0..590f8e9 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -7,7 +7,7 @@ AM_CPPFLAGS = \ -D_GNU_SOURCE -DPIC -fPIC -D_REENTRANT \ -DLIBSANDBOX_PATH=\"$(libdir)\" \ -DSANDBOX_BASHRC_PATH=\"$(pkgdatadir)\" \ - -I$(top_srcdir) + -I$(top_srcdir) -Wall LOCAL_INCLUDES = $(top_srcdir)/localdecls.h @@ -21,7 +21,10 @@ libsandbox_la_LDFLAGS = \ -nodefaultlibs \ -Wl,--version-script,libsandbox.map libsandbox_la_SOURCES = \ - libsandbox.c \ + libsandbox.c \ + getcwd.c \ + canonicalize.c \ + sandbox_futils.c \ $(LOCAL_INCLUDES) sandbox_CFLAGS = -DOUTSIDE_LIBSANDBOX @@ -67,7 +70,7 @@ symbols.h: $(SYMBOLS_FILE) $(GEN_HEADER_SCRIPT) exit 1; \ fi -EXTRA_DIST = canonicalize.c $(SYMBOLS_FILE) +EXTRA_DIST = $(SYMBOLS_FILE) CLEANFILES = libsandbox.map symbols.h DISTCLEANFILES = $(CLEANFILES) diff --git a/src/canonicalize.c b/src/canonicalize.c index 9ae002f..68737d9 100644 --- a/src/canonicalize.c +++ b/src/canonicalize.c @@ -21,6 +21,7 @@ * $Header$ */ +#include #include #include #include @@ -37,6 +38,8 @@ # define __set_errno(val) errno = (val) #endif +extern char *egetcwd(char *, size_t); + /* Return the canonical absolute name of file NAME. A canonical name does not contain any `.', `..' components nor any repeated path separators ('/') or symlinks. All path components must exist. If @@ -56,7 +59,7 @@ * */ -SB_STATIC char * +char * erealpath(const char *name, char *resolved) { char *rpath, *dest; diff --git a/src/getcwd.c b/src/getcwd.c index a7f106c..b58cb20 100644 --- a/src/getcwd.c +++ b/src/getcwd.c @@ -1,198 +1,21 @@ /* These functions find the absolute path to the current working directory. */ +#include #include #include -#include +#include #include #include -#include #include -#include #include "config.h" -#include #include "localdecls.h" -/* Modified: 08 June 2005; Martin Schlemmer - * - * Cleaned up unneeded stuff. Add a wrapper to try and detect when - * we have a kernel whose getcwd system call do not handle directory - * names longer than PATH_MAX, and if so, use our generic version. - */ - #ifndef __set_errno # define __set_errno(val) errno = (val) #endif - -/* If the syscall is not present, we have to walk up the - * directory tree till we hit the root. Now we _could_ - * use /proc/self/cwd if /proc is mounted... That approach - * is left an an exercise for the reader... */ - - -/* Seems a few broken filesystems (like coda) don't like this */ -/*#undef FAST_DIR_SEARCH_POSSIBLE on Linux */ - - -/* Routine to find the step back down */ -SB_STATIC char *search_dir(dev_t this_dev, ino_t this_ino, char *path_buf, size_t path_size) -{ - DIR *dp; - struct dirent *d; - char *ptr; - size_t slen; - struct stat st; - -#ifdef FAST_DIR_SEARCH_POSSIBLE - /* The test is for ELKS lib 0.0.9, this should be fixed in the real kernel */ - size_t slow_search = (sizeof(ino_t) != sizeof(d->d_ino)); -#endif - -// if (stat(path_buf, &st) < 0) { -// goto oops; -// } -#ifdef FAST_DIR_SEARCH_POSSIBLE - if (this_dev != st.st_dev) - slow_search = 1; -#endif - - slen = strlen(path_buf); - ptr = path_buf + slen - 1; - if (*ptr != '/') { - if (slen + 2 > path_size) { - goto oops; - } - snprintf(++ptr, 2, "/"); - slen++; - } - slen++; - -#ifdef OUTSIDE_LIBSANDBOX - dp = opendir(path_buf); -#else - check_dlsym(__opendir); - dp = true___opendir(path_buf); -#endif - if (dp == 0) { - goto oops; - } - - while ((d = readdir(dp)) != 0) { -#ifdef FAST_DIR_SEARCH_POSSIBLE - if (slow_search || this_ino == d->d_ino) { -#endif - if (slen + strlen(d->d_name) > path_size) { - goto oops; - } - snprintf(ptr + 1, sizeof(d->d_name) + 1, "%s", d->d_name); - if (lstat(path_buf, &st) < 0) - continue; - if (st.st_ino == this_ino && st.st_dev == this_dev) { - closedir(dp); - return path_buf; - } -#ifdef FAST_DIR_SEARCH_POSSIBLE - } -#endif - } - - closedir(dp); - return 0; - -oops: - __set_errno(ERANGE); - return 0; -} - -/* Routine to go up tree */ -SB_STATIC char *recurser(char *path_buf, size_t path_size, dev_t root_dev, ino_t root_ino) -{ - struct stat st; - dev_t this_dev; - ino_t this_ino; - - if (lstat(path_buf, &st) < 0) { - if (errno != EFAULT) - goto oops; - return 0; - } - this_dev = st.st_dev; - this_ino = st.st_ino; - if (this_dev == root_dev && this_ino == root_ino) { - if (path_size < 2) { - goto oops; - } - snprintf(path_buf, 2, "/"); - return path_buf; - } - if (strlen(path_buf) + 4 > path_size) { - goto oops; - } - snprintf(path_buf + strlen(path_buf), 4, "/.."); - if (recurser(path_buf, path_size, root_dev, root_ino) == 0) - return 0; - - return search_dir(this_dev, this_ino, path_buf, path_size); -oops: - __set_errno(ERANGE); - return 0; -} - -SB_STATIC inline -size_t __syscall_egetcwd(char * buf, unsigned long size) -{ - size_t len; - char *cwd; - struct stat st; - size_t olderrno; - - if (lstat("/", &st) < 0) - return -1; - olderrno = errno; - len = -1; - cwd = recurser(buf, size, st.st_dev, st.st_ino); - if (cwd) { - len = strlen(buf); - __set_errno(olderrno); - } - return len; -} - -SB_STATIC char *__egetcwd(char *buf, size_t size) -{ - size_t ret; - char *path; - size_t alloc_size = size; - - if (size == 0) { - if (buf != NULL) { - __set_errno(EINVAL); - return NULL; - } - alloc_size = SB_PATH_MAX; - } - path=buf; - if (buf == NULL) { - path = malloc(alloc_size); - if (path == NULL) - return NULL; - } - snprintf(buf, 2, "."); - ret = __syscall_egetcwd(path, alloc_size); - if (ret >= 0) - { - if (buf == NULL && size == 0) - buf = realloc(path, ret); - if (buf == NULL) - buf = path; - return buf; - } - if (buf == NULL) - free (path); - return NULL; -} - -SB_STATIC char *egetcwd(char *buf, size_t size) + +char *egetcwd(char *buf, size_t size) { struct stat st; char *tmpbuf; @@ -201,32 +24,16 @@ SB_STATIC char *egetcwd(char *buf, size_t size) tmpbuf = getcwd(buf, size); if (tmpbuf) lstat(buf, &st); - else - return NULL; - if (errno) { + if ((tmpbuf) && (errno == ENOENT)) { /* If lstat() failed with eerror = ENOENT, then its - * possible that we are running on an older kernel, - * so use our generic version which *should* not fail. + * possible that we are running on an older kernel + * which had issues with returning invalid paths if + * they got too long. */ - if (errno == ENOENT) { - free(tmpbuf); + free(tmpbuf); - tmpbuf = __egetcwd(buf, size); - if (tmpbuf) - lstat(buf, &st); - else - return NULL; - - if (!errno) - return __egetcwd(buf, size); - else if (tmpbuf) - free(tmpbuf); - - return NULL; - } else { - return tmpbuf; - } + return NULL; } return tmpbuf; diff --git a/src/libsandbox.c b/src/libsandbox.c index 048c1a9..4af7406 100644 --- a/src/libsandbox.c +++ b/src/libsandbox.c @@ -79,7 +79,6 @@ #undef open #undef open64 -//#include "localdecls.h" #include "sandbox.h" /* Macros to check if a function should be executed */ @@ -129,10 +128,9 @@ static int sb_path_size_warning = 0; void __attribute__ ((constructor)) libsb_init(void); void __attribute__ ((destructor)) libsb_fini(void); -/* glibc modified realpath() functions */ -static char *erealpath(const char *, char *); -/* glibc modified getcwd() functions */ -static char *egetcwd(char *, size_t); +/* glibc modified realpath() function */ +extern char *erealpath(const char *, char *); +extern char *egetcwd(char *, size_t); static void *get_dlsym(const char *, const char *); static int canonicalize(const char *, char *); @@ -379,7 +377,7 @@ int _name(const char *path, uid_t owner, gid_t group) \ #define creat_decl(_name) \ \ extern int _name(const char *, mode_t); \ -static int (*true_ ## _name) (const char *, mode_t) = NULL; \ +/* static int (*true_ ## _name) (const char *, mode_t) = NULL; */ \ \ int _name(const char *pathname, mode_t mode) \ { \ @@ -666,7 +664,7 @@ int _name(const char *pathname) \ #define creat64_decl(_name) \ \ extern int _name(const char *, __mode_t); \ -static int (*true_ ## _name) (const char *, __mode_t) = NULL; \ +/* static int (*true_ ## _name) (const char *, __mode_t) = NULL; */ \ \ int _name(const char *pathname, __mode_t mode) \ { \ @@ -1458,8 +1456,5 @@ static int before_syscall_open_char(const char *func, const char *file, const ch } } -#include "getcwd.c" -#include "canonicalize.c" -#include "sandbox_futils.c" // vim:noexpandtab noai:cindent ai diff --git a/src/sandbox.h b/src/sandbox.h index 01303e2..aa9bc48 100644 --- a/src/sandbox.h +++ b/src/sandbox.h @@ -90,20 +90,20 @@ errno = old_errno; \ } while (0) -SB_STATIC void get_sandbox_lib(char *path); +void get_sandbox_lib(char *path); #ifdef OUTSIDE_LIBSANDBOX -SB_STATIC void get_sandbox_rc(char *path); -SB_STATIC void get_sandbox_log(char *path); -SB_STATIC void get_sandbox_debug_log(char *path); -SB_STATIC int get_tmp_dir(char *path); +void get_sandbox_rc(char *path); +void get_sandbox_log(char *path); +void get_sandbox_debug_log(char *path); +int get_tmp_dir(char *path); #endif /* OUTSIDE_LIBSANDBOX */ -SB_STATIC int exists(const char *pathname); +int exists(const char *pathname); #ifdef OUTSIDE_LIBSANDBOX -SB_STATIC int is_file(const char *pathname); -SB_STATIC int is_dir(const char *pathname, int follow_link); -SB_STATIC long file_length(int fd); +int is_file(const char *pathname); +int is_dir(const char *pathname, int follow_link); +long file_length(int fd); #endif /* OUTSIDE_LIBSANDBOX */ -#endif +#endif /* __SANDBOX_H__ */ // vim:noexpandtab noai:cindent ai diff --git a/src/sandbox_futils.c b/src/sandbox_futils.c index 1a0de04..f71f087 100644 --- a/src/sandbox_futils.c +++ b/src/sandbox_futils.c @@ -21,9 +21,9 @@ #include "config.h" /* glibc modified getcwd() functions */ -SB_STATIC char *egetcwd(char *, size_t); +char *egetcwd(char *, size_t); -SB_STATIC void get_sandbox_lib(char *path) +void get_sandbox_lib(char *path) { #ifdef SB_HAVE_MULTILIB snprintf(path, SB_PATH_MAX, "%s", LIB_NAME); @@ -37,12 +37,12 @@ SB_STATIC void get_sandbox_lib(char *path) #ifdef OUTSIDE_LIBSANDBOX -SB_STATIC void get_sandbox_rc(char *path) +void get_sandbox_rc(char *path) { snprintf(path, SB_PATH_MAX, "%s/%s", SANDBOX_BASHRC_PATH, BASHRC_NAME); } -SB_STATIC void get_sandbox_log(char *path) +void get_sandbox_log(char *path) { char *sandbox_log_env = NULL; @@ -62,7 +62,7 @@ SB_STATIC void get_sandbox_log(char *path) getpid(), LOG_FILE_EXT); } -SB_STATIC void get_sandbox_debug_log(char *path) +void get_sandbox_debug_log(char *path) { char *sandbox_debug_log_env = NULL; @@ -82,7 +82,7 @@ SB_STATIC void get_sandbox_debug_log(char *path) getpid(), LOG_FILE_EXT); } -SB_STATIC int get_tmp_dir(char *path) +int get_tmp_dir(char *path) { if (NULL == realpath(getenv(ENV_TMPDIR) ? getenv(ENV_TMPDIR) : TMPDIR, @@ -96,7 +96,7 @@ SB_STATIC int get_tmp_dir(char *path) #endif /* OUTSIDE_LIBSANDBOX */ -SB_STATIC int exists(const char *pathname) +int exists(const char *pathname) { struct stat buf; int retval; @@ -116,7 +116,7 @@ SB_STATIC int exists(const char *pathname) #ifdef OUTSIDE_LIBSANDBOX -SB_STATIC int is_file(const char *pathname) +int is_file(const char *pathname) { struct stat buf; int retval; @@ -134,7 +134,7 @@ SB_STATIC int is_file(const char *pathname) return 0; } -SB_STATIC int is_dir(const char *pathname, int follow_link) +int is_dir(const char *pathname, int follow_link) { struct stat buf; int retval; @@ -152,7 +152,7 @@ SB_STATIC int is_dir(const char *pathname, int follow_link) return 0; } -SB_STATIC long file_length(int fd) +long file_length(int fd) { long pos, len; -- cgit v1.2.3