diff options
| author |  netblue30 <netblue30@yahoo.com> | 2018-04-15 11:20:31 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2018-04-15 11:20:31 -0400 |
| commit | 437b499928b8910b130076893899ae9b3fd0613b (patch) | |
| tree | 4c352453b626ccffded5e683e37f45a9b0c27d53 /src/firecfg | |
| parent | Merge pull request #1886 from smitsohu/java (diff) | |
| download | firejail-437b499928b8910b130076893899ae9b3fd0613b.tar.gz firejail-437b499928b8910b130076893899ae9b3fd0613b.tar.zst firejail-437b499928b8910b130076893899ae9b3fd0613b.zip | |
fixing firecfg crash
Diffstat (limited to 'src/firecfg')
| -rw-r--r-- | src/firecfg/desktop_files.c | 39 |
1 files changed, 22 insertions, 17 deletions
diff --git a/src/firecfg/desktop_files.c b/src/firecfg/desktop_files.c index 49e58528c..eb3794d3f 100644 --- a/src/firecfg/desktop_files.c +++ b/src/firecfg/desktop_files.c | |||
| @@ -163,8 +163,6 @@ void fix_desktop_files(char *homedir) { | |||
| 163 | // skip links | 163 | // skip links |
| 164 | if (is_link(filename)) | 164 | if (is_link(filename)) |
| 165 | continue; | 165 | continue; |
| 166 | if (stat(filename, &sb) == -1) | ||
| 167 | errExit("stat"); | ||
| 168 | 166 | ||
| 169 | // no profile in /etc/firejail, no desktop file fixing | 167 | // no profile in /etc/firejail, no desktop file fixing |
| 170 | if (!have_profile(filename, homedir)) | 168 | if (!have_profile(filename, homedir)) |
| @@ -173,23 +171,33 @@ void fix_desktop_files(char *homedir) { | |||
| 173 | //**************************************************** | 171 | //**************************************************** |
| 174 | // load the file in memory and do some basic checking | 172 | // load the file in memory and do some basic checking |
| 175 | //**************************************************** | 173 | //**************************************************** |
| 176 | /* coverity[toctou] */ | 174 | FILE *fp = fopen(filename, "r"); |
| 177 | int fd = open(filename, O_RDONLY); | 175 | if (!fp) { |
| 178 | if (fd == -1) { | ||
| 179 | fprintf(stderr, "Warning: cannot open /usr/share/applications/%s\n", filename); | 176 | fprintf(stderr, "Warning: cannot open /usr/share/applications/%s\n", filename); |
| 180 | continue; | 177 | continue; |
| 181 | } | 178 | } |
| 182 | 179 | ||
| 183 | char *buf = mmap(NULL, sb.st_size + 1, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); | 180 | fseek(fp, 0, SEEK_END); |
| 184 | if (buf == MAP_FAILED) | 181 | size_t size = ftell(fp); |
| 185 | errExit("mmap"); | 182 | fseek(fp, 0, SEEK_SET); |
| 186 | close(fd); | 183 | char *buf = malloc(size + 1); |
| 184 | if (!buf) | ||
| 185 | errExit("malloc"); | ||
| 186 | |||
| 187 | size_t loaded = fread(buf, size, 1, fp); | ||
| 188 | fclose(fp); | ||
| 189 | if (loaded != 1) { | ||
| 190 | fprintf(stderr, "Warning: cannot read /usr/share/applications/%s\n", filename); | ||
| 191 | free(buf); | ||
| 192 | continue; | ||
| 193 | } | ||
| 194 | buf[size] = '\0'; | ||
| 187 | 195 | ||
| 188 | // check format | 196 | // check format |
| 189 | if (strstr(buf, "[Desktop Entry]\n") == NULL) { | 197 | if (strstr(buf, "[Desktop Entry]\n") == NULL) { |
| 190 | if (arg_debug) | 198 | if (arg_debug) |
| 191 | printf(" %s - skipped: wrong format?\n", filename); | 199 | printf(" %s - skipped: wrong format?\n", filename); |
| 192 | munmap(buf, sb.st_size + 1); | 200 | free(buf); |
| 193 | continue; | 201 | continue; |
| 194 | } | 202 | } |
| 195 | 203 | ||
| @@ -198,7 +206,7 @@ void fix_desktop_files(char *homedir) { | |||
| 198 | if (!ptr || strlen(ptr) < 7) { | 206 | if (!ptr || strlen(ptr) < 7) { |
| 199 | if (arg_debug) | 207 | if (arg_debug) |
| 200 | printf(" %s - skipped: wrong format?\n", filename); | 208 | printf(" %s - skipped: wrong format?\n", filename); |
| 201 | munmap(buf, sb.st_size + 1); | 209 | free(buf); |
| 202 | continue; | 210 | continue; |
| 203 | } | 211 | } |
| 204 | 212 | ||
| @@ -207,7 +215,7 @@ void fix_desktop_files(char *homedir) { | |||
| 207 | if (execname[0] == '"') { | 215 | if (execname[0] == '"') { |
| 208 | if (arg_debug) | 216 | if (arg_debug) |
| 209 | printf(" %s - skipped: path quoting unsupported\n", filename); | 217 | printf(" %s - skipped: path quoting unsupported\n", filename); |
| 210 | munmap(buf, sb.st_size + 1); | 218 | free(buf); |
| 211 | continue; | 219 | continue; |
| 212 | } | 220 | } |
| 213 | 221 | ||
| @@ -241,12 +249,9 @@ void fix_desktop_files(char *homedir) { | |||
| 241 | } | 249 | } |
| 242 | } | 250 | } |
| 243 | 251 | ||
| 244 | if (change_exec == NULL && change_dbus == 0) { | 252 | free(buf); |
| 245 | munmap(buf, sb.st_size + 1); | 253 | if (change_exec == NULL && change_dbus == 0) |
| 246 | continue; | 254 | continue; |
| 247 | } | ||
| 248 | |||
| 249 | munmap(buf, sb.st_size + 1); | ||
| 250 | 255 | ||
| 251 | //**************************************************** | 256 | //**************************************************** |
| 252 | // generate output file | 257 | // generate output file |