diff options
| author |  netblue30 <netblue30@yahoo.com> | 2016-11-21 08:47:33 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2016-11-21 08:47:33 -0500 |
| commit | 10990a9da34bd360e48818608f46d9e9f544d0d9 (patch) | |
| tree | afa139ff05a260669b0787c607250e10f4a14e25 /src/lib | |
| parent | testing (diff) | |
| download | firejail-10990a9da34bd360e48818608f46d9e9f544d0d9.tar.gz firejail-10990a9da34bd360e48818608f46d9e9f544d0d9.tar.zst firejail-10990a9da34bd360e48818608f46d9e9f544d0d9.zip | |
testing
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/common.c | 19 | ||||
| -rw-r--r-- | src/lib/libnetlink.c | 46 | ||||
| -rw-r--r-- | src/lib/pid.c | 34 |
3 files changed, 29 insertions, 70 deletions
diff --git a/src/lib/common.c b/src/lib/common.c index 2f2340963..add4ff087 100644 --- a/src/lib/common.c +++ b/src/lib/common.c | |||
| @@ -39,22 +39,23 @@ int join_namespace(pid_t pid, char *type) { | |||
| 39 | errExit("asprintf"); | 39 | errExit("asprintf"); |
| 40 | 40 | ||
| 41 | int fd = open(path, O_RDONLY); | 41 | int fd = open(path, O_RDONLY); |
| 42 | if (fd < 0) { | 42 | if (fd < 0) |
| 43 | free(path); | 43 | goto errout; |
| 44 | fprintf(stderr, "Error: cannot open /proc/%u/ns/%s.\n", pid, type); | ||
| 45 | return -1; | ||
| 46 | } | ||
| 47 | 44 | ||
| 48 | if (syscall(__NR_setns, fd, 0) < 0) { | 45 | if (syscall(__NR_setns, fd, 0) < 0) { |
| 49 | free(path); | ||
| 50 | fprintf(stderr, "Error: cannot join namespace %s.\n", type); | ||
| 51 | close(fd); | 46 | close(fd); |
| 52 | return -1; | 47 | goto errout; |
| 53 | } | 48 | } |
| 54 | 49 | ||
| 55 | close(fd); | 50 | close(fd); |
| 56 | free(path); | 51 | free(path); |
| 57 | return 0; | 52 | return 0; |
| 53 | |||
| 54 | errout: | ||
| 55 | free(path); | ||
| 56 | fprintf(stderr, "Error: cannot join namespace %s\\n", type); | ||
| 57 | return -1; | ||
| 58 | |||
| 58 | } | 59 | } |
| 59 | 60 | ||
| 60 | // return 1 if error | 61 | // return 1 if error |
| @@ -187,8 +188,6 @@ char *pid_proc_cmdline(const pid_t pid) { | |||
| 187 | for (i = 0; i < len; i++) { | 188 | for (i = 0; i < len; i++) { |
| 188 | if (buffer[i] == '\0') | 189 | if (buffer[i] == '\0') |
| 189 | buffer[i] = ' '; | 190 | buffer[i] = ' '; |
| 190 | // if (buffer[i] >= 0x80) // execv in progress!!! | ||
| 191 | // return NULL; | ||
| 192 | } | 191 | } |
| 193 | 192 | ||
| 194 | // return a malloc copy of the command line | 193 | // return a malloc copy of the command line |
diff --git a/src/lib/libnetlink.c b/src/lib/libnetlink.c index 836cf417d..417ef2c5f 100644 --- a/src/lib/libnetlink.c +++ b/src/lib/libnetlink.c | |||
| @@ -105,6 +105,7 @@ int rtnl_open(struct rtnl_handle *rth, unsigned subscriptions) | |||
| 105 | return rtnl_open_byproto(rth, subscriptions, NETLINK_ROUTE); | 105 | return rtnl_open_byproto(rth, subscriptions, NETLINK_ROUTE); |
| 106 | } | 106 | } |
| 107 | 107 | ||
| 108 | #if 0 | ||
| 108 | int rtnl_wilddump_request(struct rtnl_handle *rth, int family, int type) | 109 | int rtnl_wilddump_request(struct rtnl_handle *rth, int family, int type) |
| 109 | { | 110 | { |
| 110 | return rtnl_wilddump_req_filter(rth, family, type, RTEXT_FILTER_VF); | 111 | return rtnl_wilddump_req_filter(rth, family, type, RTEXT_FILTER_VF); |
| @@ -303,6 +304,7 @@ int rtnl_dump_filter(struct rtnl_handle *rth, | |||
| 303 | 304 | ||
| 304 | return rtnl_dump_filter_l(rth, a); | 305 | return rtnl_dump_filter_l(rth, a); |
| 305 | } | 306 | } |
| 307 | #endif | ||
| 306 | 308 | ||
| 307 | int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer, | 309 | int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer, |
| 308 | unsigned groups, struct nlmsghdr *answer) | 310 | unsigned groups, struct nlmsghdr *answer) |
| @@ -422,6 +424,7 @@ int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer, | |||
| 422 | } | 424 | } |
| 423 | } | 425 | } |
| 424 | 426 | ||
| 427 | #if 0 | ||
| 425 | int rtnl_listen(struct rtnl_handle *rtnl, | 428 | int rtnl_listen(struct rtnl_handle *rtnl, |
| 426 | rtnl_filter_t handler, | 429 | rtnl_filter_t handler, |
| 427 | void *jarg) | 430 | void *jarg) |
| @@ -580,7 +583,7 @@ int addattrstrz(struct nlmsghdr *n, int maxlen, int type, const char *str) | |||
| 580 | { | 583 | { |
| 581 | return addattr_l(n, maxlen, type, str, strlen(str)+1); | 584 | return addattr_l(n, maxlen, type, str, strlen(str)+1); |
| 582 | } | 585 | } |
| 583 | 586 | #endif | |
| 584 | 587 | ||
| 585 | 588 | ||
| 586 | int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data, | 589 | int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data, |
| @@ -632,46 +635,8 @@ printf("\tdata length: %d\n", alen); | |||
| 632 | return 0; | 635 | return 0; |
| 633 | } | 636 | } |
| 634 | 637 | ||
| 635 | #if 0 | ||
| 636 | int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data, | ||
| 637 | int alen) | ||
| 638 | { | ||
| 639 | printf("%s: adding type %d, length %d ", __FUNCTION__, type, alen); | ||
| 640 | if (type == IFLA_INFO_KIND) { | ||
| 641 | if (alen) | ||
| 642 | printf("(IFLA_INFO_KIND %s)\n", (char *)data); | ||
| 643 | else | ||
| 644 | printf("(VETH_INFO_PEER)\n"); | ||
| 645 | } | ||
| 646 | else if (type == IFLA_IFNAME) { | ||
| 647 | printf("(IFLA_IFNAME %s)\n", (char *) data); | ||
| 648 | } | ||
| 649 | else if (type == IFLA_NET_NS_PID) { | ||
| 650 | printf("(IFLA_NET_NS_PID %u)\n", *((unsigned *) data)); | ||
| 651 | } | ||
| 652 | else if (type == IFLA_LINKINFO) | ||
| 653 | printf("(IFLA_LINKINFO)\n"); | ||
| 654 | else if (type == IFLA_INFO_DATA) | ||
| 655 | printf("(IFLA_INFO_DATA)\n"); | ||
| 656 | else | ||
| 657 | printf("\n"); | ||
| 658 | |||
| 659 | int len = RTA_LENGTH(alen); | ||
| 660 | struct rtattr *rta; | ||
| 661 | |||
| 662 | if (NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len) > maxlen) { | ||
| 663 | fprintf(stderr, "addattr_l ERROR: message exceeded bound of %d\n",maxlen); | ||
| 664 | return -1; | ||
| 665 | } | ||
| 666 | rta = NLMSG_TAIL(n); | ||
| 667 | rta->rta_type = type; | ||
| 668 | rta->rta_len = len; | ||
| 669 | memcpy(RTA_DATA(rta), data, alen); | ||
| 670 | n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len); | ||
| 671 | return 0; | ||
| 672 | } | ||
| 673 | #endif | ||
| 674 | 638 | ||
| 639 | #if 0 | ||
| 675 | int addraw_l(struct nlmsghdr *n, int maxlen, const void *data, int len) | 640 | int addraw_l(struct nlmsghdr *n, int maxlen, const void *data, int len) |
| 676 | { | 641 | { |
| 677 | if ((int)(NLMSG_ALIGN(n->nlmsg_len) + NLMSG_ALIGN(len)) > maxlen) { | 642 | if ((int)(NLMSG_ALIGN(n->nlmsg_len) + NLMSG_ALIGN(len)) > maxlen) { |
| @@ -802,3 +767,4 @@ int __parse_rtattr_nested_compat(struct rtattr *tb[], int max, struct rtattr *rt | |||
| 802 | memset(tb, 0, sizeof(struct rtattr *) * (max + 1)); | 767 | memset(tb, 0, sizeof(struct rtattr *) * (max + 1)); |
| 803 | return 0; | 768 | return 0; |
| 804 | } | 769 | } |
| 770 | #endif | ||
diff --git a/src/lib/pid.c b/src/lib/pid.c index ed583c51d..42687274e 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c | |||
| @@ -34,10 +34,9 @@ int max_pids=32769; | |||
| 34 | void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared) { | 34 | void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared) { |
| 35 | // open stat file | 35 | // open stat file |
| 36 | char *file; | 36 | char *file; |
| 37 | if (asprintf(&file, "/proc/%u/statm", pid) == -1) { | 37 | if (asprintf(&file, "/proc/%u/statm", pid) == -1) |
| 38 | perror("asprintf"); | 38 | errExit("asprintf"); |
| 39 | exit(1); | 39 | |
| 40 | } | ||
| 41 | FILE *fp = fopen(file, "r"); | 40 | FILE *fp = fopen(file, "r"); |
| 42 | if (!fp) { | 41 | if (!fp) { |
| 43 | free(file); | 42 | free(file); |
| @@ -59,10 +58,9 @@ void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared) { | |||
| 59 | void pid_get_cpu_time(unsigned pid, unsigned *utime, unsigned *stime) { | 58 | void pid_get_cpu_time(unsigned pid, unsigned *utime, unsigned *stime) { |
| 60 | // open stat file | 59 | // open stat file |
| 61 | char *file; | 60 | char *file; |
| 62 | if (asprintf(&file, "/proc/%u/stat", pid) == -1) { | 61 | if (asprintf(&file, "/proc/%u/stat", pid) == -1) |
| 63 | perror("asprintf"); | 62 | errExit("asprintf"); |
| 64 | exit(1); | 63 | |
| 65 | } | ||
| 66 | FILE *fp = fopen(file, "r"); | 64 | FILE *fp = fopen(file, "r"); |
| 67 | if (!fp) { | 65 | if (!fp) { |
| 68 | free(file); | 66 | free(file); |
| @@ -93,10 +91,9 @@ myexit: | |||
| 93 | unsigned long long pid_get_start_time(unsigned pid) { | 91 | unsigned long long pid_get_start_time(unsigned pid) { |
| 94 | // open stat file | 92 | // open stat file |
| 95 | char *file; | 93 | char *file; |
| 96 | if (asprintf(&file, "/proc/%u/stat", pid) == -1) { | 94 | if (asprintf(&file, "/proc/%u/stat", pid) == -1) |
| 97 | perror("asprintf"); | 95 | errExit("asprintf"); |
| 98 | exit(1); | 96 | |
| 99 | } | ||
| 100 | FILE *fp = fopen(file, "r"); | 97 | FILE *fp = fopen(file, "r"); |
| 101 | if (!fp) { | 98 | if (!fp) { |
| 102 | free(file); | 99 | free(file); |
| @@ -138,10 +135,8 @@ uid_t pid_get_uid(pid_t pid) { | |||
| 138 | 135 | ||
| 139 | // open status file | 136 | // open status file |
| 140 | char *file; | 137 | char *file; |
| 141 | if (asprintf(&file, "/proc/%u/status", pid) == -1) { | 138 | if (asprintf(&file, "/proc/%u/status", pid) == -1) |
| 142 | perror("asprintf"); | 139 | errExit("asprintf"); |
| 143 | exit(1); | ||
| 144 | } | ||
| 145 | 140 | ||
| 146 | FILE *fp = fopen(file, "r"); | 141 | FILE *fp = fopen(file, "r"); |
| 147 | if (!fp) { | 142 | if (!fp) { |
| @@ -316,10 +311,9 @@ void pid_read(pid_t mon_pid) { | |||
| 316 | 311 | ||
| 317 | // open stat file | 312 | // open stat file |
| 318 | char *file; | 313 | char *file; |
| 319 | if (asprintf(&file, "/proc/%u/status", pid) == -1) { | 314 | if (asprintf(&file, "/proc/%u/status", pid) == -1) |
| 320 | perror("asprintf"); | 315 | errExit("asprintf"); |
| 321 | exit(1); | 316 | |
| 322 | } | ||
| 323 | FILE *fp = fopen(file, "r"); | 317 | FILE *fp = fopen(file, "r"); |
| 324 | if (!fp) { | 318 | if (!fp) { |
| 325 | free(file); | 319 | free(file); |