diff options
author | netblue30 <netblue30@yahoo.com> | 2016-11-21 08:47:33 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-11-21 08:47:33 -0500 |
commit | 10990a9da34bd360e48818608f46d9e9f544d0d9 (patch) | |
tree | afa139ff05a260669b0787c607250e10f4a14e25 /src | |
parent | testing (diff) | |
download | firejail-10990a9da34bd360e48818608f46d9e9f544d0d9.tar.gz firejail-10990a9da34bd360e48818608f46d9e9f544d0d9.tar.zst firejail-10990a9da34bd360e48818608f46d9e9f544d0d9.zip |
testing
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/common.c | 19 | ||||
-rw-r--r-- | src/lib/libnetlink.c | 46 | ||||
-rw-r--r-- | src/lib/pid.c | 34 |
3 files changed, 29 insertions, 70 deletions
diff --git a/src/lib/common.c b/src/lib/common.c index 2f2340963..add4ff087 100644 --- a/src/lib/common.c +++ b/src/lib/common.c | |||
@@ -39,22 +39,23 @@ int join_namespace(pid_t pid, char *type) { | |||
39 | errExit("asprintf"); | 39 | errExit("asprintf"); |
40 | 40 | ||
41 | int fd = open(path, O_RDONLY); | 41 | int fd = open(path, O_RDONLY); |
42 | if (fd < 0) { | 42 | if (fd < 0) |
43 | free(path); | 43 | goto errout; |
44 | fprintf(stderr, "Error: cannot open /proc/%u/ns/%s.\n", pid, type); | ||
45 | return -1; | ||
46 | } | ||
47 | 44 | ||
48 | if (syscall(__NR_setns, fd, 0) < 0) { | 45 | if (syscall(__NR_setns, fd, 0) < 0) { |
49 | free(path); | ||
50 | fprintf(stderr, "Error: cannot join namespace %s.\n", type); | ||
51 | close(fd); | 46 | close(fd); |
52 | return -1; | 47 | goto errout; |
53 | } | 48 | } |
54 | 49 | ||
55 | close(fd); | 50 | close(fd); |
56 | free(path); | 51 | free(path); |
57 | return 0; | 52 | return 0; |
53 | |||
54 | errout: | ||
55 | free(path); | ||
56 | fprintf(stderr, "Error: cannot join namespace %s\\n", type); | ||
57 | return -1; | ||
58 | |||
58 | } | 59 | } |
59 | 60 | ||
60 | // return 1 if error | 61 | // return 1 if error |
@@ -187,8 +188,6 @@ char *pid_proc_cmdline(const pid_t pid) { | |||
187 | for (i = 0; i < len; i++) { | 188 | for (i = 0; i < len; i++) { |
188 | if (buffer[i] == '\0') | 189 | if (buffer[i] == '\0') |
189 | buffer[i] = ' '; | 190 | buffer[i] = ' '; |
190 | // if (buffer[i] >= 0x80) // execv in progress!!! | ||
191 | // return NULL; | ||
192 | } | 191 | } |
193 | 192 | ||
194 | // return a malloc copy of the command line | 193 | // return a malloc copy of the command line |
diff --git a/src/lib/libnetlink.c b/src/lib/libnetlink.c index 836cf417d..417ef2c5f 100644 --- a/src/lib/libnetlink.c +++ b/src/lib/libnetlink.c | |||
@@ -105,6 +105,7 @@ int rtnl_open(struct rtnl_handle *rth, unsigned subscriptions) | |||
105 | return rtnl_open_byproto(rth, subscriptions, NETLINK_ROUTE); | 105 | return rtnl_open_byproto(rth, subscriptions, NETLINK_ROUTE); |
106 | } | 106 | } |
107 | 107 | ||
108 | #if 0 | ||
108 | int rtnl_wilddump_request(struct rtnl_handle *rth, int family, int type) | 109 | int rtnl_wilddump_request(struct rtnl_handle *rth, int family, int type) |
109 | { | 110 | { |
110 | return rtnl_wilddump_req_filter(rth, family, type, RTEXT_FILTER_VF); | 111 | return rtnl_wilddump_req_filter(rth, family, type, RTEXT_FILTER_VF); |
@@ -303,6 +304,7 @@ int rtnl_dump_filter(struct rtnl_handle *rth, | |||
303 | 304 | ||
304 | return rtnl_dump_filter_l(rth, a); | 305 | return rtnl_dump_filter_l(rth, a); |
305 | } | 306 | } |
307 | #endif | ||
306 | 308 | ||
307 | int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer, | 309 | int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer, |
308 | unsigned groups, struct nlmsghdr *answer) | 310 | unsigned groups, struct nlmsghdr *answer) |
@@ -422,6 +424,7 @@ int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer, | |||
422 | } | 424 | } |
423 | } | 425 | } |
424 | 426 | ||
427 | #if 0 | ||
425 | int rtnl_listen(struct rtnl_handle *rtnl, | 428 | int rtnl_listen(struct rtnl_handle *rtnl, |
426 | rtnl_filter_t handler, | 429 | rtnl_filter_t handler, |
427 | void *jarg) | 430 | void *jarg) |
@@ -580,7 +583,7 @@ int addattrstrz(struct nlmsghdr *n, int maxlen, int type, const char *str) | |||
580 | { | 583 | { |
581 | return addattr_l(n, maxlen, type, str, strlen(str)+1); | 584 | return addattr_l(n, maxlen, type, str, strlen(str)+1); |
582 | } | 585 | } |
583 | 586 | #endif | |
584 | 587 | ||
585 | 588 | ||
586 | int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data, | 589 | int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data, |
@@ -632,46 +635,8 @@ printf("\tdata length: %d\n", alen); | |||
632 | return 0; | 635 | return 0; |
633 | } | 636 | } |
634 | 637 | ||
635 | #if 0 | ||
636 | int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data, | ||
637 | int alen) | ||
638 | { | ||
639 | printf("%s: adding type %d, length %d ", __FUNCTION__, type, alen); | ||
640 | if (type == IFLA_INFO_KIND) { | ||
641 | if (alen) | ||
642 | printf("(IFLA_INFO_KIND %s)\n", (char *)data); | ||
643 | else | ||
644 | printf("(VETH_INFO_PEER)\n"); | ||
645 | } | ||
646 | else if (type == IFLA_IFNAME) { | ||
647 | printf("(IFLA_IFNAME %s)\n", (char *) data); | ||
648 | } | ||
649 | else if (type == IFLA_NET_NS_PID) { | ||
650 | printf("(IFLA_NET_NS_PID %u)\n", *((unsigned *) data)); | ||
651 | } | ||
652 | else if (type == IFLA_LINKINFO) | ||
653 | printf("(IFLA_LINKINFO)\n"); | ||
654 | else if (type == IFLA_INFO_DATA) | ||
655 | printf("(IFLA_INFO_DATA)\n"); | ||
656 | else | ||
657 | printf("\n"); | ||
658 | |||
659 | int len = RTA_LENGTH(alen); | ||
660 | struct rtattr *rta; | ||
661 | |||
662 | if (NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len) > maxlen) { | ||
663 | fprintf(stderr, "addattr_l ERROR: message exceeded bound of %d\n",maxlen); | ||
664 | return -1; | ||
665 | } | ||
666 | rta = NLMSG_TAIL(n); | ||
667 | rta->rta_type = type; | ||
668 | rta->rta_len = len; | ||
669 | memcpy(RTA_DATA(rta), data, alen); | ||
670 | n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len); | ||
671 | return 0; | ||
672 | } | ||
673 | #endif | ||
674 | 638 | ||
639 | #if 0 | ||
675 | int addraw_l(struct nlmsghdr *n, int maxlen, const void *data, int len) | 640 | int addraw_l(struct nlmsghdr *n, int maxlen, const void *data, int len) |
676 | { | 641 | { |
677 | if ((int)(NLMSG_ALIGN(n->nlmsg_len) + NLMSG_ALIGN(len)) > maxlen) { | 642 | if ((int)(NLMSG_ALIGN(n->nlmsg_len) + NLMSG_ALIGN(len)) > maxlen) { |
@@ -802,3 +767,4 @@ int __parse_rtattr_nested_compat(struct rtattr *tb[], int max, struct rtattr *rt | |||
802 | memset(tb, 0, sizeof(struct rtattr *) * (max + 1)); | 767 | memset(tb, 0, sizeof(struct rtattr *) * (max + 1)); |
803 | return 0; | 768 | return 0; |
804 | } | 769 | } |
770 | #endif | ||
diff --git a/src/lib/pid.c b/src/lib/pid.c index ed583c51d..42687274e 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c | |||
@@ -34,10 +34,9 @@ int max_pids=32769; | |||
34 | void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared) { | 34 | void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared) { |
35 | // open stat file | 35 | // open stat file |
36 | char *file; | 36 | char *file; |
37 | if (asprintf(&file, "/proc/%u/statm", pid) == -1) { | 37 | if (asprintf(&file, "/proc/%u/statm", pid) == -1) |
38 | perror("asprintf"); | 38 | errExit("asprintf"); |
39 | exit(1); | 39 | |
40 | } | ||
41 | FILE *fp = fopen(file, "r"); | 40 | FILE *fp = fopen(file, "r"); |
42 | if (!fp) { | 41 | if (!fp) { |
43 | free(file); | 42 | free(file); |
@@ -59,10 +58,9 @@ void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared) { | |||
59 | void pid_get_cpu_time(unsigned pid, unsigned *utime, unsigned *stime) { | 58 | void pid_get_cpu_time(unsigned pid, unsigned *utime, unsigned *stime) { |
60 | // open stat file | 59 | // open stat file |
61 | char *file; | 60 | char *file; |
62 | if (asprintf(&file, "/proc/%u/stat", pid) == -1) { | 61 | if (asprintf(&file, "/proc/%u/stat", pid) == -1) |
63 | perror("asprintf"); | 62 | errExit("asprintf"); |
64 | exit(1); | 63 | |
65 | } | ||
66 | FILE *fp = fopen(file, "r"); | 64 | FILE *fp = fopen(file, "r"); |
67 | if (!fp) { | 65 | if (!fp) { |
68 | free(file); | 66 | free(file); |
@@ -93,10 +91,9 @@ myexit: | |||
93 | unsigned long long pid_get_start_time(unsigned pid) { | 91 | unsigned long long pid_get_start_time(unsigned pid) { |
94 | // open stat file | 92 | // open stat file |
95 | char *file; | 93 | char *file; |
96 | if (asprintf(&file, "/proc/%u/stat", pid) == -1) { | 94 | if (asprintf(&file, "/proc/%u/stat", pid) == -1) |
97 | perror("asprintf"); | 95 | errExit("asprintf"); |
98 | exit(1); | 96 | |
99 | } | ||
100 | FILE *fp = fopen(file, "r"); | 97 | FILE *fp = fopen(file, "r"); |
101 | if (!fp) { | 98 | if (!fp) { |
102 | free(file); | 99 | free(file); |
@@ -138,10 +135,8 @@ uid_t pid_get_uid(pid_t pid) { | |||
138 | 135 | ||
139 | // open status file | 136 | // open status file |
140 | char *file; | 137 | char *file; |
141 | if (asprintf(&file, "/proc/%u/status", pid) == -1) { | 138 | if (asprintf(&file, "/proc/%u/status", pid) == -1) |
142 | perror("asprintf"); | 139 | errExit("asprintf"); |
143 | exit(1); | ||
144 | } | ||
145 | 140 | ||
146 | FILE *fp = fopen(file, "r"); | 141 | FILE *fp = fopen(file, "r"); |
147 | if (!fp) { | 142 | if (!fp) { |
@@ -316,10 +311,9 @@ void pid_read(pid_t mon_pid) { | |||
316 | 311 | ||
317 | // open stat file | 312 | // open stat file |
318 | char *file; | 313 | char *file; |
319 | if (asprintf(&file, "/proc/%u/status", pid) == -1) { | 314 | if (asprintf(&file, "/proc/%u/status", pid) == -1) |
320 | perror("asprintf"); | 315 | errExit("asprintf"); |
321 | exit(1); | 316 | |
322 | } | ||
323 | FILE *fp = fopen(file, "r"); | 317 | FILE *fp = fopen(file, "r"); |
324 | if (!fp) { | 318 | if (!fp) { |
325 | free(file); | 319 | free(file); |