diff options
| -rw-r--r-- | src/firejail/firejail.h | 1 | ||||
| -rw-r--r-- | src/firejail/main.c | 14 | ||||
| -rw-r--r-- | src/firejail/profile.c | 14 | ||||
| -rw-r--r-- | src/firejail/util.c | 41 | ||||
| -rw-r--r-- | src/man/firejail.txt | 2 | ||||
| -rwxr-xr-x | test/environment/rlimit-bad-profile.exp | 2 | ||||
| -rwxr-xr-x | test/environment/rlimit-bad.exp | 2 |
7 files changed, 66 insertions, 10 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 622be4d97..c84965074 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
| @@ -498,6 +498,7 @@ int macro_id(const char *name); | |||
| 498 | void errLogExit(char* fmt, ...) __attribute__((noreturn)); | 498 | void errLogExit(char* fmt, ...) __attribute__((noreturn)); |
| 499 | void fwarning(char* fmt, ...); | 499 | void fwarning(char* fmt, ...); |
| 500 | void fmessage(char* fmt, ...); | 500 | void fmessage(char* fmt, ...); |
| 501 | long long unsigned parse_arg_size(char *str); | ||
| 501 | void drop_privs(int nogroups); | 502 | void drop_privs(int nogroups); |
| 502 | int mkpath_as_root(const char* path); | 503 | int mkpath_as_root(const char* path); |
| 503 | void extract_command_name(int index, char **argv); | 504 | void extract_command_name(int index, char **argv); |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 02366a08c..b376095f1 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -1496,8 +1496,11 @@ int main(int argc, char **argv, char **envp) { | |||
| 1496 | arg_rlimit_nproc = 1; | 1496 | arg_rlimit_nproc = 1; |
| 1497 | } | 1497 | } |
| 1498 | else if (strncmp(argv[i], "--rlimit-fsize=", 15) == 0) { | 1498 | else if (strncmp(argv[i], "--rlimit-fsize=", 15) == 0) { |
| 1499 | check_unsigned(argv[i] + 15, "Error: invalid rlimit"); | 1499 | cfg.rlimit_fsize = parse_arg_size(argv[i] + 15); |
| 1500 | sscanf(argv[i] + 15, "%llu", &cfg.rlimit_fsize); | 1500 | if (cfg.rlimit_fsize == 0) { |
| 1501 | perror("Error: invalid rlimit-fsize. Only use positive numbers and k, m or g suffix."); | ||
| 1502 | exit(1); | ||
| 1503 | } | ||
| 1501 | arg_rlimit_fsize = 1; | 1504 | arg_rlimit_fsize = 1; |
| 1502 | } | 1505 | } |
| 1503 | else if (strncmp(argv[i], "--rlimit-sigpending=", 20) == 0) { | 1506 | else if (strncmp(argv[i], "--rlimit-sigpending=", 20) == 0) { |
| @@ -1506,8 +1509,11 @@ int main(int argc, char **argv, char **envp) { | |||
| 1506 | arg_rlimit_sigpending = 1; | 1509 | arg_rlimit_sigpending = 1; |
| 1507 | } | 1510 | } |
| 1508 | else if (strncmp(argv[i], "--rlimit-as=", 12) == 0) { | 1511 | else if (strncmp(argv[i], "--rlimit-as=", 12) == 0) { |
| 1509 | check_unsigned(argv[i] + 12, "Error: invalid rlimit"); | 1512 | cfg.rlimit_as = parse_arg_size(argv[i] + 12); |
| 1510 | sscanf(argv[i] + 12, "%llu", &cfg.rlimit_as); | 1513 | if (cfg.rlimit_as == 0) { |
| 1514 | perror("Error: invalid rlimit-as. Only use positive numbers and k, m or g suffix."); | ||
| 1515 | exit(1); | ||
| 1516 | } | ||
| 1511 | arg_rlimit_as = 1; | 1517 | arg_rlimit_as = 1; |
| 1512 | } | 1518 | } |
| 1513 | else if (strncmp(argv[i], "--ipc-namespace", 15) == 0) | 1519 | else if (strncmp(argv[i], "--ipc-namespace", 15) == 0) |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 807a77bd7..5b1478918 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
| @@ -1510,8 +1510,11 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
| 1510 | arg_rlimit_nproc = 1; | 1510 | arg_rlimit_nproc = 1; |
| 1511 | } | 1511 | } |
| 1512 | else if (strncmp(ptr, "rlimit-fsize ", 13) == 0) { | 1512 | else if (strncmp(ptr, "rlimit-fsize ", 13) == 0) { |
| 1513 | check_unsigned(ptr + 13, "Error: invalid rlimit in profile file: "); | 1513 | cfg.rlimit_fsize = parse_arg_size(ptr + 13); |
| 1514 | sscanf(ptr + 13, "%llu", &cfg.rlimit_fsize); | 1514 | if (cfg.rlimit_fsize == 0) { |
| 1515 | perror("Error: invalid rlimit-fsize in profile file. Only use positive numbers and k, m or g suffix."); | ||
| 1516 | exit(1); | ||
| 1517 | } | ||
| 1515 | arg_rlimit_fsize = 1; | 1518 | arg_rlimit_fsize = 1; |
| 1516 | } | 1519 | } |
| 1517 | else if (strncmp(ptr, "rlimit-sigpending ", 18) == 0) { | 1520 | else if (strncmp(ptr, "rlimit-sigpending ", 18) == 0) { |
| @@ -1520,8 +1523,11 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
| 1520 | arg_rlimit_sigpending = 1; | 1523 | arg_rlimit_sigpending = 1; |
| 1521 | } | 1524 | } |
| 1522 | else if (strncmp(ptr, "rlimit-as ", 10) == 0) { | 1525 | else if (strncmp(ptr, "rlimit-as ", 10) == 0) { |
| 1523 | check_unsigned(ptr + 10, "Error: invalid rlimit in profile file: "); | 1526 | cfg.rlimit_as = parse_arg_size(ptr + 10); |
| 1524 | sscanf(ptr + 10, "%llu", &cfg.rlimit_as); | 1527 | if (cfg.rlimit_as == 0) { |
| 1528 | perror("Error: invalid rlimit-as in profile file. Only use positive numbers and k, m or g suffix."); | ||
| 1529 | exit(1); | ||
| 1530 | } | ||
| 1525 | arg_rlimit_as = 1; | 1531 | arg_rlimit_as = 1; |
| 1526 | } | 1532 | } |
| 1527 | else { | 1533 | else { |
diff --git a/src/firejail/util.c b/src/firejail/util.c index 47c367aad..68b76b8e8 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
| @@ -31,6 +31,9 @@ | |||
| 31 | #include <sys/wait.h> | 31 | #include <sys/wait.h> |
| 32 | #include <limits.h> | 32 | #include <limits.h> |
| 33 | 33 | ||
| 34 | #include <string.h> | ||
| 35 | #include <ctype.h> | ||
| 36 | |||
| 34 | #include <fcntl.h> | 37 | #include <fcntl.h> |
| 35 | #ifndef O_PATH | 38 | #ifndef O_PATH |
| 36 | #define O_PATH 010000000 | 39 | #define O_PATH 010000000 |
| @@ -50,6 +53,44 @@ | |||
| 50 | #define EMPTY_STRING ("") | 53 | #define EMPTY_STRING ("") |
| 51 | 54 | ||
| 52 | 55 | ||
| 56 | long long unsigned parse_arg_size(char *str) { | ||
| 57 | long long unsigned result = 0; | ||
| 58 | int len = strlen(str); | ||
| 59 | sscanf(str, "%llu", &result); | ||
| 60 | |||
| 61 | char suffix = *(str + len - 1); | ||
| 62 | if (!isdigit(suffix) && (suffix == 'k' || suffix == 'm' || suffix == 'g')) { | ||
| 63 | len -= 1; | ||
| 64 | } | ||
| 65 | |||
| 66 | /* checks for is value valid positive number */ | ||
| 67 | for (int i = 0; i < len; i++) { | ||
| 68 | if (!isdigit(*(str+i))) { | ||
| 69 | return 0; | ||
| 70 | } | ||
| 71 | } | ||
| 72 | |||
| 73 | if (isdigit(suffix)) | ||
| 74 | return result; | ||
| 75 | |||
| 76 | switch (suffix) { | ||
| 77 | case 'k': | ||
| 78 | result *= 1024; | ||
| 79 | break; | ||
| 80 | case 'm': | ||
| 81 | result *= 1024 * 1024; | ||
| 82 | break; | ||
| 83 | case 'g': | ||
| 84 | result *= 1024 * 1024 * 1024; | ||
| 85 | break; | ||
| 86 | default: | ||
| 87 | result = 0; | ||
| 88 | break; | ||
| 89 | } | ||
| 90 | |||
| 91 | return result; | ||
| 92 | } | ||
| 93 | |||
| 53 | // send the error to /var/log/auth.log and exit after a small delay | 94 | // send the error to /var/log/auth.log and exit after a small delay |
| 54 | void errLogExit(char* fmt, ...) { | 95 | void errLogExit(char* fmt, ...) { |
| 55 | va_list args; | 96 | va_list args; |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 4a2e520c5..d18811316 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
| @@ -2129,6 +2129,7 @@ $ firejail --read-only=~/test --read-write=~/test/a | |||
| 2129 | .TP | 2129 | .TP |
| 2130 | \fB\-\-rlimit-as=number | 2130 | \fB\-\-rlimit-as=number |
| 2131 | Set the maximum size of the process's virtual memory (address space) in bytes. | 2131 | Set the maximum size of the process's virtual memory (address space) in bytes. |
| 2132 | Use k(ilobyte), m(egabyte) or g(igabyte) for size suffix (base 1024). | ||
| 2132 | 2133 | ||
| 2133 | .TP | 2134 | .TP |
| 2134 | \fB\-\-rlimit-cpu=number | 2135 | \fB\-\-rlimit-cpu=number |
| @@ -2142,6 +2143,7 @@ track of CPU seconds for each process independently. | |||
| 2142 | .TP | 2143 | .TP |
| 2143 | \fB\-\-rlimit-fsize=number | 2144 | \fB\-\-rlimit-fsize=number |
| 2144 | Set the maximum file size that can be created by a process. | 2145 | Set the maximum file size that can be created by a process. |
| 2146 | Use k(ilobyte), m(egabyte) or g(igabyte) for size suffix (base 1024). | ||
| 2145 | .TP | 2147 | .TP |
| 2146 | \fB\-\-rlimit-nofile=number | 2148 | \fB\-\-rlimit-nofile=number |
| 2147 | Set the maximum number of files that can be opened by a process. | 2149 | Set the maximum number of files that can be opened by a process. |
diff --git a/test/environment/rlimit-bad-profile.exp b/test/environment/rlimit-bad-profile.exp index b838f83f4..b1572afb6 100755 --- a/test/environment/rlimit-bad-profile.exp +++ b/test/environment/rlimit-bad-profile.exp | |||
| @@ -11,7 +11,7 @@ match_max 100000 | |||
| 11 | send -- "firejail --profile=rlimit-bad1.profile\r" | 11 | send -- "firejail --profile=rlimit-bad1.profile\r" |
| 12 | expect { | 12 | expect { |
| 13 | timeout {puts "TESTING ERROR 4\n";exit} | 13 | timeout {puts "TESTING ERROR 4\n";exit} |
| 14 | "invalid rlimit" | 14 | "invalid rlimit-fsize in profile file. Only use positive numbers and k, m or g suffix." |
| 15 | } | 15 | } |
| 16 | after 100 | 16 | after 100 |
| 17 | 17 | ||
diff --git a/test/environment/rlimit-bad.exp b/test/environment/rlimit-bad.exp index 3a82ded9b..c05e14b97 100755 --- a/test/environment/rlimit-bad.exp +++ b/test/environment/rlimit-bad.exp | |||
| @@ -10,7 +10,7 @@ match_max 100000 | |||
| 10 | send -- "firejail --rlimit-fsize=-1024\r" | 10 | send -- "firejail --rlimit-fsize=-1024\r" |
| 11 | expect { | 11 | expect { |
| 12 | timeout {puts "TESTING ERROR 0\n";exit} | 12 | timeout {puts "TESTING ERROR 0\n";exit} |
| 13 | "invalid rlimit" | 13 | "invalid rlimit-fsize. Only use positive numbers and k, m or g suffix." |
| 14 | } | 14 | } |
| 15 | after 100 | 15 | after 100 |
| 16 | 16 | ||