diff options
-rw-r--r-- | sway/commands.c | 3 | ||||
-rw-r--r-- | sway/commands/permit.c | 3 | ||||
-rw-r--r-- | sway/security.c | 20 |
3 files changed, 24 insertions, 2 deletions
diff --git a/sway/commands.c b/sway/commands.c index 8d199467..c15cb00a 100644 --- a/sway/commands.c +++ b/sway/commands.c | |||
@@ -575,6 +575,9 @@ struct cmd_results *config_commands_command(char *exec) { | |||
575 | } | 575 | } |
576 | if (!policy) { | 576 | if (!policy) { |
577 | policy = alloc_command_policy(cmd); | 577 | policy = alloc_command_policy(cmd); |
578 | if (!policy) { | ||
579 | sway_abort("Unable to allocate security policy"); | ||
580 | } | ||
578 | list_add(config->command_policies, policy); | 581 | list_add(config->command_policies, policy); |
579 | } | 582 | } |
580 | policy->context = context; | 583 | policy->context = context; |
diff --git a/sway/commands/permit.c b/sway/commands/permit.c index 7a25e4ce..dee246d7 100644 --- a/sway/commands/permit.c +++ b/sway/commands/permit.c | |||
@@ -50,6 +50,9 @@ static struct feature_policy *get_policy(const char *name) { | |||
50 | } | 50 | } |
51 | if (!policy) { | 51 | if (!policy) { |
52 | policy = alloc_feature_policy(name); | 52 | policy = alloc_feature_policy(name); |
53 | if (!policy) { | ||
54 | sway_abort("Unable to allocate security policy"); | ||
55 | } | ||
53 | list_add(config->feature_policies, policy); | 56 | list_add(config->feature_policies, policy); |
54 | } | 57 | } |
55 | return policy; | 58 | return policy; |
diff --git a/sway/security.c b/sway/security.c index 9cccd62e..41a3b94b 100644 --- a/sway/security.c +++ b/sway/security.c | |||
@@ -15,14 +15,28 @@ struct feature_policy *alloc_feature_policy(const char *program) { | |||
15 | } | 15 | } |
16 | 16 | ||
17 | struct feature_policy *policy = malloc(sizeof(struct feature_policy)); | 17 | struct feature_policy *policy = malloc(sizeof(struct feature_policy)); |
18 | if (!policy) { | ||
19 | return NULL; | ||
20 | } | ||
18 | policy->program = strdup(program); | 21 | policy->program = strdup(program); |
22 | if (!policy->program) { | ||
23 | free(policy); | ||
24 | return NULL; | ||
25 | } | ||
19 | policy->features = default_policy; | 26 | policy->features = default_policy; |
20 | return policy; | 27 | return policy; |
21 | } | 28 | } |
22 | 29 | ||
23 | struct command_policy *alloc_command_policy(const char *command) { | 30 | struct command_policy *alloc_command_policy(const char *command) { |
24 | struct command_policy *policy = malloc(sizeof(struct command_policy)); | 31 | struct command_policy *policy = malloc(sizeof(struct command_policy)); |
32 | if (!policy) { | ||
33 | return NULL; | ||
34 | } | ||
25 | policy->command = strdup(command); | 35 | policy->command = strdup(command); |
36 | if (!policy->command) { | ||
37 | free(policy); | ||
38 | return NULL; | ||
39 | } | ||
26 | policy->context = 0; | 40 | policy->context = 0; |
27 | return policy; | 41 | return policy; |
28 | } | 42 | } |
@@ -35,12 +49,14 @@ enum secure_feature get_feature_policy(pid_t pid) { | |||
35 | #endif | 49 | #endif |
36 | int pathlen = snprintf(NULL, 0, fmt, pid); | 50 | int pathlen = snprintf(NULL, 0, fmt, pid); |
37 | char *path = malloc(pathlen + 1); | 51 | char *path = malloc(pathlen + 1); |
38 | snprintf(path, pathlen + 1, fmt, pid); | 52 | if (path) { |
53 | snprintf(path, pathlen + 1, fmt, pid); | ||
54 | } | ||
39 | static char link[2048]; | 55 | static char link[2048]; |
40 | 56 | ||
41 | uint32_t default_policy = 0; | 57 | uint32_t default_policy = 0; |
42 | 58 | ||
43 | ssize_t len = readlink(path, link, sizeof(link)); | 59 | ssize_t len = !path ? -1 : readlink(path, link, sizeof(link)); |
44 | if (len < 0) { | 60 | if (len < 0) { |
45 | sway_log(L_INFO, | 61 | sway_log(L_INFO, |
46 | "WARNING: unable to read %s for security check. Using default policy.", | 62 | "WARNING: unable to read %s for security check. Using default policy.", |