| 1 |
commit: 97ea4d6d14ae90bd6371936fd6a718df0f62efba |
| 2 |
Author: Mike Frysinger <vapier <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Thu Dec 27 06:28:17 2012 +0000 |
| 4 |
Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Mon Feb 25 04:05:05 2013 +0000 |
| 6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=97ea4d6d |
| 7 |
|
| 8 |
environ: add a new is_env_var helper for checking var names |
| 9 |
|
| 10 |
This is laying the ground work for processing more vars in the |
| 11 |
future than just LD_PRELOAD. |
| 12 |
|
| 13 |
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org> |
| 14 |
|
| 15 |
--- |
| 16 |
libsandbox/wrapper-funcs/__wrapper_exec.c | 16 ++++++++-------- |
| 17 |
libsbutil/sbutil.h | 9 ++++++--- |
| 18 |
src/environ.c | 4 ++-- |
| 19 |
3 files changed, 16 insertions(+), 13 deletions(-) |
| 20 |
|
| 21 |
diff --git a/libsandbox/wrapper-funcs/__wrapper_exec.c b/libsandbox/wrapper-funcs/__wrapper_exec.c |
| 22 |
index b7c7dfa..3ac936c 100644 |
| 23 |
--- a/libsandbox/wrapper-funcs/__wrapper_exec.c |
| 24 |
+++ b/libsandbox/wrapper-funcs/__wrapper_exec.c |
| 25 |
@@ -98,11 +98,11 @@ static char **_sb_check_envp(char **envp, bool is_environ) |
| 26 |
char *entry; |
| 27 |
char *ld_preload = NULL; |
| 28 |
char *old_ld_preload = NULL; |
| 29 |
- size_t count, ld_preload_eq_len; |
| 30 |
+ size_t count, ld_preload_len; |
| 31 |
|
| 32 |
- ld_preload_eq_len = strlen(LD_PRELOAD_EQ); |
| 33 |
+ ld_preload_len = strlen(ENV_LD_PRELOAD); |
| 34 |
str_list_for_each_item(envp, entry, count) { |
| 35 |
- if (strncmp(entry, LD_PRELOAD_EQ, ld_preload_eq_len)) |
| 36 |
+ if (!is_env_var(entry, ENV_LD_PRELOAD, ld_preload_len)) |
| 37 |
continue; |
| 38 |
|
| 39 |
/* Check if we do not have to do anything */ |
| 40 |
@@ -122,18 +122,18 @@ static char **_sb_check_envp(char **envp, bool is_environ) |
| 41 |
/* Ok, we need to create our own envp, as we need to add LD_PRELOAD, |
| 42 |
* and we should not touch the user's envp. First we add LD_PRELOAD, |
| 43 |
* and just all the rest. */ |
| 44 |
- count = ld_preload_eq_len + (strlen(sandbox_lib) + 1) + |
| 45 |
- (old_ld_preload ? strlen(old_ld_preload) - ld_preload_eq_len + 1 : 0); |
| 46 |
+ count = ld_preload_len + 1 + strlen(sandbox_lib) + 1 + |
| 47 |
+ (old_ld_preload ? strlen(old_ld_preload) - ld_preload_len : 0); |
| 48 |
ld_preload = xmalloc(count * sizeof(char)); |
| 49 |
- snprintf(ld_preload, count, "%s%s%s%s", LD_PRELOAD_EQ, sandbox_lib, |
| 50 |
+ snprintf(ld_preload, count, "%s=%s%s%s", ENV_LD_PRELOAD, sandbox_lib, |
| 51 |
(old_ld_preload) ? " " : "", |
| 52 |
- (old_ld_preload) ? old_ld_preload + ld_preload_eq_len : ""); |
| 53 |
+ (old_ld_preload) ? old_ld_preload + ld_preload_len + 1 : ""); |
| 54 |
|
| 55 |
if (!is_environ) { |
| 56 |
str_list_add_item(my_env, ld_preload, error); |
| 57 |
|
| 58 |
str_list_for_each_item(envp, entry, count) { |
| 59 |
- if (strncmp(entry, LD_PRELOAD_EQ, ld_preload_eq_len)) { |
| 60 |
+ if (!is_env_var(entry, ENV_LD_PRELOAD, ld_preload_len)) { |
| 61 |
str_list_add_item(my_env, entry, error); |
| 62 |
continue; |
| 63 |
} |
| 64 |
|
| 65 |
diff --git a/libsbutil/sbutil.h b/libsbutil/sbutil.h |
| 66 |
index 67a8aaa..6c90f35 100644 |
| 67 |
--- a/libsbutil/sbutil.h |
| 68 |
+++ b/libsbutil/sbutil.h |
| 69 |
@@ -19,7 +19,6 @@ |
| 70 |
#define SANDBOX_CONF_FILE ETCDIR "/sandbox.conf" |
| 71 |
#define SANDBOX_CONFD_DIR ETCDIR "/sandbox.d" |
| 72 |
|
| 73 |
-#define LD_PRELOAD_EQ "LD_PRELOAD=" |
| 74 |
#define LIB_NAME "libsandbox.so" |
| 75 |
#define BASHRC_NAME "sandbox.bashrc" |
| 76 |
#define TMPDIR "/tmp" |
| 77 |
@@ -79,8 +78,12 @@ void get_sandbox_rc(char *path); |
| 78 |
void get_sandbox_log(char *path, const char *tmpdir); |
| 79 |
void get_sandbox_debug_log(char *path, const char *tmpdir); |
| 80 |
int get_tmp_dir(char *path); |
| 81 |
-bool is_env_on (const char *); |
| 82 |
-bool is_env_off (const char *); |
| 83 |
+bool is_env_on(const char *); |
| 84 |
+bool is_env_off(const char *); |
| 85 |
+static inline bool is_env_var(const char *env, const char *var, size_t vlen) |
| 86 |
+{ |
| 87 |
+ return !strncmp(env, var, vlen) && env[vlen] == '='; |
| 88 |
+} |
| 89 |
|
| 90 |
/* proc helpers */ |
| 91 |
extern const char sb_fd_dir[]; |
| 92 |
|
| 93 |
diff --git a/src/environ.c b/src/environ.c |
| 94 |
index 45bf9a6..30ba003 100644 |
| 95 |
--- a/src/environ.c |
| 96 |
+++ b/src/environ.c |
| 97 |
@@ -318,9 +318,9 @@ char **setup_environ(struct sandbox_info_t *sandbox_info, bool interactive) |
| 98 |
|
| 99 |
/* Now add the rest */ |
| 100 |
env_ptr = environ; |
| 101 |
+ size_t vlen = strlen(ENV_LD_PRELOAD); |
| 102 |
while (NULL != *env_ptr) { |
| 103 |
- if ((1 == have_ld_preload) && |
| 104 |
- (strstr(*env_ptr, LD_PRELOAD_EQ) == *env_ptr)) |
| 105 |
+ if ((1 == have_ld_preload) && is_env_var(*env_ptr, ENV_LD_PRELOAD, vlen)) |
| 106 |
/* If LD_PRELOAD was set, and this is it in the original |
| 107 |
* environment, replace it with our new copy */ |
| 108 |
/* XXX: The following works as it just add whatever as |
Archives