diff options
author | Brian Harring <ferringb@gentoo.org> | 2004-11-15 06:27:02 +0000 |
---|---|---|
committer | Brian Harring <ferringb@gentoo.org> | 2004-11-15 06:27:02 +0000 |
commit | ef76067a3ac677aa128a80c6aa15146d73848e52 (patch) | |
tree | c0ce427d4ce506620a7e26fe7985afc8f640d494 /src | |
parent | bye bye unused sandbox directory... (diff) | |
download | portage-cvs-ef76067a3ac677aa128a80c6aa15146d73848e52.tar.gz portage-cvs-ef76067a3ac677aa128a80c6aa15146d73848e52.tar.bz2 portage-cvs-ef76067a3ac677aa128a80c6aa15146d73848e52.zip |
bug #70225, sandbox_pids_file potential overflow.
Diffstat (limited to 'src')
-rw-r--r-- | src/sandbox-1.1/ChangeLog | 5 | ||||
-rw-r--r-- | src/sandbox-1.1/libsandbox.c | 17 | ||||
-rw-r--r-- | src/sandbox-1.1/sandbox.c | 20 |
3 files changed, 20 insertions, 22 deletions
diff --git a/src/sandbox-1.1/ChangeLog b/src/sandbox-1.1/ChangeLog index 8d88dc2..4e3a8e9 100644 --- a/src/sandbox-1.1/ChangeLog +++ b/src/sandbox-1.1/ChangeLog @@ -1,6 +1,9 @@ # ChangeLog for Path Sandbox # Copyright 1999-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/ChangeLog,v 1.39 2004/11/07 15:05:07 ferringb Exp $ +# $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/ChangeLog,v 1.40 2004/11/15 06:27:02 ferringb Exp $ + + 14 Nov 2004; Brian Harring <ferringb@gentoo.org> libsandbox.c, sandbox.c: + closing out bug #70225, potential overflow of the sandbox_pids_file var. 07 Nov 2004; Brian Harring <ferringb@gentoo.org> libsandbox.c: c99 standard, (think it was at least) allows intermixing of code and data segments. bug #70351 diff --git a/src/sandbox-1.1/libsandbox.c b/src/sandbox-1.1/libsandbox.c index 632bb5d..a7a943e 100644 --- a/src/sandbox-1.1/libsandbox.c +++ b/src/sandbox-1.1/libsandbox.c @@ -25,7 +25,7 @@ * as some of the InstallWatch code was used. * * - * $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/libsandbox.c,v 1.24 2004/11/07 15:05:08 ferringb Exp $ + * $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/libsandbox.c,v 1.25 2004/11/15 06:27:02 ferringb Exp $ * */ @@ -114,7 +114,8 @@ } static char sandbox_lib[255]; -static char sandbox_pids_file[255]; +//static char sandbox_pids_file[255]; +static char *sandbox_pids_file; typedef struct { int show_access_violation; @@ -247,6 +248,12 @@ init_wrappers(void) } void +_fini(void) +{ + free(sandbox_pids_file); +} + +void _init(void) { int old_errno = errno; @@ -266,11 +273,7 @@ _init(void) tmp_string = NULL; /* Generate sandbox pids-file path */ - tmp_string = get_sandbox_pids_file(); - strncpy(sandbox_pids_file, tmp_string, sizeof(sandbox_pids_file)-1); - if (tmp_string) - free(tmp_string); - tmp_string = NULL; + sandbox_pids_file = get_sandbox_pids_file(); errno = old_errno; } diff --git a/src/sandbox-1.1/sandbox.c b/src/sandbox-1.1/sandbox.c index 46240aa..0f8aac4 100644 --- a/src/sandbox-1.1/sandbox.c +++ b/src/sandbox-1.1/sandbox.c @@ -11,7 +11,7 @@ ** Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com ** Distributed under the terms of the GNU General Public License, v2 or later ** Author : Geert Bevin <gbevin@uwyn.com> -** $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/sandbox.c,v 1.20 2004/10/19 04:58:42 carpaski Exp $ +** $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/src/sandbox-1.1/Attic/sandbox.c,v 1.21 2004/11/15 06:27:02 ferringb Exp $ */ /* #define _GNU_SOURCE */ @@ -161,8 +161,7 @@ cleanup() int pids_file = -1, num_of_pids = 0; int *pids_array = NULL; char pid_string[255]; - char sandbox_pids_file[255]; - char *tmp_string; + char *sandbox_pids_file; #ifdef USE_LD_SO_PRELOAD int preload_file = -1, num_of_preloads = 0; char preload_entry[255]; @@ -170,11 +169,7 @@ cleanup() #endif /* Generate sandbox pids-file path */ - tmp_string = get_sandbox_pids_file(); - strncpy(sandbox_pids_file, tmp_string, sizeof(sandbox_pids_file)-1); - if (tmp_string) - free(tmp_string); - tmp_string = NULL; + sandbox_pids_file = get_sandbox_pids_file(); /* Remove this sandbox's bash pid from the global pids * file if it has rights to adapt the ld.so.preload file */ @@ -286,6 +281,7 @@ cleanup() pids_array = NULL; } + free(sandbox_pids_file); if (0 == success) return; } @@ -499,7 +495,7 @@ main(int argc, char **argv) char sandbox_debug_log[255]; char sandbox_dir[255]; char sandbox_lib[255]; - char sandbox_pids_file[255]; + char *sandbox_pids_file; char sandbox_rc[255]; char pid_string[255]; char **argv_bash = NULL; @@ -547,11 +543,7 @@ main(int argc, char **argv) tmp_string = NULL; /* Generate sandbox pids-file path */ - tmp_string = get_sandbox_pids_file(); - strncpy(sandbox_pids_file, tmp_string, 254); - if (tmp_string) - free(tmp_string); - tmp_string = NULL; + sandbox_pids_file = get_sandbox_pids_file(); /* Generate sandbox bashrc path */ tmp_string = get_sandbox_rc(sandbox_dir); |