/* Delete useless cookie item *
* then connect prev and next */
-int free_cookie_item(cookie_list *cookie)
+void free_cookie_item(cookie_list *cookie)
{
- if(cookie->path != NULL)
- free(cookie->path);
- if(cookie->permissions != NULL)
- free(cookie->permissions);
- if(cookie->smack_label != NULL)
- free(cookie->smack_label);
+ free(cookie->path);
+ free(cookie->permissions);
+ free(cookie->smack_label);
if(cookie->prev != NULL)
cookie->prev->next = cookie->next;
if(cookie->next != NULL)
cookie->next->prev = cookie->prev;
free(cookie);
- cookie = NULL;
- return 0;
}
/* Cut the link of the current cookie item and connect previous link and next line *
/* Check the path is different. */
if(strcmp(exe, current->path) != 0)
{
- SEC_SVR_DBG("pid [%d] has been reused by %s. deleting the old cookie.", pid, exe);
- debug_cmdline = malloc(current->path_len + 1);
- if(debug_cmdline == NULL)
- {
- SEC_SVR_ERR("%s", "out of memory error");
- free(exe);
- return NULL;
- }
- strncpy(debug_cmdline, current->path, current->path_len);
- debug_cmdline[current->path_len] = 0;
- SEC_SVR_DBG("[%s] --> [%s]", exe, debug_cmdline);
- if(debug_cmdline != NULL)
- {
- free(debug_cmdline);
- debug_cmdline = NULL;
- }
- /* Okay. delete current cookie */
+ /* Delete cookie for reused pid. This is an extremely rare situation. */
+ SEC_SVR_DBG("Pid [%d] for exec [%s] has been reused by [%s]. Deleting the old cookie.", pid, current->path, exe);
current = delete_cookie_item(current);
- if(exe != NULL)
- {
- free(exe);
- exe = NULL;
- }
- continue;
}
else
{
}
}
- added->path_len = strlen(exe);
- added->path = calloc(1, strlen(exe));
- memcpy(added->path, exe, strlen(exe));
-
+ added->path = exe;
+ exe = NULL;
added->permission_len = perm_num;
added->pid = pid;
added->permissions = permissions;
return NULL;
}
- first->path_len = 0;
first->permission_len = 0;
first->pid = 0;
first->path = NULL;
#include "security-server-util.h"
#include "security-server.h"
+/*
+ * @buffer output buffer
+ * @position target position in output buffer
+ * @source source data
+ * @len source data length
+ */
+static void append_to_buffer(unsigned char *buffer, int* position, const void* source, size_t len) {
+ if (len <= 0) {
+ SEC_SVR_DBG("Appending nothing.");
+ return;
+ }
+ memcpy(buffer + *position, source, len);
+ *position += len;
+}
+
+static void append_cookie(unsigned char *buffer, int* position, const cookie_list* cookie) {
+ int i;
+ int path_len = cookie->path ? strlen(cookie->path) : 0;
+
+ append_to_buffer(buffer, position, &path_len, sizeof(int));
+ append_to_buffer(buffer, position, &cookie->permission_len, sizeof(int));
+ append_to_buffer(buffer, position, &cookie->cookie, SECURITY_SERVER_COOKIE_LEN);
+ append_to_buffer(buffer, position, &cookie->pid, sizeof(pid_t));
+ append_to_buffer(buffer, position, &cookie->path, path_len);
+
+ for(i=0;i<cookie->permission_len;++i)
+ append_to_buffer(buffer, position, &cookie->permissions[i], sizeof(int));
+}
/* Get all cookie info response *
* packet format
* | |
* | |
*/
- unsigned char * get_all_cookie_info(cookie_list *list, int *size)
+unsigned char * get_all_cookie_info(cookie_list *list, int *size)
{
cookie_list *current = list;
- int ptr, total_num, total_size, tempnum, i;
+ int ptr, total_num, total_size, path_len;
unsigned char *buf = NULL, *tempptr = NULL;
response_header hdr;
break;
total_num++;
- total_size += sizeof(int) + sizeof(int) + SECURITY_SERVER_COOKIE_LEN + sizeof(int) + current->path_len + (current->permission_len * sizeof(int));
+ path_len = current->path ? strlen(current->path) : 0;
+ total_size += sizeof(int) + sizeof(int) + SECURITY_SERVER_COOKIE_LEN + sizeof(pid_t) + path_len + (current->permission_len * sizeof(int));
tempptr = realloc(buf, total_size);
if(tempptr == NULL)
{
}
buf = tempptr;
- tempnum = current->path_len;
- memcpy(buf+ptr, &tempnum, sizeof(int));
- ptr += sizeof(int);
- tempnum = current->permission_len;
- memcpy(buf+ptr, &tempnum, sizeof(int));
- ptr += sizeof(int);
- memcpy(buf+ptr, current->cookie, SECURITY_SERVER_COOKIE_LEN);
- ptr += SECURITY_SERVER_COOKIE_LEN;
- tempnum = current->pid;
- memcpy(buf+ptr, &tempnum, sizeof(int));
- ptr += sizeof(int);
- memcpy(buf+ptr, current->path, current->path_len);
- ptr += current->path_len;
-
- for(i=0;i<current->permission_len;i++)
- {
- tempnum = current->permissions[i];
- memcpy(buf+ptr, &tempnum, sizeof(int));
- ptr += sizeof(int);
- }
+ append_cookie(buf, &ptr, current);
current = current->next;
}
hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GET_ALL_COOKIES_RESPONSE;
hdr.basic_hdr.msg_len =(unsigned short)( total_size - sizeof(hdr));
hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
- memcpy(buf, &hdr, sizeof(hdr));
- tempnum = total_num;
- memcpy(buf + sizeof(hdr), &tempnum, sizeof(int));
+
+ // reset buffer position to the beginning of buffer and insert header
+ ptr = 0;
+ append_to_buffer(buf, &ptr, &hdr, sizeof(hdr));
+ append_to_buffer(buf, &ptr, &total_num, sizeof(total_num));
*size = total_size;
return buf;
}
{
unsigned char *buf = NULL;
response_header hdr;
- int total_size, ptr = 0, tempnum, ret, i;
+ int total_size, ptr = 0, ret, path_len;
- total_size = sizeof(hdr) + sizeof(int) + sizeof(int) + SECURITY_SERVER_COOKIE_LEN + sizeof(int) + list->path_len + (list->permission_len * sizeof(int));
+ path_len = list->path ? strlen(list->path) : 0;
+
+ total_size = sizeof(hdr) + sizeof(int) + sizeof(int) + SECURITY_SERVER_COOKIE_LEN + sizeof(pid_t) + path_len + (list->permission_len * sizeof(int));
buf = malloc(total_size);
if(buf == NULL)
{
hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GET_COOKIEINFO_RESPONSE;
- hdr.basic_hdr.msg_len =sizeof(int) + sizeof(int) + SECURITY_SERVER_COOKIE_LEN + sizeof(int) + list->path_len + (list->permission_len * sizeof(int));
+ hdr.basic_hdr.msg_len =sizeof(int) + sizeof(int) + SECURITY_SERVER_COOKIE_LEN + sizeof(pid_t) + path_len + (list->permission_len * sizeof(int));
hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
- memcpy(buf, &hdr, sizeof(hdr));
- ptr += sizeof(hdr);
-
- tempnum = list->path_len;
- memcpy(buf+ptr, &tempnum, sizeof(int));
- ptr += sizeof(int);
- tempnum = list->permission_len;
- memcpy(buf+ptr, &tempnum, sizeof(int));
- ptr += sizeof(int);
- memcpy(buf+ptr, list->cookie, SECURITY_SERVER_COOKIE_LEN);
- ptr += SECURITY_SERVER_COOKIE_LEN;
- tempnum = list->pid;
- memcpy(buf+ptr, &tempnum, sizeof(int));
- ptr += sizeof(int);
- memcpy(buf+ptr, list->path, list->path_len);
- ptr += list->path_len;
-
- for(i=0;i<list->permission_len;i++)
- {
- tempnum = list->permissions[i];
- memcpy(buf+ptr, &tempnum, sizeof(int));
- ptr += sizeof(int);
- }
+
+ // header
+ append_to_buffer(buf, &ptr, &hdr, sizeof(hdr));
+ // cookie
+ append_cookie(buf, &ptr, list);
ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
if(ret == SECURITY_SERVER_ERROR_POLL)