diff options
| author | oshogbo <oshogbo@FreeBSD.org> | 2015-05-02 17:45:52 +0000 |
|---|---|---|
| committer | oshogbo <oshogbo@FreeBSD.org> | 2015-05-02 17:45:52 +0000 |
| commit | cf66982b37ec7230cc55175c994e05c6176e8e22 (patch) | |
| tree | a69b34916c7078793947216a35639f78cd60366e /lib | |
| parent | 843dbc5981a1de860cdd7de6cf7aaf65c87a56ab (diff) | |
| download | FreeBSD-src-cf66982b37ec7230cc55175c994e05c6176e8e22.zip FreeBSD-src-cf66982b37ec7230cc55175c994e05c6176e8e22.tar.gz | |
Approved, oprócz użycie RESTORE_ERRNO() do ustawiania errno.
Change the nvlist_recv() function to take additional argument that
specifies flags expected on the received nvlist. Receiving a nvlist with
different set of flags than the ones we expect might lead to undefined
behaviour, which might be potentially dangerous.
Update consumers of this and related functions and update the tests.
Approved by: pjd (mentor)
Update man page for nvlist_unpack, nvlist_recv, nvlist_xfer, cap_recv_nvlist
and cap_xfer_nvlist.
Reviewed by: AllanJude
Approved by: pjd (mentor)
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcapsicum/libcapsicum.3 | 18 | ||||
| -rw-r--r-- | lib/libcapsicum/libcapsicum.c | 14 | ||||
| -rw-r--r-- | lib/libcapsicum/libcapsicum.h | 4 | ||||
| -rw-r--r-- | lib/libcapsicum/libcapsicum_dns.c | 8 | ||||
| -rw-r--r-- | lib/libcapsicum/libcapsicum_grp.c | 8 | ||||
| -rw-r--r-- | lib/libcapsicum/libcapsicum_pwd.c | 6 | ||||
| -rw-r--r-- | lib/libcapsicum/libcapsicum_random.c | 2 | ||||
| -rw-r--r-- | lib/libcapsicum/libcapsicum_service.c | 2 | ||||
| -rw-r--r-- | lib/libcapsicum/libcapsicum_sysctl.c | 2 | ||||
| -rw-r--r-- | lib/libcasper/libcasper.c | 4 | ||||
| -rw-r--r-- | lib/libnv/nv.3 | 50 | ||||
| -rw-r--r-- | lib/libnv/tests/nv_tests.cc | 6 | ||||
| -rw-r--r-- | lib/libnv/tests/nvlist_send_recv_test.c | 2 |
13 files changed, 87 insertions, 39 deletions
diff --git a/lib/libcapsicum/libcapsicum.3 b/lib/libcapsicum/libcapsicum.3 index 9df565a..cbfd214 100644 --- a/lib/libcapsicum/libcapsicum.3 +++ b/lib/libcapsicum/libcapsicum.3 @@ -27,7 +27,7 @@ .\" .\" $FreeBSD$ .\" -.Dd April 14, 2014 +.Dd May 2, 2015 .Dt LIBCAPSICUM 3 .Os .Sh NAME @@ -68,9 +68,9 @@ .Ft "int" .Fn cap_send_nvlist "const cap_channel_t *chan" "const nvlist_t *nvl" .Ft "nvlist_t *" -.Fn cap_recv_nvlist "const cap_channel_t *chan" +.Fn cap_recv_nvlist "const cap_channel_t *chan" "int flags" .Ft "nvlist_t *" -.Fn cap_xfer_nvlist "const cap_channel_t *chan" "nvlist_t *nvl" +.Fn cap_xfer_nvlist "const cap_channel_t *chan" "nvlist_t *nvl" "int flags" .In libcapsicum_service.h .Ft "cap_channel_t *" .Fn cap_service_open "const cap_channel_t *chan" "const char *name" @@ -171,11 +171,23 @@ Most services should provide higher level API. The .Fn cap_recv_nvlist function receives the given nvlist over the given capability. +The +.Fa flags +argument defines what type the top nvlist is expected to be. +If the nvlist flags do not match the flags passed to +.Fn cap_recv_nvlist , +the nvlist will not be returned. .Pp The .Fn cap_xfer_nvlist function sends the given nvlist, destroys it and receives new nvlist in response over the given capability. +The +.Fa flags +argument defines what type the top nvlist is expected to be. +If the nvlist flags do not match the flags passed to +.Fn cap_xfer_nvlist , +the nvlist will not be returned. It does not matter if the function succeeds or fails, the nvlist given for sending will always be destroyed once the function returns. .Pp diff --git a/lib/libcapsicum/libcapsicum.c b/lib/libcapsicum/libcapsicum.c index 79ca871..79c570f 100644 --- a/lib/libcapsicum/libcapsicum.c +++ b/lib/libcapsicum/libcapsicum.c @@ -142,7 +142,7 @@ cap_clone(const cap_channel_t *chan) nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "clone"); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (NULL); if (nvlist_get_number(nvl, "error") != 0) { @@ -195,7 +195,7 @@ cap_limit_set(const cap_channel_t *chan, nvlist_t *limits) nvlmsg = nvlist_create(0); nvlist_add_string(nvlmsg, "cmd", "limit_set"); nvlist_add_nvlist(nvlmsg, "limits", limits); - nvlmsg = cap_xfer_nvlist(chan, nvlmsg); + nvlmsg = cap_xfer_nvlist(chan, nvlmsg, 0); if (nvlmsg == NULL) { nvlist_destroy(limits); return (-1); @@ -218,7 +218,7 @@ cap_limit_get(const cap_channel_t *chan, nvlist_t **limitsp) nvlmsg = nvlist_create(0); nvlist_add_string(nvlmsg, "cmd", "limit_get"); - nvlmsg = cap_xfer_nvlist(chan, nvlmsg); + nvlmsg = cap_xfer_nvlist(chan, nvlmsg, 0); if (nvlmsg == NULL) return (-1); error = (int)nvlist_get_number(nvlmsg, "error"); @@ -246,21 +246,21 @@ cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl) } nvlist_t * -cap_recv_nvlist(const cap_channel_t *chan) +cap_recv_nvlist(const cap_channel_t *chan, int flags) { assert(chan != NULL); assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - return (nvlist_recv(chan->cch_sock)); + return (nvlist_recv(chan->cch_sock, flags)); } nvlist_t * -cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl) +cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl, int flags) { assert(chan != NULL); assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - return (nvlist_xfer(chan->cch_sock, nvl)); + return (nvlist_xfer(chan->cch_sock, nvl, flags)); } diff --git a/lib/libcapsicum/libcapsicum.h b/lib/libcapsicum/libcapsicum.h index 4f8c597..c7110d8 100644 --- a/lib/libcapsicum/libcapsicum.h +++ b/lib/libcapsicum/libcapsicum.h @@ -105,11 +105,11 @@ int cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl); /* * Function receives nvlist over the given capability. */ -nvlist_t *cap_recv_nvlist(const cap_channel_t *chan); +nvlist_t *cap_recv_nvlist(const cap_channel_t *chan, int flags); /* * Function sends the given nvlist, destroys it and receives new nvlist in * response over the given capability. */ -nvlist_t *cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl); +nvlist_t *cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl, int flags); #endif /* !_LIBCAPSICUM_H_ */ diff --git a/lib/libcapsicum/libcapsicum_dns.c b/lib/libcapsicum/libcapsicum_dns.c index 6f240bd..a180b6b 100644 --- a/lib/libcapsicum/libcapsicum_dns.c +++ b/lib/libcapsicum/libcapsicum_dns.c @@ -132,7 +132,7 @@ cap_gethostbyname2(cap_channel_t *chan, const char *name, int type) nvlist_add_string(nvl, "cmd", "gethostbyname"); nvlist_add_number(nvl, "family", (uint64_t)type); nvlist_add_string(nvl, "name", name); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) { h_errno = NO_RECOVERY; return (NULL); @@ -159,7 +159,7 @@ cap_gethostbyaddr(cap_channel_t *chan, const void *addr, socklen_t len, nvlist_add_string(nvl, "cmd", "gethostbyaddr"); nvlist_add_binary(nvl, "addr", addr, (size_t)len); nvlist_add_number(nvl, "family", (uint64_t)type); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) { h_errno = NO_RECOVERY; return (NULL); @@ -233,7 +233,7 @@ cap_getaddrinfo(cap_channel_t *chan, const char *hostname, const char *servname, nvlist_add_number(nvl, "hints.ai_protocol", (uint64_t)hints->ai_protocol); } - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (EAI_MEMORY); if (nvlist_get_number(nvl, "error") != 0) { @@ -283,7 +283,7 @@ cap_getnameinfo(cap_channel_t *chan, const struct sockaddr *sa, socklen_t salen, nvlist_add_number(nvl, "servlen", (uint64_t)servlen); nvlist_add_binary(nvl, "sa", sa, (size_t)salen); nvlist_add_number(nvl, "flags", (uint64_t)flags); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (EAI_MEMORY); if (nvlist_get_number(nvl, "error") != 0) { diff --git a/lib/libcapsicum/libcapsicum_grp.c b/lib/libcapsicum/libcapsicum_grp.c index adfbc95..267ac68 100644 --- a/lib/libcapsicum/libcapsicum_grp.c +++ b/lib/libcapsicum/libcapsicum_grp.c @@ -195,7 +195,7 @@ cap_getgrcommon_r(cap_channel_t *chan, const char *cmd, const char *name, } else { abort(); } - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) { assert(errno != 0); *result = NULL; @@ -319,7 +319,7 @@ cap_setgroupent(cap_channel_t *chan, int stayopen) nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "setgroupent"); nvlist_add_bool(nvl, "stayopen", stayopen != 0); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (0); if (nvlist_get_number(nvl, "error") != 0) { @@ -339,7 +339,7 @@ cap_setgrent(cap_channel_t *chan) nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "setgrent"); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (0); if (nvlist_get_number(nvl, "error") != 0) { @@ -360,7 +360,7 @@ cap_endgrent(cap_channel_t *chan) nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "endgrent"); /* Ignore any errors, we have no way to report them. */ - nvlist_destroy(cap_xfer_nvlist(chan, nvl)); + nvlist_destroy(cap_xfer_nvlist(chan, nvl, 0)); } int diff --git a/lib/libcapsicum/libcapsicum_pwd.c b/lib/libcapsicum/libcapsicum_pwd.c index 4c15703..32eeeb0 100644 --- a/lib/libcapsicum/libcapsicum_pwd.c +++ b/lib/libcapsicum/libcapsicum_pwd.c @@ -154,7 +154,7 @@ cap_getpwcommon_r(cap_channel_t *chan, const char *cmd, const char *login, } else { abort(); } - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) { assert(errno != 0); *result = NULL; @@ -278,7 +278,7 @@ cap_setpassent(cap_channel_t *chan, int stayopen) nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "setpassent"); nvlist_add_bool(nvl, "stayopen", stayopen != 0); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (0); if (nvlist_get_number(nvl, "error") != 0) { @@ -299,7 +299,7 @@ cap_set_end_pwent(cap_channel_t *chan, const char *cmd) nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", cmd); /* Ignore any errors, we have no way to report them. */ - nvlist_destroy(cap_xfer_nvlist(chan, nvl)); + nvlist_destroy(cap_xfer_nvlist(chan, nvl, 0)); } void diff --git a/lib/libcapsicum/libcapsicum_random.c b/lib/libcapsicum/libcapsicum_random.c index eed97e2..2c3eb36 100644 --- a/lib/libcapsicum/libcapsicum_random.c +++ b/lib/libcapsicum/libcapsicum_random.c @@ -57,7 +57,7 @@ cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes) nvlist_add_string(nvl, "cmd", "generate"); nvlist_add_number(nvl, "size", (uint64_t)(left > MAXSIZE ? MAXSIZE : left)); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (-1); if (nvlist_get_number(nvl, "error") != 0) { diff --git a/lib/libcapsicum/libcapsicum_service.c b/lib/libcapsicum/libcapsicum_service.c index 4127668..edfde8c 100644 --- a/lib/libcapsicum/libcapsicum_service.c +++ b/lib/libcapsicum/libcapsicum_service.c @@ -56,7 +56,7 @@ cap_service_open(const cap_channel_t *chan, const char *name) nvlist_add_string(nvl, "service", name); if (fd_is_valid(STDERR_FILENO)) nvlist_add_descriptor(nvl, "stderrfd", STDERR_FILENO); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (NULL); error = (int)nvlist_get_number(nvl, "error"); diff --git a/lib/libcapsicum/libcapsicum_sysctl.c b/lib/libcapsicum/libcapsicum_sysctl.c index 6ea951b..fc69113 100644 --- a/lib/libcapsicum/libcapsicum_sysctl.c +++ b/lib/libcapsicum/libcapsicum_sysctl.c @@ -63,7 +63,7 @@ cap_sysctlbyname(cap_channel_t *chan, const char *name, void *oldp, nvlist_add_number(nvl, "oldlen", (uint64_t)*oldlenp); if (newp != NULL) nvlist_add_binary(nvl, "newp", newp, newlen); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (-1); if (nvlist_get_number(nvl, "error") != 0) { diff --git a/lib/libcasper/libcasper.c b/lib/libcasper/libcasper.c index 7545baa..cb95346 100644 --- a/lib/libcasper/libcasper.c +++ b/lib/libcasper/libcasper.c @@ -279,7 +279,7 @@ casper_message(const cap_channel_t *capcas, struct service *service) const char *cmd; nvlist_t *nvl; - nvl = cap_recv_nvlist(capcas); + nvl = cap_recv_nvlist(capcas, 0); if (nvl == NULL) pjdlog_exit(1, "Unable to receive message from Casper"); cmd = nvlist_get_string(nvl, "cmd"); @@ -297,7 +297,7 @@ service_message(struct service *service, struct service_connection *sconn) const char *cmd; int error; - nvlin = cap_recv_nvlist(service_connection_get_chan(sconn)); + nvlin = cap_recv_nvlist(service_connection_get_chan(sconn), 0); if (nvlin == NULL) { if (errno == ENOTCONN) { pjdlog_debug(1, "Connection closed by the client."); diff --git a/lib/libnv/nv.3 b/lib/libnv/nv.3 index bbb7b03..4c0e236 100644 --- a/lib/libnv/nv.3 +++ b/lib/libnv/nv.3 @@ -28,7 +28,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 1, 2015 +.Dd May 2, 2015 .Dt NV 3 .Os .Sh NAME @@ -85,14 +85,14 @@ .Ft "void *" .Fn nvlist_pack "const nvlist_t *nvl" "size_t *sizep" .Ft "nvlist_t *" -.Fn nvlist_unpack "const void *buf" "size_t size" +.Fn nvlist_unpack "const void *buf" "size_t size" "int flags" .\" .Ft int .Fn nvlist_send "int sock" "const nvlist_t *nvl" .Ft "nvlist_t *" -.Fn nvlist_recv "int sock" +.Fn nvlist_recv "int sock" "int flags" .Ft "nvlist_t *" -.Fn nvlist_xfer "int sock" "nvlist_t *nvl" +.Fn nvlist_xfer "int sock" "nvlist_t *nvl" "int flags" .\" .Ft "const char *" .Fn nvlist_next "const nvlist_t *nvl" "int *typep" "void **cookiep" @@ -325,6 +325,18 @@ The nvlist must not be in error state. The .Fn nvlist_unpack function converts the given buffer to the nvlist. +The +.Fa flags +argument defines what type of the top level nvlist is expected to be. +Flags are set up using the +.Fn nvlist_create +function. +If the nvlist flags do not match the flags passed to +.Fn nvlist_unpack , +the nvlist will not be returned. +Every nested nvlist list should be checked using +.Fn nvlist_flags +function. The function returns .Dv NULL in case of an error. @@ -343,12 +355,36 @@ The function receives nvlist over the socket given by the .Fa sock argument. +The +.Fa flags +argument defines what type of the top level nvlist is expected to be. +Flags are set up using the +.Fn nvlist_create +function. +If the nvlist flags do not match the flags passed to +.Fn nvlist_recv , +the nvlist will not be returned. +Every nested nvlist list should be checked using +.Fn nvlist_flags +function. .Pp The .Fn nvlist_xfer function sends the given nvlist over the socket given by the .Fa sock argument and receives nvlist over the same socket. +The +.Fa flags +argument defines what type of the top level nvlist is expected to be. +Flags are set up using the +.Fn nvlist_create +function. +If the nvlist flags do not match the flags passed to +.Fn nvlist_xfer , +the nvlist will not be returned. +Every nested nvlist list should be checked using +.Fn nvlist_flags +function. The given nvlist is always destroyed. .Pp The @@ -559,7 +595,7 @@ const char *command; char *filename; int fd; -nvl = nvlist_recv(sock); +nvl = nvlist_recv(sock, 0); if (nvl == NULL) err(1, "nvlist_recv() failed"); @@ -588,7 +624,7 @@ const char *name; void *cookie; int type; -nvl = nvlist_recv(sock); +nvl = nvlist_recv(sock, 0); if (nvl == NULL) err(1, "nvlist_recv() failed"); @@ -617,7 +653,7 @@ const char *name; void *cookie; int type; -nvl = nvlist_recv(sock); +nvl = nvlist_recv(sock, 0); if (nvl == NULL) err(1, "nvlist_recv() failed"); diff --git a/lib/libnv/tests/nv_tests.cc b/lib/libnv/tests/nv_tests.cc index 2d9fd97..1fee182 100644 --- a/lib/libnv/tests/nv_tests.cc +++ b/lib/libnv/tests/nv_tests.cc @@ -440,7 +440,7 @@ ATF_TEST_CASE_BODY(nvlist_pack__empty_nvlist) packed = nvlist_pack(nvl, &packed_size); ATF_REQUIRE(packed != NULL); - unpacked = nvlist_unpack(packed, packed_size); + unpacked = nvlist_unpack(packed, packed_size, 0); ATF_REQUIRE(unpacked != NULL); ATF_REQUIRE(unpacked != nvl); ATF_REQUIRE(nvlist_empty(unpacked)); @@ -534,7 +534,7 @@ ATF_TEST_CASE_BODY(nvlist_pack__multiple_values) packed = nvlist_pack(nvl, &packed_size); ATF_REQUIRE(packed != NULL); - unpacked = nvlist_unpack(packed, packed_size); + unpacked = nvlist_unpack(packed, packed_size, 0); ATF_REQUIRE(unpacked != 0); it = NULL; @@ -614,7 +614,7 @@ ATF_TEST_CASE_BODY(nvlist_unpack__duplicate_key) ATF_REQUIRE(keypos != NULL); memcpy(keypos, key2, keylen); - unpacked = nvlist_unpack(packed, size); + unpacked = nvlist_unpack(packed, size, 0); ATF_REQUIRE(nvlist_error(unpacked) != 0); free(packed); diff --git a/lib/libnv/tests/nvlist_send_recv_test.c b/lib/libnv/tests/nvlist_send_recv_test.c index 1b083c3..50222fb 100644 --- a/lib/libnv/tests/nvlist_send_recv_test.c +++ b/lib/libnv/tests/nvlist_send_recv_test.c @@ -95,7 +95,7 @@ parent(int sock) int type, ctype; size_t size; - nvl = nvlist_recv(sock); + nvl = nvlist_recv(sock, 0); CHECK(nvlist_error(nvl) == 0); if (nvlist_error(nvl) != 0) err(1, "nvlist_recv() failed"); |
