wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2024-09-13 09:17:20 -07:00
Code Issues Packages Projects Releases Wiki Activity

Ensure ACL buffers are NULL terminated for all string processing.

Browse Source
This commit is contained in:
Erich E. Hoover 2014-04-15 15:05:36 -06:00
parent 737eb1005a
commit 810202432b
2 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
patches/02-ACL_Extended_Attributes/0003-server-Store-file-security-attributes-with-extended-.patch
View File

@ -1,13 +1,13 @@
From 26610999c43a7c3725490800baf53aed0a0820a7 Mon Sep 17 00:00:00 2001
From be78120bae662c7290b09433b020548a2b299361 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Tue, 15 Apr 2014 14:52:28 -0600
Date: Tue, 15 Apr 2014 15:03:12 -0600
Subject: server: Store file security attributes with extended file
attributes.
---
configure.ac | 12 ++++++++++
server/file.c | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 82 insertions(+)
server/file.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 83 insertions(+)
diff --git a/configure.ac b/configure.ac
index 7e463b9..c0cc653 100644
@ -40,7 +40,7 @@ index 7e463b9..c0cc653 100644
AC_SUBST(dlldir,"\${libdir}/wine")
diff --git a/server/file.c b/server/file.c
index c98f045..adf7e51 100644
index c98f045..032205e 100644
--- a/server/file.c
+++ b/server/file.c
@@ -32,6 +32,7 @@
@ -61,7 +61,7 @@ index c98f045..adf7e51 100644
#include "ntstatus.h"
#define WIN32_NO_STATUS
@@ -178,6 +182,69 @@ static struct object *create_file_obj( struct fd *fd, unsigned int access, mode_
@@ -178,6 +182,70 @@ static struct object *create_file_obj( struct fd *fd, unsigned int access, mode_
return &file->obj;
}
@ -124,6 +124,7 @@ index c98f045..adf7e51 100644
+ (p != buffer ? ";" : ""), type, flags, mask, sidtxt );
+ }
+
+ buffer[XATTR_SIZE_MAX-1] = 0; /* ensure NULL terminated if snprintf truncated the buffer */
+ fsetxattr( fd, "user.wine.acl", buffer, p-buffer, 0 );
+#endif
+}
@ -131,7 +132,7 @@ index c98f045..adf7e51 100644
static struct object *create_file( struct fd *root, const char *nameptr, data_size_t len,
unsigned int access, unsigned int sharing, int create,
unsigned int options, unsigned int attrs,
@@ -239,6 +306,7 @@ static struct object *create_file( struct fd *root, const char *nameptr, data_si
@@ -239,6 +307,7 @@ static struct object *create_file( struct fd *root, const char *nameptr, data_si
/* FIXME: should set error to STATUS_OBJECT_NAME_COLLISION if file existed before */
fd = open_fd( root, name, flags | O_NONBLOCK | O_LARGEFILE, &mode, access, sharing, options );
if (!fd) goto done;
@ -139,7 +140,7 @@ index c98f045..adf7e51 100644
if (S_ISDIR(mode))
obj = create_dir_obj( fd, access, mode );
@@ -580,6 +648,8 @@ int file_set_acls( struct object *obj, struct fd *fd, const struct security_desc
@@ -580,6 +649,8 @@ int file_set_acls( struct object *obj, struct fd *fd, const struct security_desc
mode = st.st_mode & (S_ISUID|S_ISGID|S_ISVTX);
mode |= sd_to_mode( sd, owner );

12
patches/02-ACL_Extended_Attributes/0004-server-Retrieve-file-security-attributes-with-extend.patch
View File

@ -1,6 +1,6 @@
From 96ef630b374cc6254dd8d0afe0eb8a9a240f4d50 Mon Sep 17 00:00:00 2001
From b08167fa305b8cee98df3b8712c01ebbc5f56dde Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Tue, 15 Apr 2014 14:55:45 -0600
Date: Tue, 15 Apr 2014 15:04:29 -0600
Subject: server: Retrieve file security attributes with extended file
attributes.
@ -110,10 +110,10 @@ index bd45189..e5ef7e6 100644
CloseHandle(obj);
}
diff --git a/server/file.c b/server/file.c
index adf7e51..39169a4 100644
index 032205e..945b82a 100644
--- a/server/file.c
+++ b/server/file.c
@@ -492,12 +492,174 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
@@ -493,12 +493,174 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
return sd;
}
@ -132,7 +132,7 @@ index adf7e51..39169a4 100644
+
+ n = fgetxattr( fd, "user.wine.acl", buffer, sizeof(buffer) );
+ if (n == -1) return NULL;
+ buffer[n] = 0;
+ buffer[n] = 0; /* ensure NULL terminated buffer for string functions */
+
+ do
+ {
@ -288,7 +288,7 @@ index adf7e51..39169a4 100644
if (unix_fd == -1 || fstat( unix_fd, &st ) == -1)
return obj->sd;
@@ -507,9 +669,10 @@ struct security_descriptor *file_get_acls( struct object *obj, struct fd *fd, mo
@@ -508,9 +670,10 @@ struct security_descriptor *file_get_acls( struct object *obj, struct fd *fd, mo
(st.st_uid == *uid))
return obj->sd;