CVSROOT: /sources/gnash
Module name: gnash
Changes by: Rob Savoye <rsavoye> 07/12/26 00:46:49
Modified files:
libbase : rc.h rc.cpp
server/asobj : SharedObject.cpp
. : ChangeLog
Log message:
* libbase/rc.{cpp,h}: Add new security options for Shared
Objects
and Local Connections. Make extractNumber() return a uint32_t
intead of just an int as we keep overflowing strtol().
* server/asobj/SharedObject.cpp: Use new security options for
files.
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/libbase/rc.h?cvsroot=gnash&r1=1.37&r2=1.38
http://cvs.savannah.gnu.org/viewcvs/gnash/libbase/rc.cpp?cvsroot=gnash&r1=1.48&r2=1.49
http://cvs.savannah.gnu.org/viewcvs/gnash/server/asobj/SharedObject.cpp?cvsroot=gnash&r1=1.21&r2=1.22
http://cvs.savannah.gnu.org/viewcvs/gnash/ChangeLog?cvsroot=gnash&r1=1.5255&r2=1.5256
Patches:
Index: libbase/rc.h
===================================================================
RCS file: /sources/gnash/gnash/libbase/rc.h,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -b -r1.37 -r1.38
--- libbase/rc.h 20 Dec 2007 02:57:11 -0000 1.37
+++ libbase/rc.h 26 Dec 2007 00:46:48 -0000 1.38
@@ -27,6 +27,7 @@
#include <string>
#include <vector>
+#include <sys/shm.h> // for key_t
namespace gnash {
@@ -145,14 +146,28 @@
// Set the location of the sandbox for .sol files
void setSOLSafeDir(std::string &x) { _solsandbox = x; }
+ bool getSOLLocalDomain() const { return _sollocaldomain; }
+ void setSOLLocalDomain(bool x) { _sollocaldomain = x; }
+ bool getSOLReadOnly() const { return _solreadonly; }
+ void setSOLReadOnly(bool x) { _solreadonly = x; }
+ bool getLocalConnection() const { return _lcdisabled; }
+ void setLocalConnection(bool x) { _lcdisabled = x; }
+ // Enable tracing all LocalConnection traffic
+ bool getLCTrace() const { return _lctrace; }
+ void setLCTrace(bool x) { _lctrace = x; }
+
+ //
+ key_t getLCShmKey() const { return _lcshmkey; }
+ void setLCShmKey(bool x) { _lcshmkey = x; }
+
void dump();
private:
- int _delay; // the timer delay
- int _movieLibraryLimit; // max number of movie clips to store in the
library
+ uint32_t _delay; // the timer delay
+ uint32_t _movieLibraryLimit; // max number of movie clips to store in
the library
bool _debug; // enable debugging of this class
bool _debugger; // enable the Flash movie debugger
- int _verbosity;
+ uint32_t _verbosity;
std::string _flashVersionString; // String to pass as $version in
Actionscript
std::string _flashSystemOS; // String to pass as
System.capabilities.os
// in Actionscript. If empty, leaves
detection
@@ -204,7 +219,12 @@
// or read from.
std::string _solsandbox;
- protected:
+ bool _solreadonly;
+ bool _sollocaldomain;
+ bool _lcdisabled;
+ bool _lctrace;
+ key_t _lcshmkey;
+protected:
/// Construct only by getDefaultInstance()
RcInitFile();
@@ -217,7 +237,7 @@
static bool extractSetting(bool *var, const char *pattern,
std::string &variable, std::string &value);
- static int extractNumber(int *num, const char *pattern,
+ static uint32_t extractNumber(uint32_t *num, const char *pattern,
std::string &variable, std::string &value);
static void extractDouble(double& out, const char *pattern,
Index: libbase/rc.cpp
===================================================================
RCS file: /sources/gnash/gnash/libbase/rc.cpp,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -b -r1.48 -r1.49
--- libbase/rc.cpp 20 Dec 2007 02:57:11 -0000 1.48
+++ libbase/rc.cpp 26 Dec 2007 00:46:48 -0000 1.49
@@ -30,9 +30,12 @@
# include <pwd.h>
#endif
+#include <boost/cstdint.hpp>
#include <sys/types.h>
#include <unistd.h> // for getuid()
#include <sys/stat.h>
+#include <cerrno>
+#include <limits.h>
#include <cctype> // for toupper
#include <string>
@@ -85,7 +88,11 @@
_extensionsEnabled(false),
_startStopped(false),
_insecureSSL(false),
- _streamsTimeout(DEFAULT_STREAMS_TIMEOUT)
+ _streamsTimeout(DEFAULT_STREAMS_TIMEOUT),
+ _solreadonly(false),
+ _sollocaldomain(false),
+ _lcdisabled(false),
+ _lctrace(true)
{
// GNASH_REPORT_FUNCTION;
@@ -152,8 +159,8 @@
return *var;
}
-int
-RcInitFile::extractNumber(int *num, const char *pattern, string &variable,
+uint32_t
+RcInitFile::extractNumber(uint32_t *num, const char *pattern, string &variable,
string &value)
{
// GNASH_REPORT_FUNCTION;
@@ -162,7 +169,12 @@
// log_msg ("%s: %s", variable.c_str(), value.c_str());
if ( noCaseCompare(variable, pattern) ) {
- *num = strtol(value.c_str(), NULL, 0);
+ *num = strtoul(value.c_str(), NULL, 0);
+ if (*num == LONG_MAX) {
+ long long foo = strtoll(value.c_str(), NULL, 0);
+ log_error("Conversion overflow!: %ll", foo);
+
+ }
}
return *num;
}
@@ -439,6 +451,15 @@
extractNumber(&_movieLibraryLimit, "movieLibraryLimit",
variable, value);
extractNumber(&_delay, "delay", variable, value);
extractNumber(&_verbosity, "verbosity", variable, value);
+
+
+ extractSetting(&_solreadonly, "SOLReadOnly", variable,
+ value);
+ extractSetting(&_lcdisabled, "LocalConnection", variable,
+ value);
+ extractSetting(&_lctrace, "LCTrace", variable,
+ value);
+ extractNumber((uint32_t *)&_lcshmkey, "LCShmkey",
variable, value);
}
}
} while (!in.eof());
Index: server/asobj/SharedObject.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/asobj/SharedObject.cpp,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -b -r1.21 -r1.22
--- server/asobj/SharedObject.cpp 24 Dec 2007 18:21:03 -0000 1.21
+++ server/asobj/SharedObject.cpp 26 Dec 2007 00:46:49 -0000 1.22
@@ -171,7 +171,7 @@
as_value
sharedobject_clear(const fn_call& fn)
{
- GNASH_REPORT_FUNCTION;
+// GNASH_REPORT_FUNCTION;
boost::intrusive_ptr<SharedObject> obj =
ensureType<SharedObject>(fn.this_ptr);
UNUSED(obj);
@@ -193,6 +193,13 @@
// log_msg("Flushing to file %s", obj->getFilespec().c_str());
VM& vm = obj->getVM();
+#ifndef USE_SOL_READONLY
+ if (rcfile.getSOLReadOnly() ) {
+ log_security("Attempting to write object when it's SOL Read Only is
set! Refusing...",
+ obj->getFilespec().c_str());
+ return as_value(false);
+ }
+
// TODO: cache the dataKey in SharedObject prototype on first use ?
// a SharedObject::getDataKey() might do...
string_table::key dataKey = vm.getStringTable().find("data");
@@ -212,15 +219,17 @@
string newspec;
newspec += obj->getFilespec();
sol.writeFile(newspec, obj->getObjectName().c_str());
-
return as_value(true); // TODO: check expected return type from
SharedObject.flush
+#else
+ return as_value(false);
+#endif
}
// Set the file name
as_value
sharedobject_getlocal(const fn_call& fn)
{
- GNASH_REPORT_FUNCTION;
+// GNASH_REPORT_FUNCTION;
// This should return a SharedObject, and it's a static function
// static boost::intrusive_ptr<as_object> obj = new
as_object(getSharedObjectInterface());
@@ -267,6 +276,12 @@
strcpy(domain, "localhost");
}
+ if ((rcfile.getSOLLocalDomain()) && (strcmp(domain, "localhost") > 0) ) {
+ log_security("Attempting to open non localhost created SOL file!!",
+ obj->getFilespec().c_str());
+ return as_value(false);
+ }
+
newspec += domain;
newspec += "/";
if (fn.nargs == 2) {
@@ -345,7 +360,7 @@
}
if (el->type == AMF::STRING) {
if (el->length == 0) {
- ptr->set_member(st.string_table::find(el->name),
as_value("undefined"));
+ ptr->set_member(st.string_table::find(el->name), as_value(""));
} else {
string str = (const char *)el->data;
ptr->set_member(st.string_table::find(el->name),
as_value(str));
@@ -365,7 +380,7 @@
as_value
sharedobject_getsize(const fn_call& fn)
{
- GNASH_REPORT_FUNCTION;
+// GNASH_REPORT_FUNCTION;
boost::intrusive_ptr<SharedObject> obj =
ensureType<SharedObject>(fn.this_ptr);
return as_value(obj->size());
}
Index: ChangeLog
===================================================================
RCS file: /sources/gnash/gnash/ChangeLog,v
retrieving revision 1.5255
retrieving revision 1.5256
diff -u -b -r1.5255 -r1.5256
--- ChangeLog 25 Dec 2007 18:56:05 -0000 1.5255
+++ ChangeLog 26 Dec 2007 00:46:49 -0000 1.5256
@@ -1,3 +1,11 @@
+2007-12-25 Rob Savoye <[EMAIL PROTECTED]>
+
+ * libbase/rc.{cpp,h}: Add new security options for Shared Objects
+ and Local Connections. Make extractNumber() return a uint32_t
+ intead of just an int as we keep overflowing strtol().
+ * server/asobj/SharedObject.cpp: Use new security options for
+ files.
+
2007-12-25 Sandro Santilli <[EMAIL PROTECTED]>
* server/asobj/MovieClipLoader.cpp: remove dead code.
_______________________________________________
Gnash-commit mailing list
Gnash-commit@gnu.org
http://lists.gnu.org/mailman/listinfo/gnash-commit
