SOURCES: gradm-symlink_depth.patch (NEW) - limit symlinks

[zbyniu]

Author: zbyniu                       Date: Mon Apr 20 13:09:11 2009 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- limit symlinks

---- Files affected:
SOURCES:
   gradm-symlink_depth.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/gradm-symlink_depth.patch
diff -u /dev/null SOURCES/gradm-symlink_depth.patch:1.1
--- /dev/null   Mon Apr 20 15:09:12 2009
+++ SOURCES/gradm-symlink_depth.patch   Mon Apr 20 15:09:05 2009
@@ -0,0 +1,48 @@
+diff -upr gradm2./gradm_defs.h gradm2/gradm_defs.h
+--- gradm2./gradm_defs.h       2009-02-25 16:38:51.413559473 +0000
++++ gradm2/gradm_defs.h        2009-02-25 17:06:58.624996368 +0000
+@@ -37,6 +37,7 @@
+ 
+ #define MAX_INCLUDE_DEPTH     20
+ #define MAX_NEST_DEPTH                8
++#define MAX_SYMLINK_DEPTH     8
+ 
+ #ifndef RLIMIT_LOCKS
+ #define RLIMIT_LOCKS 10
+diff -upr gradm2./gradm_parse.c gradm2/gradm_parse.c
+--- gradm2./gradm_parse.c      2009-02-25 16:38:51.417084282 +0000
++++ gradm2/gradm_parse.c       2009-02-25 17:14:40.444676181 +0000
+@@ -608,6 +608,7 @@
+       struct deleted_file *dfile;
+       unsigned int file_len;
+       char *str;
++      static int link_count = 0;
+ 
+       if (!subject) {
+               fprintf(stderr, "Error on line %lu of %s.  Attempt to "
+@@ -665,12 +666,20 @@ add_proc_object_acl(struct proc_acl *sub
+               fstat.st_ino = dfile->ino;
+               fstat.st_dev = 0;
+               mode |= GR_DELETED;
++              link_count = 0;
+       } else if (S_ISLNK(fstat.st_mode)) {
+-              char buf[PATH_MAX];
+-              memset(&buf, 0, sizeof (buf));
+-              realpath(filename, buf);
+-              if(!add_proc_object_acl(subject, gr_strdup(buf), mode, type | 
GR_SYMLINK))
+-                      return 0;
++              if (link_count > MAX_SYMLINK_DEPTH) {
++                      fprintf(stderr, "Too many levels of symbolic links "
++                                      "%s\n", filename);
++                      exit(EXIT_FAILURE);
++              } else {
++                      char buf[PATH_MAX];
++                      memset(&buf, 0, sizeof (buf));
++                      realpath(filename, buf);
++                      link_count++;
++                      if(!add_proc_object_acl(subject, gr_strdup(buf), mode, 
type | GR_SYMLINK))
++                              return 0;
++              }
+       }
+ 
+       if ((p =
================================================================
_______________________________________________
pld-cvs-commit mailing list
pld-cvs-commit@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit