kern_tame.c: fix strncmp call
Patch below. Thanks, Caspar Schutijser Index: sys/kern/kern_tame.c === RCS file: /cvs/src/sys/kern/kern_tame.c,v retrieving revision 1.25 diff -u -p -r1.25 kern_tame.c --- sys/kern/kern_tame.c23 Aug 2015 19:32:20 - 1.25 +++ sys/kern/kern_tame.c23 Aug 2015 21:22:38 - @@ -423,7 +423,7 @@ tame_namei(struct proc *p, char *origpat */ if ((p-p_p-ps_tame _TM_TMPPATH) (p-p_tame_syscall == SYS_unlink) - strncmp(path, /tmp/, sizeof(/tmp) - 1) == 0) { + strncmp(path, /tmp/, sizeof(/tmp/) - 1) == 0) { return (0); }
Re: kern_tame.c: fix strncmp call
On 8/23/15, Caspar Schutijser cas...@schutijser.com wrote: Patch below. Thanks, Caspar Schutijser Index: sys/kern/kern_tame.c === RCS file: /cvs/src/sys/kern/kern_tame.c,v retrieving revision 1.25 diff -u -p -r1.25 kern_tame.c --- sys/kern/kern_tame.c 23 Aug 2015 19:32:20 - 1.25 +++ sys/kern/kern_tame.c 23 Aug 2015 21:22:38 - @@ -423,7 +423,7 @@ tame_namei(struct proc *p, char *origpat */ if ((p-p_p-ps_tame _TM_TMPPATH) (p-p_tame_syscall == SYS_unlink) - strncmp(path, /tmp/, sizeof(/tmp) - 1) == 0) { + strncmp(path, /tmp/, sizeof(/tmp/) - 1) == 0) { you are confusing sizeof() with strlen(). former counts the byte required for the terminating NUL. $ cat /tmp/a.c #include stdio.h #include stdlib.h int main(int argc, char *argv[]) { printf(sizeof(\/tmp\)=%zu\n, sizeof(/tmp)); exit(0); } $ cc /tmp/a.c -o /tmp/a $ /tmp/a sizeof(/tmp)=5 --patrick return (0); }
Re: kern_tame.c: fix strncmp call
Apologies, my eyes failed me on this. On 8/23/15, patrick keshishian pkesh...@gmail.com wrote: On 8/23/15, Caspar Schutijser cas...@schutijser.com wrote: Patch below. Thanks, Caspar Schutijser Index: sys/kern/kern_tame.c === RCS file: /cvs/src/sys/kern/kern_tame.c,v retrieving revision 1.25 diff -u -p -r1.25 kern_tame.c --- sys/kern/kern_tame.c 23 Aug 2015 19:32:20 - 1.25 +++ sys/kern/kern_tame.c 23 Aug 2015 21:22:38 - @@ -423,7 +423,7 @@ tame_namei(struct proc *p, char *origpat */ if ((p-p_p-ps_tame _TM_TMPPATH) (p-p_tame_syscall == SYS_unlink) -strncmp(path, /tmp/, sizeof(/tmp) - 1) == 0) { +strncmp(path, /tmp/, sizeof(/tmp/) - 1) == 0) { you are confusing sizeof() with strlen(). former counts the byte required for the terminating NUL. $ cat /tmp/a.c #include stdio.h #include stdlib.h int main(int argc, char *argv[]) { printf(sizeof(\/tmp\)=%zu\n, sizeof(/tmp)); exit(0); } $ cc /tmp/a.c -o /tmp/a $ /tmp/a sizeof(/tmp)=5 --patrick return (0); }
Re: kern_tame.c: fix strncmp call
On 08/24/15 00:29, patrick keshishian wrote: On 8/23/15, Caspar Schutijser cas...@schutijser.com wrote: Patch below. Thanks, Caspar Schutijser Index: sys/kern/kern_tame.c === RCS file: /cvs/src/sys/kern/kern_tame.c,v retrieving revision 1.25 diff -u -p -r1.25 kern_tame.c --- sys/kern/kern_tame.c23 Aug 2015 19:32:20 - 1.25 +++ sys/kern/kern_tame.c23 Aug 2015 21:22:38 - @@ -423,7 +423,7 @@ tame_namei(struct proc *p, char *origpat */ if ((p-p_p-ps_tame _TM_TMPPATH) (p-p_tame_syscall == SYS_unlink) - strncmp(path, /tmp/, sizeof(/tmp) - 1) == 0) { + strncmp(path, /tmp/, sizeof(/tmp/) - 1) == 0) { you are confusing sizeof() with strlen(). former counts the byte required for the terminating NUL. Yes, but you're missing the following - 1, methinks... I think the diff is correct. /Alexander $ cat /tmp/a.c #include stdio.h #include stdlib.h int main(int argc, char *argv[]) { printf(sizeof(\/tmp\)=%zu\n, sizeof(/tmp)); exit(0); } $ cc /tmp/a.c -o /tmp/a $ /tmp/a sizeof(/tmp)=5 --patrick return (0); }
Re: kern_tame.c: fix strncmp call
On Sun, Aug 23, 2015 at 03:29:46PM -0700, patrick keshishian wrote: On 8/23/15, Caspar Schutijser cas...@schutijser.com wrote: Patch below. Thanks, Caspar Schutijser Index: sys/kern/kern_tame.c === RCS file: /cvs/src/sys/kern/kern_tame.c,v retrieving revision 1.25 diff -u -p -r1.25 kern_tame.c --- sys/kern/kern_tame.c23 Aug 2015 19:32:20 - 1.25 +++ sys/kern/kern_tame.c23 Aug 2015 21:22:38 - @@ -423,7 +423,7 @@ tame_namei(struct proc *p, char *origpat */ if ((p-p_p-ps_tame _TM_TMPPATH) (p-p_tame_syscall == SYS_unlink) - strncmp(path, /tmp/, sizeof(/tmp) - 1) == 0) { + strncmp(path, /tmp/, sizeof(/tmp/) - 1) == 0) { you are confusing sizeof() with strlen(). former counts the byte required for the terminating NUL. I don't think the OP is. If you want to check that path starts with /tmp/, you need to check the first 5 characters. The original code only checks the first 4. As such, it will also match /tmpfile. Joerg