rpms / fapolicyd

Clone
Source Code
GIT

Blame SOURCES/fapolicyd-deleted-suffix.patch

c8 c8-beta c8s c9 c9-beta
  1.   4255d0dafa5626f0ed7120289f3f36fcf2d03ea1
  2.   SOURCES
  3.   fapolicyd-deleted-suffix.patch
Blob History Raw
4255d0 
From 8b7ea120670525d9ac7f1698ae7482d691e840a4 Mon Sep 17 00:00:00 2001
4255d0 
From: Radovan Sroka <rsroka@redhat.com>
4255d0 
Date: Mon, 9 Nov 2020 17:02:22 +0100
4255d0 
Subject: [PATCH] Added check for " (deleted)" suffix in get_program_from_fd()
4255d0 
 (#97)
4255d0
4255d0 
- get rid of this suffix
4255d0
4255d0 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
4255d0
4255d0 
Removed strstr (#102)
4255d0 
---
4255d0 
 src/library/process.c | 18 ++++++++++++++++--
4255d0 
 1 file changed, 16 insertions(+), 2 deletions(-)
4255d0
4255d0 
diff --git a/src/library/process.c b/src/library/process.c
4255d0 
index edd2cca..6406610 100644
4255d0 
--- a/src/library/process.c
4255d0 
+++ b/src/library/process.c
4255d0 
@@ -146,10 +146,24 @@ char *get_program_from_pid(pid_t pid, size_t blen, char *buf)
4255d0
4255d0 
 		return buf;
4255d0 
 	}
4255d0 
+
4255d0 
+	size_t len = 0;
4255d0 
 	if ((size_t)path_len < blen)
4255d0 
-		buf[path_len] = 0;
4255d0 
+		len = path_len;
4255d0 
 	else
4255d0 
-		buf[blen-1] = '\0';
4255d0 
+		len = blen-1;
4255d0 
+
4255d0 
+	buf[len] = '\0';
4255d0 
+	// some binaries can be deleted after execution
4255d0 
+	// then we need to delete the suffix so they are
4255d0 
+	// trusted even after deletion
4255d0 
+
4255d0 
+	// strlen(" deleted") == 10
4255d0 
+	if (buf[len-1] == ')' && len > 10) {
4255d0 
+
4255d0 
+		if (strcmp(&buf[len - 10], " (deleted)") == 0)
4255d0 
+			buf[len - 10] = '\0';
4255d0 
+	}
4255d0
4255d0 
 	return buf;
4255d0 
 }
4255d0 
--
4255d0 
2.26.2
4255d0

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation