rpms / fapolicyd

Clone
Source Code
GIT

Blame SOURCES/fapolicyd-deleted-suffix.patch

c8 c8-beta c8s c9 c9-beta
  1.   a6f5f399c7696df1d120c84888f980b3266c0cdb
  2.   SOURCES
  3.   fapolicyd-deleted-suffix.patch
Blob History Raw
a6f5f3 
From 8b7ea120670525d9ac7f1698ae7482d691e840a4 Mon Sep 17 00:00:00 2001
a6f5f3 
From: Radovan Sroka <rsroka@redhat.com>
a6f5f3 
Date: Mon, 9 Nov 2020 17:02:22 +0100
a6f5f3 
Subject: [PATCH] Added check for " (deleted)" suffix in get_program_from_fd()
a6f5f3 
 (#97)
a6f5f3
a6f5f3 
- get rid of this suffix
a6f5f3
a6f5f3 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
a6f5f3
a6f5f3 
Removed strstr (#102)
a6f5f3 
---
a6f5f3 
 src/library/process.c | 18 ++++++++++++++++--
a6f5f3 
 1 file changed, 16 insertions(+), 2 deletions(-)
a6f5f3
a6f5f3 
diff --git a/src/library/process.c b/src/library/process.c
a6f5f3 
index edd2cca..6406610 100644
a6f5f3 
--- a/src/library/process.c
a6f5f3 
+++ b/src/library/process.c
a6f5f3 
@@ -146,10 +146,24 @@ char *get_program_from_pid(pid_t pid, size_t blen, char *buf)
a6f5f3
a6f5f3 
 		return buf;
a6f5f3 
 	}
a6f5f3 
+
a6f5f3 
+	size_t len = 0;
a6f5f3 
 	if ((size_t)path_len < blen)
a6f5f3 
-		buf[path_len] = 0;
a6f5f3 
+		len = path_len;
a6f5f3 
 	else
a6f5f3 
-		buf[blen-1] = '\0';
a6f5f3 
+		len = blen-1;
a6f5f3 
+
a6f5f3 
+	buf[len] = '\0';
a6f5f3 
+	// some binaries can be deleted after execution
a6f5f3 
+	// then we need to delete the suffix so they are
a6f5f3 
+	// trusted even after deletion
a6f5f3 
+
a6f5f3 
+	// strlen(" deleted") == 10
a6f5f3 
+	if (buf[len-1] == ')' && len > 10) {
a6f5f3 
+
a6f5f3 
+		if (strcmp(&buf[len - 10], " (deleted)") == 0)
a6f5f3 
+			buf[len - 10] = '\0';
a6f5f3 
+	}
a6f5f3
a6f5f3 
 	return buf;
a6f5f3 
 }
a6f5f3 
--
a6f5f3 
2.26.2
a6f5f3

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation