Changeset 452 for trunk/src/sh_suidchk.c


Ignore:
Timestamp:
Jun 26, 2014, 8:01:54 PM (10 years ago)
Author:
katerina
Message:

Fix for ticket #353 (multiple exclusions for SUID check).

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/sh_suidchk.c

    r440 r452  
    8282#include "sh_schedule.h"
    8383#include "sh_calls.h"
     84#include "zAVLTree.h"
    8485
    8586
     
    146147static int     ShSuidchkQDelete  = S_FALSE;
    147148static int     ShSuidchkSeverity = SH_ERR_SEVERE;
    148 static char *  ShSuidchkExclude  = NULL;
    149 static size_t  ExcludeLen        = 0;
    150149
    151150static time_t  FileLimNow        = 0;
     
    155154
    156155static sh_schedule_t * ShSuidchkSched = NULL;
     156
     157
     158static zAVLTree *  ShSuidchkExclude  = NULL;
     159static void sh_suid_exclude_free()
     160{
     161  zAVL_string_reset(ShSuidchkExclude);
     162  ShSuidchkExclude  = NULL;
     163  return;
     164}
     165static int sh_suid_exclude_add(const char * str)
     166{
     167  size_t len;
     168  int    ret;
     169  char * key = sh_util_strdup(str);
     170
     171  len = sl_strlen (key);
     172  if (len && key[len-1] == '/')
     173    {
     174      key[len-1] = '\0';
     175    }
     176  ret = zAVL_string_set(&ShSuidchkExclude, key);
     177  SH_FREE(key);
     178  return ret;
     179}
     180
    157181
    158182static char *
     
    179203  ShSuidchkSeverity = SH_ERR_SEVERE;
    180204  if (ShSuidchkExclude != NULL)
    181     SH_FREE(ShSuidchkExclude);
    182   ShSuidchkExclude  = NULL;
    183   ExcludeLen        = 0;
     205    sh_suid_exclude_free(ShSuidchkExclude);
    184206
    185207  FileLimNow        = 0;
     
    11361158        if (tlen >= 6 && 0 == strcmp(&tmp[tlen-6], _("/.gvfs")))
    11371159          elevel = SH_ERR_NOTICE;
     1160        else if (tlen >= 5 && 0 == strcmp(&((mnt->mnt_dir)[tlen-5]), _("/gvfs")))
     1161          elevel = SH_ERR_NOTICE;
    11381162
    11391163        /* If we are scanning a temporary directory where dirs and files
     
    11561180        if (/*@-usedef@*/S_ISDIR(buf.st_mode)/*@+usedef@*/ &&
    11571181            (ShSuidchkExclude == NULL ||
    1158              0 != strcmp(tmpcat, ShSuidchkExclude)))
     1182             NULL == zAVL_string_get(ShSuidchkExclude, tmpcat)))
    11591183          {
    11601184            /* fs is a STATIC string or NULL
     
    15291553int sh_suidchk_set_exclude (const char * c)
    15301554{
     1555  int ret = 0;
    15311556  SL_ENTER(_("sh_suidchk_set_exclude"));
    15321557
     
    15391564    {
    15401565      if (ShSuidchkExclude != NULL)
    1541         SH_FREE(ShSuidchkExclude);
    1542       ShSuidchkExclude = NULL;
     1566        sh_suid_exclude_free();
    15431567      SL_RETURN(0, _("sh_suidchk_set_exclude"));
    15441568    }
    15451569
    1546   if (ShSuidchkExclude != NULL)
    1547     SH_FREE(ShSuidchkExclude);
    1548 
    1549   ShSuidchkExclude = sh_util_strdup (c);
    1550   ExcludeLen       = sl_strlen (ShSuidchkExclude);
    1551   if (ShSuidchkExclude && ShSuidchkExclude[ExcludeLen-1] == '/')
    1552     {
    1553       ShSuidchkExclude[ExcludeLen-1] = '\0';
    1554       ExcludeLen--;
    1555     }
    1556   SL_RETURN(0, _("sh_suidchk_set_exclude"));
     1570  ret = sh_suid_exclude_add(c);
     1571
     1572  SL_RETURN(ret, _("sh_suidchk_set_exclude"));
    15571573}
    15581574
Note: See TracChangeset for help on using the changeset viewer.