[PATCH v1] secontext: print context of Unix socket's sun_path field
Dmitry V. Levin
ldv at altlinux.org
Thu Jun 30 18:15:23 UTC 2022
On Thu, Jun 30, 2022 at 07:15:27PM +0300, Dmitry V. Levin wrote:
> On Tue, Jun 21, 2022 at 08:43:00AM +0200, Renaud Métrich wrote:
> > Signed-off-by: Renaud Métrich <rmetrich at redhat.com>
> > ---
> > src/sockaddr.c | 3 +++
> > tests/gen_tests.in | 4 ++++
> > tests/secontext.c | 49 +++++++++++++++++++++++++++++++++++++++++
> > tests/secontext.h | 12 +++++++++++
> > tests/sockname.c | 54 ++++++++++++++++++++++++++++++----------------
> > 5 files changed, 103 insertions(+), 19 deletions(-)
> >
> > diff --git a/src/sockaddr.c b/src/sockaddr.c
> > index a6e698d4b..cf770a5e7 100644
> > --- a/src/sockaddr.c
> > +++ b/src/sockaddr.c
> > @@ -63,6 +63,8 @@
> > #include "xlat/mctp_addrs.h"
> > #include "xlat/mctp_nets.h"
> >
> > +#include "secontext.h"
> > +
> > #define SIZEOF_SA_FAMILY sizeof_field(struct sockaddr, sa_family)
> >
> > struct sockaddr_rxrpc {
> > @@ -115,6 +117,7 @@ print_sockaddr_data_un(struct tcb *tcp, const void *const buf, const int addrlen
> > if (sa_un->sun_path[0]) {
> > print_quoted_string(sa_un->sun_path, path_len + 1,
> > QUOTE_0_TERMINATED);
> > + selinux_printfilecon(tcp, sa_un->sun_path);
>
> Interesting, selinux_printfilecon takes a NUL-terminated path, but
> sa_un->sun_path is not necessarily NUL-terminated. Also, path_len
> could potentially be less than sizeof(sa_un->sun_path) - 1,
> I wonder what selinux_printfilecon would print in that case.
OK, looks like all of this is safe thanks to decode_sockaddr that already
does the NUL-termination.
--
ldv
More information about the Strace-devel
mailing list