[PATCH v1] secontext: print context of Unix socket's sun_path field
Renaud Métrich
rmetrich at redhat.com
Thu Jun 30 19:00:34 UTC 2022
Yes sorry I should have mentioned that, I was also worried about non
terminated string but checked the code as found it was null terminated
anyway.
On Thursday, June 30, 2022, Dmitry V. Levin <ldv at altlinux.org> wrote:
> On Thu, Jun 30, 2022 at 07:15:27PM +0300, Dmitry V. Levin wrote:
>> On Tue, Jun 21, 2022 at 08:43:00AM +0200, Renaud Métrich wrote:
>> > Signed-off-by: Renaud Métrich <rmetrich at redhat.com>
>> > ---
>> > src/sockaddr.c | 3 +++
>> > tests/gen_tests.in | 4 ++++
>> > tests/secontext.c | 49 +++++++++++++++++++++++++++++++++++++++++
>> > tests/secontext.h | 12 +++++++++++
>> > tests/sockname.c | 54 ++++++++++++++++++++++++++++++----------------
>> > 5 files changed, 103 insertions(+), 19 deletions(-)
>> >
>> > diff --git a/src/sockaddr.c b/src/sockaddr.c
>> > index a6e698d4b..cf770a5e7 100644
>> > --- a/src/sockaddr.c
>> > +++ b/src/sockaddr.c
>> > @@ -63,6 +63,8 @@
>> > #include "xlat/mctp_addrs.h"
>> > #include "xlat/mctp_nets.h"
>> >
>> > +#include "secontext.h"
>> > +
>> > #define SIZEOF_SA_FAMILY sizeof_field(struct sockaddr, sa_family)
>> >
>> > struct sockaddr_rxrpc {
>> > @@ -115,6 +117,7 @@ print_sockaddr_data_un(struct tcb *tcp, const void
*const buf, const int addrlen
>> > if (sa_un->sun_path[0]) {
>> > print_quoted_string(sa_un->sun_path, path_len + 1,
>> > QUOTE_0_TERMINATED);
>> > + selinux_printfilecon(tcp, sa_un->sun_path);
>>
>> Interesting, selinux_printfilecon takes a NUL-terminated path, but
>> sa_un->sun_path is not necessarily NUL-terminated. Also, path_len
>> could potentially be less than sizeof(sa_un->sun_path) - 1,
>> I wonder what selinux_printfilecon would print in that case.
>
> OK, looks like all of this is safe thanks to decode_sockaddr that already
> does the NUL-termination.
>
>
> --
> ldv
>
>
--
Renaud
Sent from my phone, sorry for the typos...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20220630/861389ff/attachment.htm>
More information about the Strace-devel
mailing list