diff options
| author |   semarie <semarie@openbsd.org> | 2015-09-28 15:40:18 +0000 |
|---|---|---|
| committer | semarie <semarie@openbsd.org> | 2015-09-28 15:40:18 +0000 |
| commit | cf53adfc7e4e56a711a0c7faa2dfcdfa6522b46b (patch) | |
| tree | f87a8390d72d6269ccc6ed4a3864130e0f9ea540 | |
| parent | Keep sparc/disksubr.c and sparc64/disksubr.c as close as possible. (diff) | |
| download | wireguard-openbsd-cf53adfc7e4e56a711a0c7faa2dfcdfa6522b46b.tar.xz wireguard-openbsd-cf53adfc7e4e56a711a0c7faa2dfcdfa6522b46b.zip | |
make using tame path "/" work.
and add a regress test for that.
ok deraadt@
| -rw-r--r-- | regress/sys/kern/tame/generic/main.c | 4 | ||||
| -rw-r--r-- | regress/sys/kern/tame/generic/tests.out | 8 | ||||
| -rw-r--r-- | sys/kern/kern_tame.c | 5 |
3 files changed, 12 insertions, 5 deletions
diff --git a/regress/sys/kern/tame/generic/main.c b/regress/sys/kern/tame/generic/main.c index 799e083f86c..adc19156c75 100644 --- a/regress/sys/kern/tame/generic/main.c +++ b/regress/sys/kern/tame/generic/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.6 2015/09/27 17:55:39 semarie Exp $ */ +/* $OpenBSD: main.c,v 1.7 2015/09/28 15:40:18 semarie Exp $ */ /* * Copyright (c) 2015 Sebastien Marie <semarie@openbsd.org> * @@ -234,7 +234,7 @@ main(int argc, char *argv[]) */ start_test(&ret, "stdio rpath", NULL, test_wpaths); start_test1(&ret, "stdio rpath", NULL, test_wpaths); - // XXX start_test1(&ret, "stdio rpath", "/", test_wpaths); + start_test1(&ret, "stdio rpath", "/", test_wpaths); start_test1(&ret, "stdio rpath", "/etc", test_wpaths); start_test1(&ret, "stdio rpath", "/etc/", test_wpaths); start_test1(&ret, "stdio rpath", "/etc/passwd", test_wpaths); diff --git a/regress/sys/kern/tame/generic/tests.out b/regress/sys/kern/tame/generic/tests.out index bdcb16316e6..3b55f50f421 100644 --- a/regress/sys/kern/tame/generic/tests.out +++ b/regress/sys/kern/tame/generic/tests.out @@ -1,4 +1,4 @@ -# $OpenBSD: tests.out,v 1.5 2015/09/27 17:55:39 semarie Exp $ +# $OpenBSD: tests.out,v 1.6 2015/09/28 15:40:18 semarie Exp $ test(test_nop): tame=("",NULL) status=0 exit=0 test(test_inet): tame=("",NULL) status=9 signal=9 tamed_syscall=97 test(test_inet): tame=("abort",NULL) status=134 signal=6 coredump=present tamed_syscall=97 @@ -33,6 +33,12 @@ test(test_wpaths): tame=("stdio rpath",{NULL}) open_close("../../../../../../../../../../../../../../../etc/passwd") fd=-1 errno=2 open_close("/nonexistent") fd=-1 errno=2 status=0 exit=0 +test(test_wpaths): tame=("stdio rpath",{"/",NULL}) + open_close("/etc/passwd") fd=3 errno=0 + open_close("generic") fd=3 errno=0 + open_close("../../../../../../../../../../../../../../../etc/passwd") fd=3 errno=0 + open_close("/nonexistent") fd=-1 errno=2 + status=0 exit=0 test(test_wpaths): tame=("stdio rpath",{"/etc",NULL}) open_close("/etc/passwd") fd=3 errno=0 open_close("generic") fd=-1 errno=2 diff --git a/sys/kern/kern_tame.c b/sys/kern/kern_tame.c index bdce41a5d9e..3ed3ff74661 100644 --- a/sys/kern/kern_tame.c +++ b/sys/kern/kern_tame.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_tame.c,v 1.42 2015/09/19 20:39:06 semarie Exp $ */ +/* $OpenBSD: kern_tame.c,v 1.43 2015/09/28 15:40:18 semarie Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -626,7 +626,8 @@ tame_namei(struct proc *p, char *origpath) wl->wl_paths[i].len - 1) == 0) { u_char term = canopath[wl->wl_paths[i].len - 1]; - if (term == '\0' || term == '/') + if (term == '\0' || term == '/' || + wl->wl_paths[i].name[1] == '\0') error = 0; } } |