diff options
| author |   itojun <itojun@openbsd.org> | 2003-06-16 06:36:40 +0000 |
|---|---|---|
| committer | itojun <itojun@openbsd.org> | 2003-06-16 06:36:40 +0000 |
| commit | cd1e39b59e15fb65a1ae03ebde716ef9fc29dd7f (patch) | |
| tree | 3bb16ac32c4655e410047a9e0953f9c996c82c1e /bin/systrace/filter.c | |
| parent | add supported device; (diff) | |
| download | wireguard-openbsd-cd1e39b59e15fb65a1ae03ebde716ef9fc29dd7f.tar.xz wireguard-openbsd-cd1e39b59e15fb65a1ae03ebde716ef9fc29dd7f.zip | |
- limited number of processes per systrace
- escape fixes for special characters
markus, sturm ok. from provos
Diffstat (limited to 'bin/systrace/filter.c')
| -rw-r--r-- | bin/systrace/filter.c | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/bin/systrace/filter.c b/bin/systrace/filter.c index 94f815dce92..1d9c10255a7 100644 --- a/bin/systrace/filter.c +++ b/bin/systrace/filter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: filter.c,v 1.26 2003/05/29 00:39:12 itojun Exp $ */ +/* $OpenBSD: filter.c,v 1.27 2003/06/16 06:36:40 itojun Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * All rights reserved. @@ -46,6 +46,7 @@ #include "intercept.h" #include "systrace.h" #include "filter.h" +#include "util.h" extern int allow; extern int noalias; @@ -171,7 +172,7 @@ filter_evaluate(struct intercept_tlq *tls, struct filterq *fls, struct intercept_pid *icpid) { struct filter *filter, *last = NULL; - short action, laction = 0; + short action; TAILQ_FOREACH(filter, fls, next) { action = filter->match_action; @@ -198,7 +199,6 @@ filter_evaluate(struct intercept_tlq *tls, struct filterq *fls, /* Keep track of last processed filtered in a group */ last = filter; - laction = action; } return (ICPOLICY_ASK); @@ -300,13 +300,11 @@ filter_policyrecord(struct policy *policy, struct filter *filter, const char *emulation, const char *name, char *rule) { /* Record the filter in the policy */ - if (filter == NULL) { - filter = calloc(1, sizeof(struct filter)); - if (filter == NULL) - err(1, "%s:%d: calloc", __func__, __LINE__); - if ((filter->rule = strdup(rule)) == NULL) - err(1, "%s:%d: strdup", __func__, __LINE__); - } + filter = calloc(1, sizeof(struct filter)); + if (filter == NULL) + err(1, "%s:%d: calloc", __func__, __LINE__); + if ((filter->rule = strdup(rule)) == NULL) + err(1, "%s:%d: strdup", __func__, __LINE__); strlcpy(filter->name, name, sizeof(filter->name)); strlcpy(filter->emulation, emulation, sizeof(filter->emulation)); @@ -526,7 +524,7 @@ filter_ask(int fd, struct intercept_tlq *tls, struct filterq *fls, "%s%s eq \"%s\"", tl->name, lst && !strcmp(tl->name, lst) ? "[1]" : "", - l); + strescape(l)); lst = tl->name; |