poc/paxctl-xattr.c: first working version

author: Anthony G. Basile <blueness@gentoo.org> 2011-09-27 19:35:05 -0400
committer: Anthony G. Basile <blueness@gentoo.org> 2011-10-08 14:53:27 -0400
commit: bf4b2cc848059249198e54091c8e6ebafdd9ec55 (patch)
tree: 9266ad0b6fa1238d247e1f51641b221e05f36b4c
parent: poc/paxctl-xattr.c: removed unnecesary listing of all xattrs (diff)
download: elfix-bf4b2cc848059249198e54091c8e6ebafdd9ec55.tar.gz
elfix-bf4b2cc848059249198e54091c8e6ebafdd9ec55.tar.bz2
elfix-bf4b2cc848059249198e54091c8e6ebafdd9ec55.zip
1 files changed, 140 insertions, 130 deletions
diff --git a/poc/paxctl-xattr.c b/poc/paxctl-xattr.c
index 5040f80..2232631 100644
--- a/poc/paxctl-xattr.c
+++ b/poc/paxctl-xattr.c
@@ -155,41 +155,50 @@ parse_cmd_args(int c, char *v[], int *pax_flags, int *view_flags)
 }
 
 
-#define BUF_SIZE 7
-void
-print_flags(int fd)
+uint16_t
+read_flags(int fd)
 {
-	char xt_buf[BUF_SIZE];
-	uint16_t xt_flags;
+	//UINT16_MAX is an invalid value
+	uint16_t xt_flags = UINT16_MAX;
 
-	static ssize_t vsize = 1024;
-	static char *value = NULL;
-	ssize_t i, vret = -1;
+	if(fgetxattr(fd, PAX_NAMESPACE, &xt_flags, sizeof(uint16_t)) == -1)
+	{
+		//xattrs is supported, PAX_NAMESPACE is present, but it is the wrong size
+		if(errno == ERANGE)
+		{
+			printf("XT_PAX: malformed flags found\n");
+			//FIXME remove the user.pax field
+			xt_flags = 0;
+		}
 
-	memset(xt_buf, 0, BUF_SIZE);
-	value  = malloc(vsize);
+		//xattrs is supported, PAX_NAMESPACE is not present
+		if(errno == ENOATTR)
+		{
+			printf("XT_PAX: not found\n");
+			xt_flags = 0;
+		}
 
-	//If at first we don't succeed, grow buffer size
-	while(((vret = fgetxattr(fd, PAX_NAMESPACE, value, vsize)) == -1) && (errno == ERANGE))
-	{
-		vsize <<= 1;
-		value = realloc(value, vsize);
+		//xattrs is not supported
+		if(errno == ENOTSUP)
+			printf("XT_PAX: extended attribute not supported\n");
 	}
 
-	if(errno == ENOATTR)
-	{
-		printf("XT_PAX: not found or permission denied\n");
-		return;
-	}
+	return xt_flags;
+}
 
-	if(errno == ENOTSUP)
-	{
-		printf("XT_PAX: extended attribute not supported\n");
-		return;
-	}
 
-	xt_flags = (uint16_t)value[0];
-	xt_flags = xt_flags << 8 + value[1];
+#define BUF_SIZE 7
+void
+print_flags(int fd)
+{
+	uint16_t xt_flags;
+	char xt_buf[BUF_SIZE];
+
+	memset(xt_buf, 0, BUF_SIZE);
+
+	//If an invalid value is returned, then skip this
+	if((xt_flags = read_flags(fd)) == UINT16_MAX)
+		return ;
 
 	xt_buf[0] = xt_flags & PF_PAGEEXEC ? 'P' :
 		xt_flags & PF_NOPAGEEXEC ? 'p' : '-' ;
@@ -218,118 +227,119 @@ set_flags(int fd, int *pax_flags)
 {
 	uint16_t xt_flags;
 
-	//int fsetxattr(int fd, const char *name, const void *value, size_t size, int flags);
+	//If an invalid value is returned, then skip this
+	if((xt_flags = read_flags(fd)) == UINT16_MAX)
+		return ;
 
-	/*
-	if( / DOME xattrs is supported / )
+	//PAGEEXEC
+	if(*pax_flags & PF_PAGEEXEC)
 	{
-		//PAGEEXEC
-		if(*pax_flags & PF_PAGEEXEC)
-		{
-			phdr.p_flags |= PF_PAGEEXEC;
-			phdr.p_flags &= ~PF_NOPAGEEXEC;
-		}
-		if(*pax_flags & PF_NOPAGEEXEC)
-		{
-			phdr.p_flags &= ~PF_PAGEEXEC;
-			phdr.p_flags |= PF_NOPAGEEXEC;
-		}
-		if((*pax_flags & PF_PAGEEXEC) && (*pax_flags & PF_NOPAGEEXEC))
-		{
-			phdr.p_flags &= ~PF_PAGEEXEC;
-			phdr.p_flags &= ~PF_NOPAGEEXEC;
-		}
+		xt_flags |= PF_PAGEEXEC;
+		xt_flags &= ~PF_NOPAGEEXEC;
+	}
+	if(*pax_flags & PF_NOPAGEEXEC)
+	{
+		xt_flags &= ~PF_PAGEEXEC;
+		xt_flags |= PF_NOPAGEEXEC;
+	}
+	if((*pax_flags & PF_PAGEEXEC) && (*pax_flags & PF_NOPAGEEXEC))
+	{
+		xt_flags &= ~PF_PAGEEXEC;
+		xt_flags &= ~PF_NOPAGEEXEC;
+	}
 
-		//SEGMEXEC
-		if(*pax_flags & PF_SEGMEXEC)
-		{
-			phdr.p_flags |= PF_SEGMEXEC;
-			phdr.p_flags &= ~PF_NOSEGMEXEC;
-		}
-		if(*pax_flags & PF_NOSEGMEXEC)
-		{
-			phdr.p_flags &= ~PF_SEGMEXEC;
-			phdr.p_flags |= PF_NOSEGMEXEC;
-		}
-		if((*pax_flags & PF_SEGMEXEC) && (*pax_flags & PF_NOSEGMEXEC))
-		{
-			phdr.p_flags &= ~PF_SEGMEXEC;
-			phdr.p_flags &= ~PF_NOSEGMEXEC;
-		}
+	//SEGMEXEC
+	if(*pax_flags & PF_SEGMEXEC)
+	{
+		xt_flags |= PF_SEGMEXEC;
+		xt_flags &= ~PF_NOSEGMEXEC;
+	}
+	if(*pax_flags & PF_NOSEGMEXEC)
+	{
+		xt_flags &= ~PF_SEGMEXEC;
+		xt_flags |= PF_NOSEGMEXEC;
+	}
+	if((*pax_flags & PF_SEGMEXEC) && (*pax_flags & PF_NOSEGMEXEC))
+	{
+		xt_flags &= ~PF_SEGMEXEC;
+		xt_flags &= ~PF_NOSEGMEXEC;
+	}
 
-		//MPROTECT
-		if(*pax_flags & PF_MPROTECT)
-		{
-			phdr.p_flags |= PF_MPROTECT;
-			phdr.p_flags &= ~PF_NOMPROTECT;
-		}
-		if(*pax_flags & PF_NOMPROTECT)
-		{
-			phdr.p_flags &= ~PF_MPROTECT;
-			phdr.p_flags |= PF_NOMPROTECT;
-		}
-		if((*pax_flags & PF_MPROTECT) && (*pax_flags & PF_NOMPROTECT))
-		{
-			phdr.p_flags &= ~PF_MPROTECT;
-			phdr.p_flags &= ~PF_NOMPROTECT;
-		}
+	//MPROTECT
+	if(*pax_flags & PF_MPROTECT)
+	{
+		xt_flags |= PF_MPROTECT;
+		xt_flags &= ~PF_NOMPROTECT;
+	}
+	if(*pax_flags & PF_NOMPROTECT)
+	{
+		xt_flags &= ~PF_MPROTECT;
+		xt_flags |= PF_NOMPROTECT;
+	}
+	if((*pax_flags & PF_MPROTECT) && (*pax_flags & PF_NOMPROTECT))
+	{
+		xt_flags &= ~PF_MPROTECT;
+		xt_flags &= ~PF_NOMPROTECT;
+	}
 
-		//EMUTRAMP
-		if(*pax_flags & PF_EMUTRAMP)
-		{
-			phdr.p_flags |= PF_EMUTRAMP;
-			phdr.p_flags &= ~PF_NOEMUTRAMP;
-		}
-		if(*pax_flags & PF_NOEMUTRAMP)
-		{
-			phdr.p_flags &= ~PF_EMUTRAMP;
-			phdr.p_flags |= PF_NOEMUTRAMP;
-		}
-		if((*pax_flags & PF_EMUTRAMP) && (*pax_flags & PF_NOEMUTRAMP))
-		{
-			phdr.p_flags &= ~PF_EMUTRAMP;
-			phdr.p_flags &= ~PF_NOEMUTRAMP;
-		}
+	//EMUTRAMP
+	if(*pax_flags & PF_EMUTRAMP)
+	{
+		xt_flags |= PF_EMUTRAMP;
+		xt_flags &= ~PF_NOEMUTRAMP;
+	}
+	if(*pax_flags & PF_NOEMUTRAMP)
+	{
+		xt_flags &= ~PF_EMUTRAMP;
+		xt_flags |= PF_NOEMUTRAMP;
+	}
+	if((*pax_flags & PF_EMUTRAMP) && (*pax_flags & PF_NOEMUTRAMP))
+	{
+		xt_flags &= ~PF_EMUTRAMP;
+		xt_flags &= ~PF_NOEMUTRAMP;
+	}
 
-		//RANDMMAP
-		if(*pax_flags & PF_RANDMMAP)
-		{
-			phdr.p_flags |= PF_RANDMMAP;
-			phdr.p_flags &= ~PF_NORANDMMAP;
-		}
-		if(*pax_flags & PF_NORANDMMAP)
-		{
-			phdr.p_flags &= ~PF_RANDMMAP;
-			phdr.p_flags |= PF_NORANDMMAP;
-		}
-		if((*pax_flags & PF_RANDMMAP) && (*pax_flags & PF_NORANDMMAP))
-		{
-			phdr.p_flags &= ~PF_RANDMMAP;
-			phdr.p_flags &= ~PF_NORANDMMAP;
-		}
+	//RANDMMAP
+	if(*pax_flags & PF_RANDMMAP)
+	{
+		xt_flags |= PF_RANDMMAP;
+		xt_flags &= ~PF_NORANDMMAP;
+	}
+	if(*pax_flags & PF_NORANDMMAP)
+	{
+		xt_flags &= ~PF_RANDMMAP;
+		xt_flags |= PF_NORANDMMAP;
+	}
+	if((*pax_flags & PF_RANDMMAP) && (*pax_flags & PF_NORANDMMAP))
+	{
+		xt_flags &= ~PF_RANDMMAP;
+		xt_flags &= ~PF_NORANDMMAP;
+	}
 
-		//RANDEXEC
-		if(*pax_flags & PF_RANDEXEC)
-		{
-			phdr.p_flags |= PF_RANDEXEC;
-			phdr.p_flags &= ~PF_NORANDEXEC;
-		}
-		if(*pax_flags & PF_NORANDEXEC)
-		{
-			phdr.p_flags &= ~PF_RANDEXEC;
-			phdr.p_flags |= PF_NORANDEXEC;
-		}
-		if((*pax_flags & PF_RANDEXEC) && (*pax_flags & PF_NORANDEXEC))
-		{
-			phdr.p_flags &= ~PF_RANDEXEC;
-			phdr.p_flags &= ~PF_NORANDEXEC;
-		}
+	//RANDEXEC
+	if(*pax_flags & PF_RANDEXEC)
+	{
+		xt_flags |= PF_RANDEXEC;
+		xt_flags &= ~PF_NORANDEXEC;
+	}
+	if(*pax_flags & PF_NORANDEXEC)
+	{
+		xt_flags &= ~PF_RANDEXEC;
+		xt_flags |= PF_NORANDEXEC;
+	}
+	if((*pax_flags & PF_RANDEXEC) && (*pax_flags & PF_NORANDEXEC))
+	{
+		xt_flags &= ~PF_RANDEXEC;
+		xt_flags &= ~PF_NORANDEXEC;
+	}
 
-		/ update xattr /
+	if(fsetxattr(fd, PAX_NAMESPACE, &xt_flags, sizeof(uint16_t), 0) == -1)
+	{
+		if(errno == ENOSPC || errno == EDQUOT)
+			printf("XT_PAX: cannot store xt_flags\n");
+		if(errno == ENOTSUP)
+			printf("XT_PAX: extended attribute not supported\n");
 	}
-	else
-		printf("XT_PAX: not found\n");
-	*/
 }
author	Anthony G. Basile <blueness@gentoo.org>	2011-09-27 19:35:05 -0400
committer	Anthony G. Basile <blueness@gentoo.org>	2011-10-08 14:53:27 -0400
commit	bf4b2cc848059249198e54091c8e6ebafdd9ec55 (patch)
tree	9266ad0b6fa1238d247e1f51641b221e05f36b4c
parent	poc/paxctl-xattr.c: removed unnecesary listing of all xattrs (diff)
download	elfix-bf4b2cc848059249198e54091c8e6ebafdd9ec55.tar.gz elfix-bf4b2cc848059249198e54091c8e6ebafdd9ec55.tar.bz2 elfix-bf4b2cc848059249198e54091c8e6ebafdd9ec55.zip