summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2017-09-12 22:11:56 +0000
committerLaurent Bercot <ska-skaware@skarnet.org>2017-09-12 22:11:56 +0000
commitb7b2b35e27f8cff08924e3b3e31b056cfae01a42 (patch)
tree7cb89897a451a13c2eb738161eac7eb4d838ad46 /src
parent13ecbabacafb6bdaf54488783ab051bc9b986653 (diff)
downloads6-b7b2b35e27f8cff08924e3b3e31b056cfae01a42.tar.xz
bugfix: s6_accessrules_backend_cdb could incorrectly return ERROR instead of DENY
Diffstat (limited to 'src')
-rw-r--r--src/libs6/s6_accessrules_backend_cdb.c13
1 files changed, 7 insertions, 6 deletions
diff --git a/src/libs6/s6_accessrules_backend_cdb.c b/src/libs6/s6_accessrules_backend_cdb.c
index 6a6551b..4c454d1 100644
--- a/src/libs6/s6_accessrules_backend_cdb.c
+++ b/src/libs6/s6_accessrules_backend_cdb.c
@@ -18,18 +18,19 @@ s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keyl
if (r < 0) return S6_ACCESSRULES_ERROR ;
else if (!r) return S6_ACCESSRULES_NOTFOUND ;
n = cdb_datalen(c) ;
- if ((n < 5U) || (n > 8197U)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ if (!n || n > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
if (!stralloc_readyplus(&params->exec, n)) return S6_ACCESSRULES_ERROR ;
execbase = params->exec.len ;
if (cdb_read(c, params->exec.s + execbase, n, cdb_datapos(c)) < 0) return S6_ACCESSRULES_ERROR ;
if (params->exec.s[execbase] == 'D') return S6_ACCESSRULES_DENY ;
else if (params->exec.s[execbase] != 'A') return S6_ACCESSRULES_NOTFOUND ;
- uint16_unpack_big(params->exec.s + execbase + 1U, &envlen) ;
- if ((envlen > 4096U) || (envlen+5U > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ else if (n < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ uint16_unpack_big(params->exec.s + execbase + 1, &envlen) ;
+ if ((envlen > 4096) || (envlen + 5 > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
uint16_unpack_big(params->exec.s + execbase + 3 + envlen, &execlen) ;
- if ((execlen > 4096U) || (5U + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
- if (!stralloc_catb(&params->env, params->exec.s + execbase + 3U, envlen)) return S6_ACCESSRULES_ERROR ;
- memcpy(params->exec.s + execbase, params->exec.s + execbase + 5U + envlen, execlen) ;
+ if ((execlen > 4096) || (5 + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ if (!stralloc_catb(&params->env, params->exec.s + execbase + 3, envlen)) return S6_ACCESSRULES_ERROR ;
+ memcpy(params->exec.s + execbase, params->exec.s + execbase + 5 + envlen, execlen) ;
if (execlen)
{
params->exec.len += execlen ;