diff options
Diffstat (limited to 'src/libs6/s6_accessrules_backend_cdb.c')
| -rw-r--r-- | src/libs6/s6_accessrules_backend_cdb.c | 48 |
1 files changed, 27 insertions, 21 deletions
diff --git a/src/libs6/s6_accessrules_backend_cdb.c b/src/libs6/s6_accessrules_backend_cdb.c index 4c454d1..49eca68 100644 --- a/src/libs6/s6_accessrules_backend_cdb.c +++ b/src/libs6/s6_accessrules_backend_cdb.c @@ -3,38 +3,44 @@ #include <string.h> #include <stdint.h> #include <errno.h> + #include <skalibs/uint16.h> #include <skalibs/cdb.h> #include <skalibs/stralloc.h> #include <s6/accessrules.h> -s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keylen, void *data, s6_accessrules_params_t *params) +s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keylen, void const *arg, s6_accessrules_params_t *params) { - struct cdb *c = data ; - size_t execbase ; - unsigned int n ; + cdb_data data ; + int wasnull = !params->env.s ; uint16_t envlen, execlen ; - int r = cdb_find(c, key, keylen) ; + cdb const *c = arg ; + cdb_reader reader = CDB_READER_ZERO ; + int r = cdb_find(c, &reader, &data, key, keylen) ; if (r < 0) return S6_ACCESSRULES_ERROR ; else if (!r) return S6_ACCESSRULES_NOTFOUND ; - n = cdb_datalen(c) ; - if (!n || n > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; - if (!stralloc_readyplus(¶ms->exec, n)) return S6_ACCESSRULES_ERROR ; - execbase = params->exec.len ; - if (cdb_read(c, params->exec.s + execbase, n, cdb_datapos(c)) < 0) return S6_ACCESSRULES_ERROR ; - if (params->exec.s[execbase] == 'D') return S6_ACCESSRULES_DENY ; - else if (params->exec.s[execbase] != 'A') return S6_ACCESSRULES_NOTFOUND ; - else if (n < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; - uint16_unpack_big(params->exec.s + execbase + 1, &envlen) ; - if ((envlen > 4096) || (envlen + 5 > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; - uint16_unpack_big(params->exec.s + execbase + 3 + envlen, &execlen) ; - if ((execlen > 4096) || (5 + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; - if (!stralloc_catb(¶ms->env, params->exec.s + execbase + 3, envlen)) return S6_ACCESSRULES_ERROR ; - memcpy(params->exec.s + execbase, params->exec.s + execbase + 5 + envlen, execlen) ; + if (!data.len || data.len > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + if (data.s[0] == 'D') return S6_ACCESSRULES_DENY ; + if (data.s[0] != 'A') return S6_ACCESSRULES_NOTFOUND ; + if (data.len < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + uint16_unpack_big(data.s + 1, &envlen) ; + if ((envlen > 4096) || (data.len - 5 < envlen)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + uint16_unpack_big(data.s + 3 + envlen, &execlen) ; + if ((execlen > 4096) || (5 + envlen + execlen != data.len)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + if (envlen && !stralloc_catb(¶ms->env, data.s + 3, envlen)) return S6_ACCESSRULES_ERROR ; if (execlen) { - params->exec.len += execlen ; - params->exec.s[params->exec.len++] = 0 ; + if (!stralloc_readyplus(¶ms->exec, execlen + 1)) + { + if (envlen) + { + if (wasnull) stralloc_free(¶ms->env) ; + else params->env.len -= envlen ; + } + return S6_ACCESSRULES_ERROR ; + } + stralloc_catb(¶ms->exec, data.s + 5 + envlen, execlen) ; + stralloc_0(¶ms->exec) ; } return S6_ACCESSRULES_ALLOW ; } |