From b7b2b35e27f8cff08924e3b3e31b056cfae01a42 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Tue, 12 Sep 2017 22:11:56 +0000 Subject: bugfix: s6_accessrules_backend_cdb could incorrectly return ERROR instead of DENY --- src/libs6/s6_accessrules_backend_cdb.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'src/libs6') diff --git a/src/libs6/s6_accessrules_backend_cdb.c b/src/libs6/s6_accessrules_backend_cdb.c index 6a6551b..4c454d1 100644 --- a/src/libs6/s6_accessrules_backend_cdb.c +++ b/src/libs6/s6_accessrules_backend_cdb.c @@ -18,18 +18,19 @@ s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keyl if (r < 0) return S6_ACCESSRULES_ERROR ; else if (!r) return S6_ACCESSRULES_NOTFOUND ; n = cdb_datalen(c) ; - if ((n < 5U) || (n > 8197U)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + if (!n || n > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; if (!stralloc_readyplus(¶ms->exec, n)) return S6_ACCESSRULES_ERROR ; execbase = params->exec.len ; if (cdb_read(c, params->exec.s + execbase, n, cdb_datapos(c)) < 0) return S6_ACCESSRULES_ERROR ; if (params->exec.s[execbase] == 'D') return S6_ACCESSRULES_DENY ; else if (params->exec.s[execbase] != 'A') return S6_ACCESSRULES_NOTFOUND ; - uint16_unpack_big(params->exec.s + execbase + 1U, &envlen) ; - if ((envlen > 4096U) || (envlen+5U > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + else if (n < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + uint16_unpack_big(params->exec.s + execbase + 1, &envlen) ; + if ((envlen > 4096) || (envlen + 5 > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; uint16_unpack_big(params->exec.s + execbase + 3 + envlen, &execlen) ; - if ((execlen > 4096U) || (5U + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; - if (!stralloc_catb(¶ms->env, params->exec.s + execbase + 3U, envlen)) return S6_ACCESSRULES_ERROR ; - memcpy(params->exec.s + execbase, params->exec.s + execbase + 5U + envlen, execlen) ; + if ((execlen > 4096) || (5 + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + if (!stralloc_catb(¶ms->env, params->exec.s + execbase + 3, envlen)) return S6_ACCESSRULES_ERROR ; + memcpy(params->exec.s + execbase, params->exec.s + execbase + 5 + envlen, execlen) ; if (execlen) { params->exec.len += execlen ; -- cgit v1.2.3