/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to dracut-module/password-agent.c

  • Committer: teddy at recompile
  • Date: 2020-12-03 20:30:45 UTC
  • Revision ID: teddy@recompile.se-20201203203045-iqd6nq9y5nwalh1x
Minor fix of a test function

In dracut-module/password-agent, the test function
test_send_password_to_socket_EMSGSIZE() (which tests that the
send_password_to_socket() task function aborts properly when getting
EMSGSIZE when writing to the password socket), part of the test code
is supposed to find a message size which definitely does trigger
EMSGSIZE when send()ing to a socket.  Without a "break" in the proper
place, however, the size given is always exactly 1024 bytes too large.

This is very probably not a problem, since a too large message will
still be too large if it is increased by 1024 bytes, and send(2) in
practice checks the size before reading the buffer.  The biggest issue
would be if some version of send(2) would try to look at the last 1024
bytes of the message buffer before checking the message size; this
would then lead to a buffer over-read when running this test function.
(But even then there would be no security implications since the tests
are not run in the normal operation of the program.)

* dracut-module/password-agent.c
  (test_send_password_to_socket_EMSGSIZE): Break out early when ssret
  < 0 and errno == EMSGSIZE; don't allow loop to increase message_size
  again.

Show diffs side-by-side

added added

removed removed

Lines of Context:
dracut-module/password-agent.c
1
 
/* -*- coding: utf-8; lexical-binding: t -*- */
 
1
/* -*- mode: c; coding: utf-8; after-save-hook: (lambda () (let* ((find-build-directory (lambda (try-directory &optional base-directory) (let ((base-directory (or base-directory try-directory))) (cond ((equal try-directory "/") base-directory) ((file-readable-p (concat (file-name-as-directory try-directory) "Makefile")) try-directory) ((funcall find-build-directory (directory-file-name (file-name-directory try-directory)) base-directory)))))) (build-directory (funcall find-build-directory (buffer-file-name))) (local-build-directory (if (fboundp 'file-local-name) (file-local-name build-directory) (or (file-remote-p build-directory 'localname) build-directory))) (command (file-relative-name (file-name-sans-extension (buffer-file-name)) build-directory))) (pcase (progn (if (get-buffer "*Test*") (kill-buffer "*Test*")) (process-file-shell-command (let ((qbdir (shell-quote-argument local-build-directory)) (qcmd (shell-quote-argument command))) (format "cd %s && CFLAGS=-Werror make --silent %s && %s --test --verbose" qbdir qcmd qcmd)) nil "*Test*")) (0 (let ((w (get-buffer-window "*Test*"))) (if w (delete-window w)))) (_ (with-current-buffer "*Test*" (compilation-mode) (cd-absolute build-directory)) (display-buffer "*Test*" '(display-buffer-in-side-window)))))); -*- */
2
2
/*
3
3
 * Mandos password agent - Simple password agent to run Mandos client
4
4
 *
5
 
 * Copyright © 2019-2021 Teddy Hogeborn
6
 
 * Copyright © 2019-2021 Björn Påhlsson
 
5
 * Copyright © 2019-2020 Teddy Hogeborn
 
6
 * Copyright © 2019-2020 Björn Påhlsson
7
7
 * 
8
8
 * This file is part of Mandos.
9
9
 * 
23
23
 * Contact the authors at <mandos@recompile.se>.
24
24
 */
25
25
 
26
 
#define _GNU_SOURCE             /* pipe2(), O_CLOEXEC, setresgid(),
27
 
                                   setresuid(), asprintf(), getline(),
28
 
                                   basename() */
29
 
#include <inttypes.h>           /* uintmax_t, strtoumax(), PRIuMAX,
30
 
                                   PRIdMAX, intmax_t, uint32_t,
31
 
                                   SCNx32, SCNuMAX, SCNxMAX */
32
 
#include <stddef.h>             /* size_t, NULL */
 
26
#define _GNU_SOURCE
 
27
#include <inttypes.h>           /* uintmax_t, PRIuMAX, PRIdMAX,
 
28
                                   intmax_t, uint32_t, SCNx32,
 
29
                                   SCNuMAX, SCNxMAX */
 
30
#include <stddef.h>             /* size_t */
33
31
#include <sys/types.h>          /* pid_t, uid_t, gid_t, getuid(),
34
32
                                   getpid() */
35
33
#include <stdbool.h>            /* bool, true, false */
42
40
                                   NSIG, sigismember(), SA_ONSTACK,
43
41
                                   SIG_DFL, SIG_IGN, SIGINT, SIGQUIT,
44
42
                                   SIGHUP, SIGSTOP, SIG_UNBLOCK */
45
 
#include <unistd.h>             /* uid_t, gid_t, close(), pipe2(),
46
 
                                   fork(), _exit(), dup2(),
47
 
                                   STDOUT_FILENO, setresgid(),
48
 
                                   setresuid(), execv(), ssize_t,
49
 
                                   read(), dup3(), getuid(), dup(),
50
 
                                   STDERR_FILENO, pause(), write(),
51
 
                                   rmdir(), unlink(), getpid() */
52
43
#include <stdlib.h>             /* EXIT_SUCCESS, EXIT_FAILURE,
53
 
                                   malloc(), free(), realloc(),
54
 
                                   setenv(), calloc(), mkdtemp(),
55
 
                                   mkostemp() */
 
44
                                   malloc(), free(), strtoumax(),
 
45
                                   realloc(), setenv(), calloc(),
 
46
                                   mkdtemp(), mkostemp() */
56
47
#include <iso646.h>             /* not, or, and, xor */
57
48
#include <error.h>              /* error() */
58
49
#include <sysexits.h>           /* EX_USAGE, EX_OSERR, EX_OSFILE */
66
57
#include <string.h>             /* strdup(), memcpy(),
67
58
                                   explicit_bzero(), memset(),
68
59
                                   strcmp(), strlen(), strncpy(),
69
 
                                   memcmp(), basename(), strerror() */
 
60
                                   memcmp(), basename() */
70
61
#include <argz.h>               /* argz_create(), argz_count(),
71
62
                                   argz_extract(), argz_next(),
72
63
                                   argz_add() */
82
73
                                   ARGP_ERR_UNKNOWN, ARGP_KEY_ARGS,
83
74
                                   struct argp, argp_parse(),
84
75
                                   ARGP_NO_EXIT */
85
 
#include <stdint.h>             /* SIZE_MAX, uint32_t */
 
76
#include <stdint.h>             /* SIZE_MAX */
 
77
#include <unistd.h>             /* uid_t, gid_t, close(), pipe2(),
 
78
                                   fork(), _exit(), dup2(),
 
79
                                   STDOUT_FILENO, setresgid(),
 
80
                                   setresuid(), execv(), ssize_t,
 
81
                                   read(), dup3(), getuid(), dup(),
 
82
                                   STDERR_FILENO, pause(), write(),
 
83
                                   rmdir(), unlink(), getpid() */
86
84
#include <sys/mman.h>           /* munlock(), mlock() */
87
85
#include <fcntl.h>              /* O_CLOEXEC, O_NONBLOCK, fcntl(),
88
86
                                   F_GETFD, F_GETFL, FD_CLOEXEC,
112
110
                        g_assert_null(), g_assert_false(),
113
111
                        g_assert_cmpint(), g_assert_cmpuint(),
114
112
                        g_test_skip(), g_assert_cmpstr(),
115
 
                        g_test_message(), g_test_init(), g_test_add(),
116
 
                        g_test_run(), GOptionContext,
117
 
                        g_option_context_new(),
 
113
                        g_test_init(), g_test_add(), g_test_run(),
 
114
                        GOptionContext, g_option_context_new(),
118
115
                        g_option_context_set_help_enabled(), FALSE,
119
116
                        g_option_context_set_ignore_unknown_options(),
120
117
                        gboolean, GOptionEntry, G_OPTION_ARG_NONE,
5981
5978
      g_test_skip("Skipping EMSGSIZE test: Will not try 1GiB");
5982
5979
      return;
5983
5980
    }
5984
 
    message_buffer = realloc(message_buffer, message_size);
 
5981
    free(message_buffer);
 
5982
    message_buffer = malloc(message_size);
5985
5983
    if(message_buffer == NULL){
5986
5984
      g_test_skip("Skipping EMSGSIZE test");
5987
5985
      g_test_message("Failed to malloc() %" PRIuMAX " bytes",
6005
6003
    if(ssret < 0){
6006
6004
      if(saved_errno != EMSGSIZE) {
6007
6005
        g_test_skip("Skipping EMSGSIZE test");
6008
 
        g_test_message("Error on send(%" PRIuMAX " bytes): %s",
6009
 
                       (uintmax_t)message_size,
6010
 
                       strerror(saved_errno));
 
6006
        g_test_message("Error on send(): %s", strerror(saved_errno));
6011
6007
        return;
6012
6008
      }
6013
6009
      break;
8195
8191
  g_option_context_free(context);
8196
8192
  return should_run_tests != FALSE;
8197
8193
}
8198
 
 
8199
 
/*
8200
 
Local Variables:
8201
 
run-tests:
8202
 
(lambda ()
8203
 
  (if (not (funcall run-tests-in-test-buffer default-directory))
8204
 
      (funcall show-test-buffer-in-test-window)
8205
 
    (funcall remove-test-window)))
8206
 
run-tests-in-test-buffer:
8207
 
(lambda (dir)
8208
 
  (with-current-buffer (get-buffer-create "*Test*")
8209
 
    (setq buffer-read-only nil
8210
 
          default-directory dir)
8211
 
    (erase-buffer)
8212
 
    (compilation-mode))
8213
 
  (let ((process-result
8214
 
         (let ((inhibit-read-only t))
8215
 
           (process-file-shell-command
8216
 
            (funcall get-command-line) nil "*Test*"))))
8217
 
    (and (numberp process-result)
8218
 
         (= process-result 0))))
8219
 
get-command-line:
8220
 
(lambda ()
8221
 
  (let*
8222
 
      ((build-directory
8223
 
        (funcall find-build-directory (buffer-file-name)))
8224
 
       (local-build-directory
8225
 
        (if (fboundp 'file-local-name)
8226
 
            (file-local-name build-directory)
8227
 
          (or (file-remote-p build-directory 'localname)
8228
 
              build-directory)))
8229
 
       (command
8230
 
        (file-relative-name (file-name-sans-extension
8231
 
                             (buffer-file-name)) build-directory))
8232
 
       (qbdir (shell-quote-argument local-build-directory))
8233
 
       (qcmd (shell-quote-argument command)))
8234
 
    (format (concat "cd %s && CFLAGS=-Werror make --silent %s"
8235
 
             " && %s --test --verbose") qbdir qcmd qcmd)))
8236
 
find-build-directory:
8237
 
(lambda (try-directory &optional base-directory)
8238
 
  (let ((base-directory (or base-directory try-directory)))
8239
 
    (cond ((equal try-directory "/") base-directory)
8240
 
          ((file-readable-p
8241
 
            (concat (file-name-as-directory try-directory)
8242
 
                    "Makefile")) try-directory)
8243
 
          ((funcall find-build-directory
8244
 
                    (directory-file-name (file-name-directory
8245
 
                                          try-directory))
8246
 
                    base-directory)))))
8247
 
show-test-buffer-in-test-window:
8248
 
(lambda ()
8249
 
  (when (not (get-buffer-window-list "*Test*"))
8250
 
    (setq next-error-last-buffer (get-buffer "*Test*"))
8251
 
    (let* ((side (if (>= (window-width) 146) 'right 'bottom))
8252
 
           (display-buffer-overriding-action
8253
 
            `((display-buffer-in-side-window) (side . ,side)
8254
 
              (window-height . fit-window-to-buffer)
8255
 
              (window-width . fit-window-to-buffer))))
8256
 
      (display-buffer "*Test*"))))
8257
 
remove-test-window:
8258
 
(lambda ()
8259
 
  (let ((test-window (get-buffer-window "*Test*")))
8260
 
    (if test-window (delete-window test-window))))
8261
 
eval: (add-hook 'after-save-hook run-tests 90 t)
8262
 
End:
8263
 
*/