[107518] trunk/base/src/darwintracelib1.0/darwintrace.c

cal at macports.org cal at macports.org
Mon Jul 1 17:38:37 PDT 2013 

Revision: 107518
          https://trac.macports.org/changeset/107518
Author:   cal at macports.org
Date:     2013-07-01 17:38:37 -0700 (Mon, 01 Jul 2013)
Log Message:
-----------
darwintrace: provide __dt_pathbeginswith()

Previously, prefixes of directory names could be matched, e.g., allowing access
to /var/tmp would also allow access to /var/tmpfoobar. This change prevents
this.

Modified Paths:
--------------
    trunk/base/src/darwintracelib1.0/darwintrace.c

Modified: trunk/base/src/darwintracelib1.0/darwintrace.c
===================================================================
--- trunk/base/src/darwintracelib1.0/darwintrace.c	2013-07-02 00:26:56 UTC (rev 107517)
+++ trunk/base/src/darwintracelib1.0/darwintrace.c	2013-07-02 00:38:37 UTC (rev 107518)
@@ -137,6 +137,7 @@
  * Prototypes.
  */
 inline int __darwintrace_strbeginswith(const char* str, const char* prefix);
+static inline int __darwintrace_pathbeginswith(const char* str, const char* prefix);
 inline void __darwintrace_log_op(const char* op, const char* path, int fd);
 void __darwintrace_copy_env() __attribute__((constructor));
 inline char* __darwintrace_alloc_env(const char* varName, const char* varValue);
@@ -188,17 +189,32 @@
 #define debug_printf(...)
 #endif
 
-/*
- * return 0 if str doesn't begin with prefix, 1 otherwise.
+/**
+ * Return 0 if str doesn't begin with prefix, 1 otherwise. Note that this is
+ * not a simple string comparison, but works on a path component level.
+ * A prefix of /var/tmp will not match a string of /var/tmpfoo.
  */
+static inline int __darwintrace_pathbeginswith(const char* str, const char* prefix) {
+	char s;
+	char p;
+	do {
+		s = *str++;
+		p = *prefix++;
+	} while (p && (p == s));
+	return (p == 0 && (s == '/' || s == '\0'));
+}
+
+/**
+ * Return 0 if str doesn't begin with prefix, 1 otherwise.
+ */
 inline int __darwintrace_strbeginswith(const char* str, const char* prefix) {
-	char theCharS;
-	char theCharP;
+	char s;
+	char p;
 	do {
-		theCharS = *str++;
-		theCharP = *prefix++;
-	} while(theCharP && (theCharP == theCharS));
-	return (theCharP == 0);
+		s = *str++;
+		p = *prefix++;
+	} while (p && (p == s));
+	return (p == 0);
 }
 
 /*
@@ -658,7 +674,7 @@
 	for (t = filemap; *t;) {
 		char state;
 		
-		if (__darwintrace_strbeginswith(normalizedpath, t)) {
+		if (__darwintrace_pathbeginswith(normalizedpath, t)) {
 			/* move t to the integer describing how to handle this match */
 			t += strlen(t) + 1;
 			switch (*t) {
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20130701/da46f54c/attachment.html>

More information about the macports-changes mailing list