LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

seccomp_unotify.2: EXAMPLES: simplify logic in getTargetPathname() 

And reword some comments there.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2020-10-30 16:36:04 +01:00
parent f8899e1c88
commit c13b1b2bdd
1 changed files with 7 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
man2/seccomp_unotify.2
View File

@ -1439,9 +1439,8 @@ cookieIsValid(int notifyFd, uint64_t id)
\(aqreq\->data.args[]\(aq. The pathname is returned in \(aqpath\(aq,
a buffer of \(aqlen\(aq bytes allocated by the caller.
Returns true if the fetched pathname is correctly formed
(i.e., has a terminating null byte) and the notification ID
is still valid, and false otherwise. */
Returns true if the pathname is successfully fetched, and false
otherwise. For possible causes of failure, see the comments below. */
static bool
getTargetPathname(struct seccomp_notif *req, int notifyFd,
@ -1453,7 +1452,7 @@ getTargetPathname(struct seccomp_notif *req, int notifyFd,
int procMemFd = open(procMemPath, O_RDONLY | O_CLOEXEC);
if (procMemFd == \-1)
errExit("Supervisor: open");
return false;
/* Check that the process whose info we are accessing is still alive
and blocked in the system call that caused the notification.
@ -1471,17 +1470,12 @@ getTargetPathname(struct seccomp_notif *req, int notifyFd,
/* Read bytes at the location containing the pathname argument */
ssize_t nread = pread(procMemFd, path, len, req\->data.args[argNum]);
if (nread == \-1)
errExit("Supervisor: pread");
if (nread == 0) {
fprintf(stderr, "\etS: pread() of /proc/PID/mem "
"returned 0 (EOF)\en");
exit(EXIT_FAILURE);
}
close(procMemFd);
if (nread <= 0)
return false;
/* Once again check that the notification ID is still valid. The
case we are particularly concerned about here is that just
before we fetched the pathname, the target\(aqs blocked system
@ -1501,7 +1495,7 @@ getTargetPathname(struct seccomp_notif *req, int notifyFd,
process. (The memory may have been modified by another thread, or
even by an external attacking process.) We therefore treat the
buffer returned by pread() as untrusted input. The buffer should
be terminated by a null byte; if not, then we will trigger an
contain a terminating null byte; if not, then we will trigger an
error for the target process. */
if (strnlen(path, nread) < nread)