dbus/bus bus.c, 1.60, 1.61 selinux.c, 1.13, 1.14 selinux.h, 1.7,
1.8 services.c, 1.30, 1.31
David Zeuthen
david at freedesktop.org
Wed Apr 13 07:27:14 PDT 2005
Update of /cvs/dbus/dbus/bus
In directory gabe:/tmp/cvs-serv10465/bus
Modified Files:
bus.c selinux.c selinux.h services.c
Log Message:
2005-04-13 David Zeuthen <davidz at redhat.com>
* bus/selinux.c: Add c-file-style to top of file
(log_audit_callback): Don't free the data here anymore
(bus_selinux_check): Don't take spid and tpid since appending
that to auxdata may OOM.
(bus_selinux_allows_acquire_service): Handle OOM and signal back
to the caller if we are OOM by taking an error object.
(bus_selinux_allows_send): -do-
* bus/selinux.h: Fix prototypes for bus_selinux_allows_acquire_service
and bus_selinux_allows_send
* bus/bus.c (bus_context_check_security_policy): Pass error and
pass on OOM thrown by bus_selinux_allows_send()
* bus/services.c (bus_registry_acquire_service): Pass error and
pass on OOM thrown by bus_selinux_allows_acquire_service()
Index: bus.c
===================================================================
RCS file: /cvs/dbus/dbus/bus/bus.c,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -d -r1.60 -r1.61
--- bus.c 17 Feb 2005 21:19:49 -0000 1.60
+++ bus.c 13 Apr 2005 14:27:11 -0000 1.61
@@ -1139,8 +1139,16 @@
dbus_message_get_interface (message),
dbus_message_get_member (message),
dbus_message_get_error_name (message),
- dest ? dest : DBUS_SERVICE_DBUS))
+ dest ? dest : DBUS_SERVICE_DBUS, error))
{
+
+ if (dbus_error_is_set (error) &&
+ dbus_error_has_name (error, DBUS_ERROR_NO_MEMORY))
+ {
+ return FALSE;
+ }
+
+
dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
"An SELinux policy prevents this sender "
"from sending this message to this recipient "
Index: selinux.c
===================================================================
RCS file: /cvs/dbus/dbus/bus/selinux.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- selinux.c 7 Feb 2005 05:31:59 -0000 1.13
+++ selinux.c 13 Apr 2005 14:27:11 -0000 1.14
@@ -1,4 +1,5 @@
-/* selinux.c SELinux security checks for D-BUS
+/* -*- mode: C; c-file-style: "gnu" -*-
+ * selinux.c SELinux security checks for D-BUS
*
* Author: Matthew Rickard <mjricka at epoch.ncsc.mil>
*
@@ -131,8 +132,6 @@
{
DBusString *audmsg = data;
_dbus_string_copy_to_buffer (audmsg, buf, bufleft);
- _dbus_string_free (audmsg);
- dbus_free (audmsg);
}
/**
@@ -363,20 +362,10 @@
BusSELinuxID *override_sid,
security_class_t target_class,
access_vector_t requested,
- unsigned long spid,
- unsigned long tpid,
DBusString *auxdata)
{
if (!selinux_enabled)
return TRUE;
-
- if (auxdata)
- {
- if (spid && _dbus_string_append (auxdata, " spid="))
- _dbus_string_append_uint (auxdata, spid);
- if (tpid && _dbus_string_append (auxdata, " tpid="))
- _dbus_string_append_uint (auxdata, tpid);
- }
/* Make the security check. AVC checks enforcing mode here as well. */
if (avc_has_perm (SELINUX_SID_FROM_BUS (sender_sid),
@@ -404,39 +393,54 @@
dbus_bool_t
bus_selinux_allows_acquire_service (DBusConnection *connection,
BusSELinuxID *service_sid,
- const char *service_name)
+ const char *service_name,
+ DBusError *error)
{
#ifdef HAVE_SELINUX
BusSELinuxID *connection_sid;
unsigned long spid;
- DBusString *auxdata;
+ DBusString auxdata;
+ dbus_bool_t ret;
if (!selinux_enabled)
return TRUE;
-
+
connection_sid = bus_connection_get_selinux_id (connection);
if (!dbus_connection_get_unix_process_id (connection, &spid))
spid = 0;
- auxdata = dbus_new0 (DBusString, 1);
- if (auxdata)
+ if (!_dbus_string_init (&auxdata))
+ goto oom;
+
+ if (!_dbus_string_append (&auxdata, "service="))
+ goto oom;
+
+ if (!_dbus_string_append (&auxdata, service_name))
+ goto oom;
+
+ if (spid)
{
- if (!_dbus_string_init (auxdata))
- {
- dbus_free (auxdata);
- auxdata = NULL;
- }
- else if (_dbus_string_append (auxdata, "service="))
- _dbus_string_append (auxdata, service_name);
+ if (!_dbus_string_append (&auxdata, " spid="))
+ goto oom;
+
+ if (!_dbus_string_append_uint (&auxdata, spid))
+ goto oom;
}
- return bus_selinux_check (connection_sid,
- service_sid,
- SECCLASS_DBUS,
- DBUS__ACQUIRE_SVC,
- spid,
- 0,
- auxdata);
+ ret = bus_selinux_check (connection_sid,
+ service_sid,
+ SECCLASS_DBUS,
+ DBUS__ACQUIRE_SVC,
+ &auxdata);
+
+ _dbus_string_free (&auxdata);
+ return ret;
+
+ oom:
+ _dbus_string_free (&auxdata);
+ BUS_SET_OOM (error);
+ return FALSE;
+
#else
return TRUE;
#endif /* HAVE_SELINUX */
@@ -459,13 +463,15 @@
const char *interface,
const char *member,
const char *error_name,
- const char *destination)
+ const char *destination,
+ DBusError *error)
{
#ifdef HAVE_SELINUX
BusSELinuxID *recipient_sid;
BusSELinuxID *sender_sid;
unsigned long spid, tpid;
- DBusString *auxdata;
+ DBusString auxdata;
+ dbus_bool_t ret;
if (!selinux_enabled)
return TRUE;
@@ -475,27 +481,63 @@
if (!proposed_recipient || !dbus_connection_get_unix_process_id (proposed_recipient, &tpid))
tpid = 0;
- auxdata = dbus_new0 (DBusString, 1);
- if (auxdata)
+ if (!_dbus_string_init (&auxdata))
+ goto oom;
+
+ if (!_dbus_string_append (&auxdata, "msgtype="))
+ goto oom;
+
+ if (!_dbus_string_append (&auxdata, msgtype))
+ goto oom;
+
+ if (interface)
{
- if (!_dbus_string_init (auxdata))
- {
- dbus_free (auxdata);
- auxdata = NULL;
- }
- else
- {
- if (_dbus_string_append (auxdata, "msgtype="))
- _dbus_string_append (auxdata, msgtype);
- if (interface && _dbus_string_append (auxdata, " interface="))
- _dbus_string_append (auxdata, interface);
- if (member && _dbus_string_append (auxdata, " member="))
- _dbus_string_append (auxdata, member);
- if (error_name && _dbus_string_append (auxdata, " error_name="))
- _dbus_string_append (auxdata, error_name);
- if (destination && _dbus_string_append (auxdata, " dest="))
- _dbus_string_append (auxdata, destination);
- }
+ if (!_dbus_string_append (&auxdata, " interface="))
+ goto oom;
+ if (!_dbus_string_append (&auxdata, interface))
+ goto oom;
+ }
+
+ if (member)
+ {
+ if (!_dbus_string_append (&auxdata, " member="))
+ goto oom;
+ if (!_dbus_string_append (&auxdata, member))
+ goto oom;
+ }
+
+ if (error_name)
+ {
+ if (!_dbus_string_append (&auxdata, " error_name="))
+ goto oom;
+ if (!_dbus_string_append (&auxdata, error_name))
+ goto oom;
+ }
+
+ if (destination)
+ {
+ if (!_dbus_string_append (&auxdata, " dest="))
+ goto oom;
+ if (!_dbus_string_append (&auxdata, destination))
+ goto oom;
+ }
+
+ if (spid)
+ {
+ if (!_dbus_string_append (&auxdata, " spid="))
+ goto oom;
+
+ if (!_dbus_string_append_uint (&auxdata, spid))
+ goto oom;
+ }
+
+ if (tpid)
+ {
+ if (!_dbus_string_append (&auxdata, " tpid="))
+ goto oom;
+
+ if (!_dbus_string_append_uint (&auxdata, tpid))
+ goto oom;
}
sender_sid = bus_connection_get_selinux_id (sender);
@@ -505,9 +547,21 @@
else
recipient_sid = BUS_SID_FROM_SELINUX (bus_sid);
- return bus_selinux_check (sender_sid, recipient_sid,
- SECCLASS_DBUS, DBUS__SEND_MSG,
- spid, tpid, auxdata);
+ ret = bus_selinux_check (sender_sid,
+ recipient_sid,
+ SECCLASS_DBUS,
+ DBUS__SEND_MSG,
+ &auxdata);
+
+ _dbus_string_free (&auxdata);
+
+ return ret;
+
+ oom:
+ _dbus_string_free (&auxdata);
+ BUS_SET_OOM (error);
+ return FALSE;
+
#else
return TRUE;
#endif /* HAVE_SELINUX */
Index: selinux.h
===================================================================
RCS file: /cvs/dbus/dbus/bus/selinux.h,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- selinux.h 9 Nov 2004 06:11:33 -0000 1.7
+++ selinux.h 13 Apr 2005 14:27:11 -0000 1.8
@@ -48,14 +48,17 @@
dbus_bool_t bus_selinux_allows_acquire_service (DBusConnection *connection,
BusSELinuxID *service_sid,
- const char *service_name);
+ const char *service_name,
+ DBusError *error);
+
dbus_bool_t bus_selinux_allows_send (DBusConnection *sender,
DBusConnection *proposed_recipient,
const char *msgtype, /* Supplementary audit data */
const char *interface,
const char *member,
const char *error_name,
- const char *destination);
+ const char *destination,
+ DBusError *error);
BusSELinuxID* bus_selinux_init_connection_id (DBusConnection *connection,
DBusError *error);
Index: services.c
===================================================================
RCS file: /cvs/dbus/dbus/bus/services.c,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -d -r1.30 -r1.31
--- services.c 21 Jan 2005 03:44:10 -0000 1.30
+++ services.c 13 Apr 2005 14:27:11 -0000 1.31
@@ -319,8 +319,15 @@
service_name);
if (!bus_selinux_allows_acquire_service (connection, sid,
- _dbus_string_get_const_data (service_name)))
+ _dbus_string_get_const_data (service_name), error))
{
+
+ if (dbus_error_is_set (error) &&
+ dbus_error_has_name (error, DBUS_ERROR_NO_MEMORY))
+ {
+ goto out;
+ }
+
dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
"Connection \"%s\" is not allowed to own the service \"%s\" due "
"to SELinux policy",
More information about the dbus-commit
mailing list