[systemd-commits] 2 commits - src/bus-proxyd src/shared
David Herrmann
dvdhrm at kemper.freedesktop.org
Sat Feb 14 06:15:29 PST 2015
src/bus-proxyd/proxy.c | 12 ++++++------
src/shared/util.c | 13 +++++++++++++
src/shared/util.h | 15 +++++----------
3 files changed, 24 insertions(+), 16 deletions(-)
New commits:
commit d90c154eb180783098683ce8e1c03cd29d9b77ce
Author: David Herrmann <dh.herrmann at gmail.com>
Date: Sat Feb 14 15:13:38 2015 +0100
bus-proxy: don't fake data we don't have
UDS sockets transmit EUID+EGID only. Don't try to fake data we don't know!
Otherwise, this might be used to override user-limits by non-root setuid
programs (by faking UID==EUID).
Now that sd-bus is fixed to always use EUID even on UDS, we can safely set
all other UID/GID fields to INVALID.
diff --git a/src/bus-proxyd/proxy.c b/src/bus-proxyd/proxy.c
index 73f68b7..4be2a62 100644
--- a/src/bus-proxyd/proxy.c
+++ b/src/bus-proxyd/proxy.c
@@ -81,14 +81,14 @@ static int proxy_create_destination(Proxy *p, const char *destination, const cha
b->fake_pids.pid = p->local_creds.pid;
b->fake_pids_valid = true;
- b->fake_creds.uid = p->local_creds.uid;
+ b->fake_creds.uid = UID_INVALID;
b->fake_creds.euid = p->local_creds.uid;
- b->fake_creds.suid = p->local_creds.uid;
- b->fake_creds.fsuid = p->local_creds.uid;
- b->fake_creds.gid = p->local_creds.gid;
+ b->fake_creds.suid = UID_INVALID;
+ b->fake_creds.fsuid = UID_INVALID;
+ b->fake_creds.gid = GID_INVALID;
b->fake_creds.egid = p->local_creds.gid;
- b->fake_creds.sgid = p->local_creds.gid;
- b->fake_creds.fsgid = p->local_creds.gid;
+ b->fake_creds.sgid = GID_INVALID;
+ b->fake_creds.fsgid = GID_INVALID;
b->fake_creds_valid = true;
}
commit 9cad100eca602aa33c2f56475c30fccf14abea1a
Author: Bruno Bottazzini <bruno.bottazzini at intel.com>
Date: Fri Feb 13 18:40:50 2015 -0200
util: use a shared lookup function for string tables
Macro DEFINE_STRING_TABLE_LOOKUP expands to a new function for each
of the almost 120 tables throghout the code.
Move the its implementation to a function (guaranteed to never be inlined),
and make the macro expand to an inlined function that calls this function.
This saves a few kilobytes from the systemd binary
(David: - fix coding-style
- use 'ssize_t' to fix 32bit to 64bit propagation
- use streq_ptr())
diff --git a/src/shared/util.c b/src/shared/util.c
index 3a63351..ba035ca 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -8089,3 +8089,16 @@ int syslog_parse_priority(const char **p, int *priority, bool with_facility) {
*p += k;
return 1;
}
+
+ssize_t string_table_lookup(const char * const *table, size_t len, const char *key) {
+ size_t i;
+
+ if (!key)
+ return -1;
+
+ for (i = 0; i < len; ++i)
+ if (streq_ptr(table[i], key))
+ return (ssize_t)i;
+
+ return -1;
+}
diff --git a/src/shared/util.h b/src/shared/util.h
index b56ffbd..a83b588 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -355,16 +355,11 @@ static inline uint32_t random_u32(void) {
return name##_table[i]; \
}
-#define _DEFINE_STRING_TABLE_LOOKUP_FROM_STRING(name,type,scope) \
- scope type name##_from_string(const char *s) { \
- type i; \
- if (!s) \
- return (type) -1; \
- for (i = 0; i < (type)ELEMENTSOF(name##_table); i++) \
- if (name##_table[i] && \
- streq(name##_table[i], s)) \
- return i; \
- return (type) -1; \
+ssize_t string_table_lookup(const char * const *table, size_t len, const char *key);
+
+#define _DEFINE_STRING_TABLE_LOOKUP_FROM_STRING(name,type,scope) \
+ scope inline type name##_from_string(const char *s) { \
+ return (type)string_table_lookup(name##_table, ELEMENTSOF(name##_table), s); \
}
#define _DEFINE_STRING_TABLE_LOOKUP(name,type,scope) \
More information about the systemd-commits
mailing list