Page MenuHomeFreeBSD

D7941.id20449.diff
No OneTemporary

D7941.id20449.diff

Index: contrib/elftoolchain/common/_elftc.h
===================================================================
--- contrib/elftoolchain/common/_elftc.h
+++ contrib/elftoolchain/common/_elftc.h
@@ -380,6 +380,7 @@
#define ELFTC_BYTE_ORDER_LITTLE_ENDIAN _LITTLE_ENDIAN
#define ELFTC_BYTE_ORDER_BIG_ENDIAN _BIG_ENDIAN
+#define ELFTC_HAVE_CAPSICUM 0
#define ELFTC_HAVE_MMAP 1
#define ELFTC_HAVE_STRMODE 1
@@ -432,6 +433,7 @@
#define ELFTC_BYTE_ORDER_LITTLE_ENDIAN _LITTLE_ENDIAN
#define ELFTC_BYTE_ORDER_BIG_ENDIAN _BIG_ENDIAN
+#define ELFTC_HAVE_CAPSICUM 1
#define ELFTC_HAVE_MMAP 1
#define ELFTC_HAVE_STRMODE 1
#if __FreeBSD_version <= 900000
@@ -454,6 +456,7 @@
#define ELFTC_BYTE_ORDER_LITTLE_ENDIAN _LITTLE_ENDIAN
#define ELFTC_BYTE_ORDER_BIG_ENDIAN _BIG_ENDIAN
+#define ELFTC_HAVE_CAPSICUM 0
#define ELFTC_HAVE_MMAP 1
#define ELFTC_HAVE_STRMODE 1
#if __NetBSD_Version__ <= 599002100
@@ -473,6 +476,7 @@
#define ELFTC_BYTE_ORDER_LITTLE_ENDIAN _LITTLE_ENDIAN
#define ELFTC_BYTE_ORDER_BIG_ENDIAN _BIG_ENDIAN
+#define ELFTC_HAVE_CAPSICUM 0
#define ELFTC_HAVE_MMAP 1
#define ELFTC_HAVE_STRMODE 1
Index: contrib/elftoolchain/strings/strings.c
===================================================================
--- contrib/elftoolchain/strings/strings.c
+++ contrib/elftoolchain/strings/strings.c
@@ -38,6 +38,7 @@
#include <stdlib.h>
#include <string.h>
#include <sysexits.h>
+#include <termios.h>
#include <unistd.h>
#include <libelf.h>
@@ -46,6 +47,10 @@
#include "_elftc.h"
+#if ELFTC_HAVE_CAPSICUM
+#include <sys/capsicum.h>
+#endif
+
ELFTC_VCSID("$Id: strings.c 3446 2016-05-03 01:31:17Z emaste $");
enum return_code {
@@ -203,6 +208,39 @@
return (rc);
}
+#if ELFTC_HAVE_CAPSICUM
+static void
+enter_capsicum(int fd, bool use_mmap)
+{
+ cap_rights_t rights;
+ unsigned long cmd;
+
+ /*
+ * We may mmap the file when we've already opened it, allow this.
+ */
+ if (use_mmap)
+ cap_rights_init(&rights, CAP_READ, CAP_FSTAT, CAP_SEEK,
+ CAP_MMAP);
+ else
+ cap_rights_init(&rights, CAP_READ, CAP_FSTAT, CAP_SEEK);
+ if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS)
+ errx(1, "Unable to limit rights for stdin");
+
+ cap_rights_init(&rights, CAP_WRITE, CAP_FSTAT, CAP_IOCTL);
+ if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS)
+ errx(1, "Unable to limit rights for stdout");
+ if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS)
+ errx(1, "Unable to limit rights for stderr");
+
+ cmd = TIOCGETA;
+ if (cap_ioctls_limit(STDOUT_FILENO, &cmd, 1) < 0 && errno != ENOSYS)
+ errx(1, "unable to limit ioctls for stdout");
+
+ if (cap_enter() != 0)
+ errx(1, "unable to enter capability mode");
+}
+#endif
+
int
handle_file(const char *name)
{
@@ -216,12 +254,21 @@
return (RETURN_NOINPUT);
}
} else {
+#if ELFTC_HAVE_CAPSICUM
+ enter_capsicum(STDIN_FILENO, false);
+#endif
+
return (find_strings(name, (off_t)0, (off_t)0));
}
fd = fileno(stdin);
if (fd < 0)
return (RETURN_NOINPUT);
+
+#if ELFTC_HAVE_CAPSICUM
+ enter_capsicum(fd, true);
+#endif
+
rt = handle_elf(name, fd);
return (rt);
}

File Metadata

Mime Type
text/plain
Expires
Mon, Dec 23, 7:12 PM (16 h, 33 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
15578296
Default Alt Text
D7941.id20449.diff (3 KB)

Event Timeline