libburnia/libisoburn
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New option -drive_class for safety management of pseudo-drive access

Browse Source
This commit is contained in:
Thomas Schmitt
2008-12-16 13:02:11 +00:00
parent d0f8bb5dfe
commit 1a5307c2e9
6 changed files with 325 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

164
xorriso/xorriso.c
View File

@@ -3846,6 +3846,9 @@ int Xorriso_new(struct XorrisO ** xorriso,char *progname, int flag)
m->global_file_mode= 0444;
m->do_overwrite= 2;
m->do_reassure= 0;
m->drive_blacklist= NULL;
m->drive_greylist= NULL;
m->drive_whitelist= NULL;
m->toc_emulation_flag= 0;
m->image_start_mode= 0;
m->image_start_value[0]= 0;
@@ -3979,6 +3982,9 @@ int Xorriso_new(struct XorrisO ** xorriso,char *progname, int flag)
if(ret<=0)
goto failure;
Xorriso_relax_compliance(m, "default", 0);
ret= Xorriso_lst_new(&(m->drive_greylist), "/dev", m->drive_greylist, 1);
if(ret <= 0)
goto failure;
return(1);
failure:;
@@ -4029,6 +4035,9 @@ int Xorriso_destroy(struct XorrisO **xorriso, int flag)
free(m->out_charset);
Xorriso_destroy_re(m,0);
Exclusions_destroy(&(m->disk_exclusions), 0);
Xorriso_lst_destroy_all(&(m->drive_blacklist), 0);
Xorriso_lst_destroy_all(&(m->drive_greylist), 0);
Xorriso_lst_destroy_all(&(m->drive_whitelist), 0);
Xorriso_detach_libraries(m, flag&1);
free((char *) m);
@@ -5132,14 +5141,14 @@ cannot_compile:;
}
/* @return 0=match , else no match
/* @param flag bit0= do not shortcut last component of to_match
bit1= consider match if regex matches parent of path
bit2= retry beginning at failed last component
@return 0=match , else no match
*/
int Xorriso_regexec(struct XorrisO *xorriso, char *to_match, int *failed_at,
int flag)
/*
bit0= do not shortcut last component of to_match
bit2= retry beginning at failed last component
*/
{
int ret,i,re_start= 0,reg_nomatch= -1;
char *cpt,*npt,adr_part[SfileadrL],*mpt;
@@ -5199,10 +5208,51 @@ int Xorriso_regexec(struct XorrisO *xorriso, char *to_match, int *failed_at,
cpt++;
}
*failed_at= xorriso->re_fill;
if(flag & 2)
return(0); /* MATCH */
return(reg_nomatch);
}
int Xorriso_is_in_patternlist(struct XorrisO *xorriso,
struct Xorriso_lsT *patternlist, char *path,
int flag)
{
int ret, failed_at, i= 0;
struct Xorriso_lsT *s;
xorriso->search_mode= 3;
xorriso->structured_search= 1;
for(s= patternlist; s != NULL; s= Xorriso_lst_get_next(s, 0)) {
ret= Xorriso_prepare_regex(xorriso, Xorriso_lst_get_text(s, 0), 0);
if(ret <= 0)
return(-1);
/* Match path or parent of path */
ret= Xorriso_regexec(xorriso, path, &failed_at, 2);
if(ret == 0)
return(i + 1);
i++;
}
return(0);
}
char *Xorriso_get_pattern(struct XorrisO *xorriso,
struct Xorriso_lsT *patternlist, int index, int flag)
{
int i= 0;
struct Xorriso_lsT *s;
for(s= patternlist; s != NULL; s= Xorriso_lst_get_next(s, 0)) {
if(i == index)
return(Xorriso_lst_get_text(s, 0));
i++;
}
return(NULL);
}
/* @param flag bit0= simple readlink(): no normalization, no multi-hop
*/
int Xorriso_resolve_link(struct XorrisO *xorriso,
@@ -5546,7 +5596,7 @@ int Xorriso_status(struct XorrisO *xorriso, char *filter, FILE *fp, int flag)
static char channel_prefixes[4][4]= {".","R","I","M"};
static char load_names[][20]= {"auto", "session", "track", "lba", "volid"};
static int max_load_mode= 4;
struct Xorriso_lsT *paths, *leafs;
struct Xorriso_lsT *paths, *leafs, *s;
no_defaults= flag&1;
line= xorriso->result_line;
@@ -6078,7 +6128,36 @@ int Xorriso_status(struct XorrisO *xorriso, char *filter, FILE *fp, int flag)
strcat(line, "\n");
if(!(is_default && no_defaults))
Xorriso_status_result(xorriso,filter,fp,flag&2);
is_default= 1;
if(xorriso->drive_blacklist != NULL || xorriso->drive_whitelist != NULL ||
xorriso->drive_greylist == NULL)
is_default= 0;
if(xorriso->drive_greylist != NULL) {
if(strcmp(Xorriso_get_pattern(xorriso, xorriso->drive_greylist, 0, 0),
"/dev") != 0)
is_default= 0;
if(Xorriso_get_pattern(xorriso, xorriso->drive_greylist, 1, 0) != NULL)
is_default= 0;
}
if(!(is_default && no_defaults)) {
for(s= xorriso->drive_blacklist; s != NULL; s= Xorriso_lst_get_next(s, 0)) {
sprintf(line, "-drive_class 'banned' %s\n",
Text_shellsafe(Xorriso_lst_get_text(s, 0), sfe, 0));
Xorriso_status_result(xorriso,filter,fp,flag&2);
}
for(s= xorriso->drive_greylist; s != NULL; s= Xorriso_lst_get_next(s, 0)) {
sprintf(line, "-drive_class 'risky' %s\n",
Text_shellsafe(Xorriso_lst_get_text(s, 0), sfe, 0));
Xorriso_status_result(xorriso,filter,fp,flag&2);
}
for(s= xorriso->drive_whitelist; s != NULL; s= Xorriso_lst_get_next(s, 0)) {
sprintf(line, "-drive_class 'harmless' %s\n",
Text_shellsafe(Xorriso_lst_get_text(s, 0), sfe, 0));
Xorriso_status_result(xorriso,filter,fp,flag&2);
}
}
do_single= 0;
if(filter != NULL)
if(strncmp(filter, "-indev", 6) == 0 ||
@@ -10900,13 +10979,12 @@ int Xorriso_option_assert_volid(struct XorrisO *xorriso, char *pattern,
}
}
if(severity[0] != 0 || pattern[0] != 0) {
if(severity[0] == 0) {
if(strcmp(xorriso->abort_on_text, "NEVER") == 0)
sev_text= "ABORT";
else
sev_text= xorriso->abort_on_text;
} else
if(severity[0] == 0)
sev_text= xorriso->abort_on_text;
else
sev_text= severity;
if(strcmp(sev_text, "NEVER") == 0)
sev_text= "ABORT";
ret= Xorriso__text_to_sev(sev_text, &sev, 0);
if(ret<=0) {
sprintf(xorriso->info_text, "-assert_volid: Not a known severity name : ");
@@ -12114,12 +12192,6 @@ int Xorriso_option_dev(struct XorrisO *xorriso, char *in_adr, int flag)
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
return(0);
}
if(xorriso->ban_stdio_write) {
sprintf(xorriso->info_text,
"Drive address banned by -ban_stdio_write : '%s'", adr);
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
return(0);
}
}
if(xorriso->volset_change_pending && (flag&1)) {
@@ -12242,6 +12314,48 @@ int Xorriso_option_disk_pattern(struct XorrisO *xorriso, char *mode, int flag)
}
/* Option -drive_class */
int Xorriso_option_drive_class(struct XorrisO *xorriso,
char *class, char *pattern, int flag)
{
int ret= 1;
if(strcmp(class, "banned") == 0) {
ret= Xorriso_lst_new(&(xorriso->drive_blacklist), pattern,
xorriso->drive_blacklist, 1);
} else if(strcmp(class, "caution") == 0) {
ret= Xorriso_lst_new(&(xorriso->drive_greylist), pattern,
xorriso->drive_greylist, 1);
} else if (strcmp(class, "harmless") == 0) {
ret= Xorriso_lst_new(&(xorriso->drive_whitelist), pattern,
xorriso->drive_whitelist, 1);
} else if (strcmp(class, "clear_list") == 0) {
if(strcmp(pattern, "banned") == 0)
Xorriso_lst_destroy_all(&(xorriso->drive_blacklist), 0);
else if(strcmp(pattern, "caution") == 0)
Xorriso_lst_destroy_all(&(xorriso->drive_greylist), 0);
else if(strcmp(pattern, "harmless") == 0)
Xorriso_lst_destroy_all(&(xorriso->drive_whitelist), 0);
else if(strcmp(pattern, "all") == 0) {
Xorriso_lst_destroy_all(&(xorriso->drive_blacklist), 0);
Xorriso_lst_destroy_all(&(xorriso->drive_greylist), 0);
Xorriso_lst_destroy_all(&(xorriso->drive_whitelist), 0);
} else {
sprintf(xorriso->info_text, "-drive_class clear : unknown class '%s'",
pattern);
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
return(0);
}
ret= 1;
} else {
sprintf(xorriso->info_text, "-drive_class: unknown class '%s'", class);
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
return(0);
}
return(ret);
}
/* Option -dummy "on"|"off" */
int Xorriso_option_dummy(struct XorrisO *xorriso, char *mode, int flag)
{
@@ -12919,13 +13033,17 @@ int Xorriso_option_help(struct XorrisO *xorriso, int flag)
"",
"Preparation options:",
"Drive addresses are either /dev/... as listed with option -devices or",
"disk files with prefix \"stdio:\", e.g. stdio:/tmp/pseudo_drive .",
"disk files, eventually with prefix \"stdio:\" if non-CD-drive in /dev tree.",
"E.g. /dev/sr0 , /tmp/pseudo_drive , stdio:/dev/sdc",
" -dev address Set input and output drive and load eventual ISO image.",
" Set the image expansion method to growing.",
" -indev address Set input drive and load eventual ISO image. Use expansion",
" methods modifying or blind growing.",
" -outdev address",
" Set output drive and use modifying or blind growing.",
" -drive_class \"harmless\"|\"banned\"|\"risky\"|\"clear_list\" disk_pattern",
" Add a drive path pattern to one of the safety lists or make",
" those lists empty. Defaulty entry in \"risky\" is \"/dev\".",
" -grow_blindly \"off\"|predicted_nwa",
" Switch between modifying and blind growing.",
" -load \"session\"|\"track\"|\"lba\"|\"sbsector\"|\"volid\"|\"auto\" id",
@@ -15433,7 +15551,7 @@ int Xorriso_count_args(struct XorrisO *xorriso, int argc, char **argv,
""
};
static char arg2_commands[][40]= {
"assert_volid","boot_image","compare","compare_r",
"assert_volid","boot_image","compare","compare_r","drive_class",
"errfile_log","error_behavior","extract","extract_single",
"load","logfile",
"map","map_single","page","return_with","update","update_r",
@@ -15709,6 +15827,10 @@ next_command:;
} else if(strcmp(cmd,"devices")==0) {
ret= Xorriso_option_devices(xorriso, 0);
} else if(strcmp(cmd,"drive_class")==0) {
(*idx)+= 2;
ret= Xorriso_option_drive_class(xorriso, arg1, arg2, 0);
} else if(strcmp(cmd,"dummy")==0) {
(*idx)++;
ret= Xorriso_option_dummy(xorriso, arg1, 0);