From 130b46cf71f9a860a38fed9c21b686e8ae68038e Mon Sep 17 00:00:00 2001 From: Thomas Schmitt Date: Wed, 24 Jul 2019 16:11:50 +0200 Subject: [PATCH] New flag bit2 of iso_node_set_acl_text() to be verbous about failures --- libisofs/aaip_0_2.c | 46 +++++++++++++++++++++++++++++++++++---------- libisofs/libisofs.h | 6 +++++- libisofs/node.c | 11 +++++++---- 3 files changed, 48 insertions(+), 15 deletions(-) diff --git a/libisofs/aaip_0_2.c b/libisofs/aaip_0_2.c index d94ec77..a39ea68 100644 --- a/libisofs/aaip_0_2.c +++ b/libisofs/aaip_0_2.c @@ -7,7 +7,7 @@ See libisofs/aaip_0_2.h http://libburnia-project.org/wiki/AAIP - Copyright (c) 2009 - 2016 Thomas Schmitt + Copyright (c) 2009 - 2019 Thomas Schmitt This file is part of the libisofs project; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 @@ -32,6 +32,7 @@ #include "libisofs.h" #include "util.h" +#include "messages.h" /* #define Aaip_encode_debuG 1 @@ -280,6 +281,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, bit2= this is a default ACL, prepend SWITCH_MARK bit3= check for completeness of list and eventually fill up with entries deduced from st_mode + bit4= be verbous about failure causes @return >0 means ok <=0 means error -1= out of memory @@ -295,7 +297,7 @@ int aaip_encode_acl(char *acl_text, mode_t st_mode, *result= NULL; *result_len= 0; bytes= aaip_encode_acl_text(acl_text, st_mode, - (size_t) 0, NULL, 1 | (flag & (2 | 4 | 8))); + (size_t) 0, NULL, 1 | (flag & (2 | 4 | 8 | 16))); if(bytes < -2) return(bytes); if(bytes < 0) @@ -310,7 +312,7 @@ int aaip_encode_acl(char *acl_text, mode_t st_mode, (*result)[bytes]= 0; *result_len= bytes; bytes= aaip_encode_acl_text(acl_text, st_mode, *result_len, *result, - (flag & (2 | 4 | 8))); + (flag & (2 | 4 | 8 | 16))); if(bytes < -2) return(bytes); if(bytes < 0) @@ -362,6 +364,7 @@ static int aaip_make_aaip_perms(int r, int w, int x) bit2= this is a default ACL, prepend SWITCH_MARK 1 bit3= check for completeness of list and eventually fill up with entries deduced from st_mode + bit4= be verbous about failure causes @return >=0 number of bytes produced resp. counted <0 means error -1: result size overflow @@ -388,7 +391,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, /* set SWITCH_MARK to indicate a default ACL */; if(!(flag & 1)) { if((size_t) count >= result_size) - {ret= -1; goto ex;} + goto result_size_overflow; result[count]= (Aaip_SWITCH_MARK << 4) | Aaip_EXEC; } count++; @@ -417,6 +420,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, /* >>> Duplicate u:: entry. */; /* >>> ??? If it matches the previous one: ignore */ + if(flag & 16) + iso_msg_submit(-1, ISO_AAIP_ACL_MULT_OBJ, 0, + "Duplicate u:: entry detected in ACL text"); ret = ISO_AAIP_ACL_MULT_OBJ; goto ex; } @@ -434,6 +440,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, num= aaip_numeric_id(name, 0); if(num <= 0) { /* ACL_USER is not part of AAIP 2.0 */ + if(flag & 16) + iso_msg_submit(-1, ISO_AAIP_BAD_ACL_TEXT, 0, + "Unknown user name found in ACL text: '%s'", name); {ret= -2; goto ex;} } uid= huid= num; @@ -463,6 +472,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, /* >>> Duplicate g:: entry. */; /* >>> ??? If it matches the previous one: ignore */ + if(flag & 16) + iso_msg_submit(-1, ISO_AAIP_ACL_MULT_OBJ, 0, + "Duplicate g:: entry detected in ACL text"); ret = ISO_AAIP_ACL_MULT_OBJ; goto ex; } @@ -480,6 +492,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, num= aaip_numeric_id(name, 0); if(num <= 0) { /* ACL_GROUP is not part of AAIP 2.0 */ + if(flag & 16) + iso_msg_submit(-1, ISO_AAIP_BAD_ACL_TEXT, 0, + "Unknown group name found in ACL text: '%s'", name); {ret= -2; goto ex;} } gid= hgid= num; @@ -508,6 +523,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, /* >>> Duplicate o:: entry. */; /* >>> ??? If it matches the previous one: ignore */ + if(flag & 16) + iso_msg_submit(-1, ISO_AAIP_ACL_MULT_OBJ, 0, + "Duplicate o:: entry detected in ACL text"); ret = ISO_AAIP_ACL_MULT_OBJ; goto ex; } @@ -524,7 +542,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, if(!(flag & 1)) { if((size_t) count >= result_size) - {ret= -1; goto ex;} + goto result_size_overflow; result[count]= perms | ((!!qualifier) << 3) | (type << 4); } count++; @@ -533,7 +551,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, num_recs= (qualifier_len / 127) + !!(qualifier_len % 127); if(!(flag & 1)) { if((size_t) (count + 1) > result_size) - {ret= -1; goto ex;} + goto result_size_overflow; for(i= 0; i < num_recs; i++) { if(i < num_recs - 1) result[count++]= 255; @@ -543,7 +561,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, result[count - 1]= 127; } if((size_t) (count + (result[count - 1] & 127)) > result_size) - {ret= -1; goto ex;} + goto result_size_overflow; memcpy(result + count, name + i * 127, result[count - 1] & 127); count+= result[count - 1] & 127; } @@ -558,7 +576,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, count+= needed; else { if((size_t) (count + needed) > result_size) - {ret= -1; goto ex;} + goto result_size_overflow; } } if ((flag & 8) && needed > 0 && !(flag & 1)) { @@ -587,6 +605,13 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode, ex:; LIBISO_FREE_MEM(name); return(ret); + +result_size_overflow:; + if(flag & 16) + iso_msg_submit(-1, ISO_ASSERT_FAILURE, 0, + "Program error: Text to ACL conversion result size overflow"); + ret= -1; + goto ex; } @@ -598,13 +623,14 @@ int aaip_encode_both_acl(char *a_acl_text, char *d_acl_text, mode_t st_mode, unsigned char *a_acl= NULL, *d_acl= NULL, *acl= NULL; if(a_acl_text != NULL) { - ret= aaip_encode_acl(a_acl_text, st_mode, &a_acl_len, &a_acl, flag & 11); + ret= aaip_encode_acl(a_acl_text, st_mode, &a_acl_len, &a_acl, + flag & (1 | 2 | 8 | 16)); if(ret <= 0) goto ex; } if(d_acl_text != NULL) { ret= aaip_encode_acl(d_acl_text, (mode_t) 0, &d_acl_len, &d_acl, - (flag & 3) | 4); + (flag & (1 | 2 | 16)) | 4); if(ret <= 0) goto ex; } diff --git a/libisofs/libisofs.h b/libisofs/libisofs.h index 9dcb3d5..ffc3a1b 100644 --- a/libisofs/libisofs.h +++ b/libisofs/libisofs.h @@ -7416,9 +7416,13 @@ int iso_node_get_acl_text(IsoNode *node, * the permissions of newly created files.) * @param flag * Bitfield for control purposes - * bit1= ignore text parameters but rather update eventual "access" ACL + * bit0= Do not change the stat(2) permissions. + * Caution: This can make the node's permission set inconsistent. + * bit1= Ignore text parameters but rather update the "access" ACL * to the stat(2) permissions of node. If no "access" ACL exists, * then do nothing and return success. + * bit2= Be verbous about failure causes. + * @since 1.5.2 * @return * > 0 success * < 0 failure diff --git a/libisofs/node.c b/libisofs/node.c index 12ad939..ba1863d 100644 --- a/libisofs/node.c +++ b/libisofs/node.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2007 Vreixo Formoso - * Copyright (c) 2009 - 2016 Thomas Schmitt + * Copyright (c) 2009 - 2019 Thomas Schmitt * * This file is part of the libisofs project; you can redistribute it and/or * modify it under the terms of the GNU General Public License version 2 @@ -2261,12 +2261,14 @@ int iso_node_set_acl_text(IsoNode *node, char *access_text, char *default_text, goto ex; } ret = aaip_encode_both_acl(a_text, d_text, st_mode, - &acl_len, &acl, 2 | 8); + &acl_len, &acl, + 2 | 8 | ((flag & 4) << 2)); } else { ret = 1; if (access_text != NULL || default_text != NULL) ret = aaip_encode_both_acl(access_text, default_text, st_mode, - &acl_len, &acl, 2 | 8); + &acl_len, &acl, + 2 | 8 | ((flag & 4) << 2)); } if (ret == -1) ret = ISO_OUT_OF_MEM; @@ -2325,7 +2327,8 @@ int iso_node_set_acl_text(IsoNode *node, char *access_text, char *default_text, goto ex; } ret = aaip_encode_both_acl(access_text, default_text, - st_mode, &acl_len, &acl, 2 | 8); + st_mode, &acl_len, &acl, + 2 | 8 | ((flag & 4) << 2)); if (ret < -3) goto ex; if (ret <= 0) {