diff options
| author | Kaz Kylheku <kaz@kylheku.com> | 2022-07-29 20:08:41 -0700 |
|---|---|---|
| committer | Kaz Kylheku <kaz@kylheku.com> | 2022-07-29 20:08:41 -0700 |
| commit | 2f27d6c386daff041017b7aaec51d0e50e603a8e (patch) | |
| tree | c78c8777533fbb91bf6aa909eaef1c79b7cfd75e /testsp.c | |
| parent | 101303eb8bfd6a5ac99324467e83139e0e6c4b18 (diff) | |
| download | safepath-2f27d6c386daff041017b7aaec51d0e50e603a8e.tar.gz safepath-2f27d6c386daff041017b7aaec51d0e50e603a8e.tar.bz2 safepath-2f27d6c386daff041017b7aaec51d0e50e603a8e.zip | |
Use regular expression against /proc symlinks.
* safepath.c (bad_proc): New static variable; regular
expression that matches paths under /proc that traverse
dangerous symlinks.
(bad_proc_rx): Compiled version of above regex.
(abs_path_check): Replace ad-hoc path match with regexec call.
(safepath_init, safepath_deinit): New functions needed because
have to compile a regular expression one time, and then
keep using it. We could do this lazily but then we need
pthread_once to make things thread safe.
* safepath.h (safepath_init, safepath_cleanup): Declared.
* testsp.c (main): Call safepath_init and safepath_cleanup.
Diffstat (limited to 'testsp.c')
| -rw-r--r-- | testsp.c | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -36,8 +36,13 @@ int main(int argc, char **argv) (void) argc; if (argv[0] && argv[1] && !argv[2]) { + if (!safepath_init()) { + printf("%s: unable to initialize safepath library\n", argv[0]); + return EXIT_FAILURE; + } int res = safepath_check(argv[1]); printf("safepath_check(\"%s\") == %s\n", argv[1], safepath_strerr(res)); + safepath_cleanup(); return res == SAFEPATH_OK ? 0 : EXIT_FAILURE; } else if (argv[0]) { printf("%s: requires exactly one argument\n", argv[0]); |