openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

security: Use g_strdup_printf() instead of virAsprintf() 

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
This commit is contained in:
Michal Privoznik 2019-10-22 15:26:14 +02:00
parent c684b3c7e8
commit 2e9fe8b9a7
5 changed files with 65 additions and 149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
src/security/security_apparmor.c
View File

@ -76,15 +76,11 @@ profile_status(const char *str, const int check_enforcing)
int rc = -2;
/* create string that is '<str> \0' for accurate matching */
if (virAsprintf(&tmp, "%s ", str) == -1)
return rc;
tmp = g_strdup_printf("%s ", str);
if (check_enforcing != 0) {
/* create string that is '<str> (enforce)\0' for accurate matching */
if (virAsprintf(&etmp, "%s (enforce)", str) == -1) {
VIR_FREE(tmp);
return rc;
}
etmp = g_strdup_printf("%s (enforce)", str);
}
if (virFileReadAll(APPARMOR_PROFILES_PATH, MAX_FILE_LEN, &content) < 0) {
@ -130,8 +126,7 @@ profile_status_file(const char *str)
int rc = -1;
int len;
if (virAsprintf(&profile, "%s/%s", APPARMOR_DIR "/libvirt", str) == -1)
return rc;
profile = g_strdup_printf("%s/%s", APPARMOR_DIR "/libvirt", str);
if (!virFileExists(profile))
goto failed;
@ -143,8 +138,7 @@ profile_status_file(const char *str)
}
/* create string that is ' <str> flags=(complain)\0' */
if (virAsprintf(&tmp, " %s flags=(complain)", str) == -1)
goto failed;
tmp = g_strdup_printf(" %s flags=(complain)", str);
if (strstr(content, tmp) != NULL)
rc = 0;
@ -227,8 +221,7 @@ get_profile_name(virDomainDefPtr def)
char *name = NULL;
virUUIDFormat(def->uuid, uuidstr);
if (virAsprintf(&name, "%s%s", AA_PREFIX, uuidstr) < 0)
return NULL;
name = g_strdup_printf("%s%s", AA_PREFIX, uuidstr);
return name;
}
@ -360,13 +353,8 @@ AppArmorSecurityManagerProbe(const char *virtDriver G_GNUC_UNUSED)
return rc;
/* see if template file exists */
if (virAsprintf(&template_qemu, "%s/TEMPLATE.qemu",
APPARMOR_DIR "/libvirt") == -1)
return rc;
if (virAsprintf(&template_lxc, "%s/TEMPLATE.lxc",
APPARMOR_DIR "/libvirt") == -1)
goto cleanup;
template_qemu = g_strdup_printf("%s/TEMPLATE.qemu", APPARMOR_DIR "/libvirt");
template_lxc = g_strdup_printf("%s/TEMPLATE.lxc", APPARMOR_DIR "/libvirt");
if (!virFileExists(template_qemu)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
@ -1038,9 +1026,8 @@ AppArmorSetChardevLabel(virSecurityManagerPtr mgr,
break;
case VIR_DOMAIN_CHR_TYPE_PIPE:
if (virAsprintf(&in, "%s.in", dev_source->data.file.path) < 0 ||
virAsprintf(&out, "%s.out", dev_source->data.file.path) < 0)
goto done;
in = g_strdup_printf("%s.in", dev_source->data.file.path);
out = g_strdup_printf("%s.out", dev_source->data.file.path);
if (virFileExists(in)) {
if (reload_profile(mgr, def, in, true) < 0)
goto done;
@ -1104,8 +1091,7 @@ AppArmorSetPathLabel(virSecurityManagerPtr mgr,
char *full_path = NULL;
if (allowSubtree) {
if (virAsprintf(&full_path, "%s/{,**}", path) < 0)
return -1;
full_path = g_strdup_printf("%s/{,**}", path);
rc = reload_profile(mgr, def, full_path, true);
VIR_FREE(full_path);
} else {
@ -1128,7 +1114,6 @@ AppArmorSetFDLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
int fd)
{
int rc = -1;
char *proc = NULL;
char *fd_path = NULL;
@ -1138,8 +1123,7 @@ AppArmorSetFDLabel(virSecurityManagerPtr mgr,
if (!secdef || !secdef->imagelabel)
return 0;
if (virAsprintf(&proc, "/proc/self/fd/%d", fd) == -1)
return rc;
proc = g_strdup_printf("/proc/self/fd/%d", fd);
if (virFileResolveLink(proc, &fd_path) < 0) {
/* it's a deleted file, presumably. Ignore? */

30
src/security/security_dac.c
View File

@ -302,10 +302,8 @@ virSecurityDACSetUserAndGroup(virSecurityManagerPtr mgr,
priv->user = user;
priv->group = group;
if (virAsprintf(&priv->baselabel, "+%u:+%u",
(unsigned int)user,
(unsigned int)group) < 0)
return -1;
priv->baselabel = g_strdup_printf("+%u:+%u", (unsigned int)user,
(unsigned int)group);
return 0;
}
@ -439,10 +437,7 @@ virSecurityDACRememberLabel(virSecurityDACDataPtr priv G_GNUC_UNUSED,
char *label = NULL;
int ret = -1;
if (virAsprintf(&label, "+%u:+%u",
(unsigned int)uid,
(unsigned int)gid) < 0)
return -1;
label = g_strdup_printf("+%u:+%u", (unsigned int)uid, (unsigned int)gid);
ret = virSecuritySetRememberedLabel(SECURITY_DAC_NAME, path, label);
VIR_FREE(label);
@ -1512,9 +1507,8 @@ virSecurityDACSetChardevLabelHelper(virSecurityManagerPtr mgr,
break;
case VIR_DOMAIN_CHR_TYPE_PIPE:
if (virAsprintf(&in, "%s.in", dev_source->data.file.path) < 0 ||
virAsprintf(&out, "%s.out", dev_source->data.file.path) < 0)
goto done;
in = g_strdup_printf("%s.in", dev_source->data.file.path);
out = g_strdup_printf("%s.out", dev_source->data.file.path);
if (virFileExists(in) && virFileExists(out)) {
if (virSecurityDACSetOwnership(mgr, NULL, in, user, group, remember) < 0 ||
virSecurityDACSetOwnership(mgr, NULL, out, user, group, remember) < 0)
@ -1605,9 +1599,8 @@ virSecurityDACRestoreChardevLabelHelper(virSecurityManagerPtr mgr,
break;
case VIR_DOMAIN_CHR_TYPE_PIPE:
if (virAsprintf(&out, "%s.out", dev_source->data.file.path) < 0 ||
virAsprintf(&in, "%s.in", dev_source->data.file.path) < 0)
goto done;
out = g_strdup_printf("%s.out", dev_source->data.file.path);
in = g_strdup_printf("%s.in", dev_source->data.file.path);
if (virFileExists(in) && virFileExists(out)) {
if (virSecurityDACRestoreFileLabelInternal(mgr, NULL, out, recall) < 0 ||
virSecurityDACRestoreFileLabelInternal(mgr, NULL, in, recall) < 0)
@ -2288,10 +2281,8 @@ virSecurityDACGenLabel(virSecurityManagerPtr mgr,
}
break;
case VIR_DOMAIN_SECLABEL_DYNAMIC:
if (virAsprintf(&seclabel->label, "+%u:+%u",
(unsigned int)priv->user,
(unsigned int)priv->group) < 0)
return rc;
seclabel->label = g_strdup_printf("+%u:+%u", (unsigned int)priv->user,
(unsigned int)priv->group);
if (seclabel->label == NULL) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot generate dac user and group id "
@ -2342,8 +2333,7 @@ virSecurityDACGetProcessLabelInternal(pid_t pid,
VIR_DEBUG("Getting DAC user and group on process '%d'", pid);
if (virAsprintf(&path, "/proc/%d", (int)pid) < 0)
goto cleanup;
path = g_strdup_printf("/proc/%d", (int)pid);
if (lstat(path, &sb) < 0) {
virReportSystemError(errno,

59
src/security/security_selinux.c
View File

@ -377,16 +377,14 @@ virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr,
VIR_DEBUG("Try cat %s:c%d,c%d", sens, c1 + catMin, c2 + catMin);
if (c1 == c2) {
if (virAsprintf(&mcs, "%s:c%d", sens, catMin + c1) < 0)
return NULL;
mcs = g_strdup_printf("%s:c%d", sens, catMin + c1);
} else {
if (c1 > c2) {
int t = c1;
c1 = c2;
c2 = t;
}
if (virAsprintf(&mcs, "%s:c%d,c%d", sens, catMin + c1, catMin + c2) < 0)
return NULL;
mcs = g_strdup_printf("%s:c%d,c%d", sens, catMin + c1, catMin + c2);
}
if (virHashLookup(data->mcs, mcs) == NULL)
@ -2186,9 +2184,8 @@ virSecuritySELinuxSetHostdevCapsLabel(virSecurityManagerPtr mgr,
switch (dev->source.caps.type) {
case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: {
if (vroot) {
if (virAsprintf(&path, "%s/%s", vroot,
dev->source.caps.u.storage.block) < 0)
return -1;
path = g_strdup_printf("%s/%s", vroot,
dev->source.caps.u.storage.block);
} else {
path = g_strdup(dev->source.caps.u.storage.block);
}
@ -2199,9 +2196,8 @@ virSecuritySELinuxSetHostdevCapsLabel(virSecurityManagerPtr mgr,
case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC: {
if (vroot) {
if (virAsprintf(&path, "%s/%s", vroot,
dev->source.caps.u.misc.chardev) < 0)
return -1;
path = g_strdup_printf("%s/%s", vroot,
dev->source.caps.u.misc.chardev);
} else {
path = g_strdup(dev->source.caps.u.misc.chardev);
}
@ -2419,9 +2415,8 @@ virSecuritySELinuxRestoreHostdevCapsLabel(virSecurityManagerPtr mgr,
switch (dev->source.caps.type) {
case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: {
if (vroot) {
if (virAsprintf(&path, "%s/%s", vroot,
dev->source.caps.u.storage.block) < 0)
return -1;
path = g_strdup_printf("%s/%s", vroot,
dev->source.caps.u.storage.block);
} else {
path = g_strdup(dev->source.caps.u.storage.block);
}
@ -2432,9 +2427,8 @@ virSecuritySELinuxRestoreHostdevCapsLabel(virSecurityManagerPtr mgr,
case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC: {
if (vroot) {
if (virAsprintf(&path, "%s/%s", vroot,
dev->source.caps.u.misc.chardev) < 0)
return -1;
path = g_strdup_printf("%s/%s", vroot,
dev->source.caps.u.misc.chardev);
} else {
path = g_strdup(dev->source.caps.u.misc.chardev);
}
@ -2532,9 +2526,8 @@ virSecuritySELinuxSetChardevLabel(virSecurityManagerPtr mgr,
break;
case VIR_DOMAIN_CHR_TYPE_PIPE:
if ((virAsprintf(&in, "%s.in", dev_source->data.file.path) < 0) ||
(virAsprintf(&out, "%s.out", dev_source->data.file.path) < 0))
goto done;
in = g_strdup_printf("%s.in", dev_source->data.file.path);
out = g_strdup_printf("%s.out", dev_source->data.file.path);
if (virFileExists(in) && virFileExists(out)) {
if ((virSecuritySELinuxSetFilecon(mgr, in, imagelabel, true) < 0) ||
(virSecuritySELinuxSetFilecon(mgr, out, imagelabel, true) < 0)) {
@ -2607,9 +2600,8 @@ virSecuritySELinuxRestoreChardevLabel(virSecurityManagerPtr mgr,
break;
case VIR_DOMAIN_CHR_TYPE_PIPE:
if ((virAsprintf(&out, "%s.out", dev_source->data.file.path) < 0) ||
(virAsprintf(&in, "%s.in", dev_source->data.file.path) < 0))
goto done;
out = g_strdup_printf("%s.out", dev_source->data.file.path);
in = g_strdup_printf("%s.in", dev_source->data.file.path);
if (virFileExists(in) && virFileExists(out)) {
if ((virSecuritySELinuxRestoreFileLabel(mgr, out, true) < 0) ||
(virSecuritySELinuxRestoreFileLabel(mgr, in, true) < 0)) {
@ -3247,8 +3239,7 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManagerPtr mgr,
}
/* Label /dev/tap.* devices only. Leave /dev/net/tun alone! */
if (virAsprintf(&proc, "/proc/self/fd/%d", fd) == -1)
goto cleanup;
proc = g_strdup_printf("/proc/self/fd/%d", fd);
if (virFileResolveLink(proc, &fd_path) < 0) {
virReportSystemError(errno,
@ -3331,11 +3322,11 @@ virSecuritySELinuxGetSecurityMountOptions(virSecurityManagerPtr mgr,
if (!secdef->imagelabel)
secdef->imagelabel = virSecuritySELinuxGenImageLabel(mgr, def);
if (secdef->imagelabel &&
virAsprintf(&opts,
",context=\"%s\"",
(const char*) secdef->imagelabel) < 0)
return NULL;
if (secdef->imagelabel) {
opts = g_strdup_printf(
",context=\"%s\"",
(const char*) secdef->imagelabel);
}
}
if (!opts)
@ -3393,10 +3384,7 @@ virSecuritySELinuxSetFileLabels(virSecurityManagerPtr mgr,
return -1;
while ((ret = virDirRead(dir, &ent, path)) > 0) {
if (virAsprintf(&filename, "%s/%s", path, ent->d_name) < 0) {
ret = -1;
break;
}
filename = g_strdup_printf("%s/%s", path, ent->d_name);
ret = virSecuritySELinuxSetFilecon(mgr, filename,
seclabel->imagelabel, true);
VIR_FREE(filename);
@ -3442,10 +3430,7 @@ virSecuritySELinuxRestoreFileLabels(virSecurityManagerPtr mgr,
return -1;
while ((ret = virDirRead(dir, &ent, path)) > 0) {
if (virAsprintf(&filename, "%s/%s", path, ent->d_name) < 0) {
ret = -1;
break;
}
filename = g_strdup_printf("%s/%s", path, ent->d_name);
ret = virSecuritySELinuxRestoreFileLabel(mgr, filename, true);
VIR_FREE(filename);
if (ret < 0)

14
src/security/security_util.c
View File

@ -63,7 +63,7 @@ virSecurityGetAttrName(const char *name G_GNUC_UNUSED)
{
char *ret = NULL;
#ifdef XATTR_NAMESPACE
ignore_value(virAsprintf(&ret, XATTR_NAMESPACE".libvirt.security.%s", name));
ret = g_strdup_printf(XATTR_NAMESPACE".libvirt.security.%s", name);
#else
errno = ENOSYS;
virReportSystemError(errno, "%s",
@ -78,7 +78,7 @@ virSecurityGetRefCountAttrName(const char *name G_GNUC_UNUSED)
{
char *ret = NULL;
#ifdef XATTR_NAMESPACE
ignore_value(virAsprintf(&ret, XATTR_NAMESPACE".libvirt.security.ref_%s", name));
ret = g_strdup_printf(XATTR_NAMESPACE".libvirt.security.ref_%s", name);
#else
errno = ENOSYS;
virReportSystemError(errno, "%s",
@ -93,7 +93,7 @@ static char *
virSecurityGetTimestampAttrName(const char *name)
{
char *ret = NULL;
ignore_value(virAsprintf(&ret, XATTR_NAMESPACE ".libvirt.security.timestamp_%s", name));
ret = g_strdup_printf(XATTR_NAMESPACE ".libvirt.security.timestamp_%s", name);
return ret;
}
#else /* !XATTR_NAMESPACE */
@ -120,7 +120,7 @@ virSecurityGetTimestamp(void)
return NULL;
}
ignore_value(virAsprintf(&ret, "%llu", boottime));
ret = g_strdup_printf("%llu", boottime);
return ret;
}
@ -312,8 +312,7 @@ virSecurityGetRememberedLabel(const char *name,
refcount--;
if (refcount > 0) {
if (virAsprintf(&value, "%u", refcount) < 0)
return -1;
value = g_strdup_printf("%u", refcount);
if (virFileSetXAttr(path, ref_name, value) < 0)
return -1;
@ -420,8 +419,7 @@ virSecuritySetRememberedLabel(const char *name,
return -1;
}
if (virAsprintf(&value, "%u", refcount) < 0)
return -1;
value = g_strdup_printf("%u", refcount);
if (virFileSetXAttr(path, ref_name, value) < 0)
return -1;

73
src/security/virt-aa-helper.c
View File

@ -157,11 +157,7 @@ parserCommand(const char *profile_name, const char cmd)
snprintf(flag, 3, "-%c", cmd);
if (virAsprintfQuiet(&profile, "%s/%s",
APPARMOR_DIR "/libvirt", profile_name) < 0) {
vah_error(NULL, 0, _("profile name exceeds maximum length"));
return -1;
}
profile = g_strdup_printf("%s/%s", APPARMOR_DIR "/libvirt", profile_name);
if (!virFileExists(profile)) {
vah_error(NULL, 0, _("profile does not exist"));
@ -217,17 +213,10 @@ update_include_file(const char *include_file, const char *included_files,
return rc;
}
if (append && virFileExists(include_file)) {
if (virAsprintfQuiet(&pcontent, "%s%s", existing, included_files) == -1) {
vah_error(NULL, 0, _("could not allocate memory for profile"));
goto cleanup;
}
} else {
if (virAsprintfQuiet(&pcontent, "%s%s", warning, included_files) == -1) {
vah_error(NULL, 0, _("could not allocate memory for profile"));
goto cleanup;
}
}
if (append && virFileExists(include_file))
pcontent = g_strdup_printf("%s%s", existing, included_files);
else
pcontent = g_strdup_printf("%s%s", warning, included_files);
plen = strlen(pcontent);
if (plen > MAX_FILE_LEN) {
@ -301,11 +290,7 @@ create_profile(const char *profile, const char *profile_name,
driver_name = virDomainVirtTypeToString(virtType);
}
if (virAsprintfQuiet(&template, "%s/TEMPLATE.%s", APPARMOR_DIR "/libvirt",
driver_name) < 0) {
vah_error(NULL, 0, _("template name exceeds maximum length"));
goto end;
}
template = g_strdup_printf("%s/TEMPLATE.%s", APPARMOR_DIR "/libvirt", driver_name);
if (!virFileExists(template)) {
vah_error(NULL, 0, _("template does not exist"));
@ -328,18 +313,11 @@ create_profile(const char *profile, const char *profile_name,
}
/* '\nprofile <profile_name>\0' */
if (virAsprintfQuiet(&replace_name, "\nprofile %s", profile_name) == -1) {
vah_error(NULL, 0, _("could not allocate memory for profile name"));
goto clean_tcontent;
}
replace_name = g_strdup_printf("\nprofile %s", profile_name);
/* '\n<profile_files>\n}\0' */
if ((virtType != VIR_DOMAIN_VIRT_LXC) &&
virAsprintfQuiet(&replace_files, "\n%s\n}", profile_files) == -1) {
vah_error(NULL, 0, _("could not allocate memory for profile files"));
VIR_FREE(replace_name);
goto clean_tcontent;
}
if (virtType != VIR_DOMAIN_VIRT_LXC)
replace_files = g_strdup_printf("\n%s\n}", profile_files);
plen = tlen + strlen(replace_name) - strlen(template_name) + 1;
@ -790,8 +768,7 @@ vah_add_path(virBufferPtr buf, const char *path, const char *perms, bool recursi
vah_error(NULL, 0, _("could not find realpath"));
goto cleanup;
}
if (virAsprintfQuiet(&tmp, "%s%s", pathreal, pathtmp) < 0)
goto cleanup;
tmp = g_strdup_printf("%s%s", pathreal, pathtmp);
}
perms_new = g_strdup(perms);
@ -858,19 +835,13 @@ vah_add_file_chardev(virBufferPtr buf,
if (type == VIR_DOMAIN_CHR_TYPE_PIPE) {
/* add the pipe input */
if (virAsprintfQuiet(&pipe_in, "%s.in", path) == -1) {
vah_error(NULL, 0, _("could not allocate memory"));
goto cleanup;
}
pipe_in = g_strdup_printf("%s.in", path);
if (vah_add_file(buf, pipe_in, perms) != 0)
goto clean_pipe_in;
/* add the pipe output */
if (virAsprintfQuiet(&pipe_out, "%s.out", path) == -1) {
vah_error(NULL, 0, _("could not allocate memory"));
goto clean_pipe_in;
}
pipe_out = g_strdup_printf("%s.out", path);
if (vah_add_file(buf, pipe_out, perms) != 0)
goto clean_pipe_out;
@ -963,10 +934,7 @@ get_files(vahControl * ctl)
/* verify uuid is same as what we were given on the command line */
virUUIDFormat(ctl->def->uuid, uuidstr);
if (virAsprintfQuiet(&uuid, "%s%s", AA_PREFIX, uuidstr) == -1) {
vah_error(ctl, 0, _("could not allocate memory"));
return rc;
}
uuid = g_strdup_printf("%s%s", AA_PREFIX, uuidstr);
if (STRNEQ(uuid, ctl->uuid)) {
vah_error(ctl, 0, _("given uuid does not match XML uuid"));
@ -1457,13 +1425,8 @@ main(int argc, char **argv)
if (vahParseArgv(ctl, argc, argv) != 0)
vah_error(ctl, 1, _("could not parse arguments"));
if (virAsprintfQuiet(&profile, "%s/%s",
APPARMOR_DIR "/libvirt", ctl->uuid) < 0)
vah_error(ctl, 0, _("could not allocate memory"));
if (virAsprintfQuiet(&include_file, "%s/%s.files",
APPARMOR_DIR "/libvirt", ctl->uuid) < 0)
vah_error(ctl, 0, _("could not allocate memory"));
profile = g_strdup_printf("%s/%s", APPARMOR_DIR "/libvirt", ctl->uuid);
include_file = g_strdup_printf("%s/%s.files", APPARMOR_DIR "/libvirt", ctl->uuid);
if (ctl->cmd == 'a') {
rc = parserLoad(ctl->uuid);
@ -1520,11 +1483,7 @@ main(int argc, char **argv)
/* create the profile from TEMPLATE */
if (ctl->cmd == 'c') {
char *tmp = NULL;
if (virAsprintfQuiet(&tmp, " #include <libvirt/%s.files>\n",
ctl->uuid) == -1) {
vah_error(ctl, 0, _("could not allocate memory"));
goto cleanup;
}
tmp = g_strdup_printf(" #include <libvirt/%s.files>\n", ctl->uuid);
if (ctl->dryrun) {
vah_info(profile);