SEXP_t *SEXP_number_newu_32_r(SEXP_t *sexp_mem, uint32_t n) { SEXP_val_t v_dsc; if (sexp_mem == NULL) { errno = EFAULT; return (NULL); } if (SEXP_val_new (&v_dsc, sizeof (SEXP_numtype_t) + sizeof (uint32_t), SEXP_VALTYPE_NUMBER) != 0) { /* TODO: handle this */ return (NULL); } SEXP_NCASTP(u32,v_dsc.mem)->t = SEXP_NUM_UINT32; SEXP_NCASTP(u32,v_dsc.mem)->n = n; SEXP_init(sexp_mem); sexp_mem->s_type = NULL; sexp_mem->s_valp = v_dsc.ptr; return (sexp_mem); }
SEXP_t *SEXP_number_newb_r(SEXP_t *sexp_mem, bool n) { SEXP_val_t v_dsc; if (sexp_mem == NULL) { errno = EFAULT; return (NULL); } if (SEXP_val_new (&v_dsc, sizeof (SEXP_numtype_t) + sizeof (bool), SEXP_VALTYPE_NUMBER) != 0) { /* TODO: handle this */ return (NULL); } SEXP_NCASTP(b,v_dsc.mem)->t = SEXP_NUM_BOOL; SEXP_NCASTP(b,v_dsc.mem)->n = n; SEXP_init(sexp_mem); sexp_mem->s_type = NULL; sexp_mem->s_valp = v_dsc.ptr; return (sexp_mem); }
SEXP_t *SEXP_list_rest_r (SEXP_t *rest, const SEXP_t *list) { SEXP_val_t v_dsc_o, v_dsc_r; struct SEXP_val_lblk *lblk; if (rest == NULL) { errno = EINVAL; return (NULL); } if (list == NULL) { errno = EINVAL; return (NULL); } SEXP_VALIDATE(list); SEXP_val_dsc (&v_dsc_o, list->s_valp); if (v_dsc_o.type != SEXP_VALTYPE_LIST) { errno = EINVAL; return (NULL); } if (SEXP_val_new (&v_dsc_r, sizeof (void *) + sizeof (uint16_t), SEXP_VALTYPE_LIST) != 0) { /* TODO: handle this */ return (NULL); } SEXP_LCASTP(v_dsc_r.mem)->offset = SEXP_LCASTP(v_dsc_o.mem)->offset + 1; SEXP_LCASTP(v_dsc_r.mem)->b_addr = SEXP_LCASTP(v_dsc_o.mem)->b_addr; lblk = SEXP_VALP_LBLK(SEXP_LCASTP(v_dsc_r.mem)->b_addr); if (lblk != NULL) { if (SEXP_LCASTP(v_dsc_r.mem)->offset == lblk->real) { SEXP_LCASTP(v_dsc_r.mem)->offset = 0; SEXP_LCASTP(v_dsc_r.mem)->b_addr = SEXP_VALP_LBLK(lblk->nxsz); } if (SEXP_VALP_LBLK(SEXP_LCASTP(v_dsc_r.mem)->b_addr) != NULL) SEXP_LCASTP(v_dsc_r.mem)->b_addr = (void *)SEXP_rawval_lblk_incref ((uintptr_t) SEXP_LCASTP(v_dsc_r.mem)->b_addr); } SEXP_init(rest); rest->s_type = NULL; rest->s_valp = SEXP_val_ptr (&v_dsc_r); SEXP_VALIDATE(rest); return (rest); }
SEXP_t *SEXP_list_new_rv (SEXP_t *sexp_mem, SEXP_t *memb, va_list alist) { SEXP_val_t v_dsc; SEXP_t *s_ptr[32]; size_t s_cur; uint8_t b_exp; s_cur = 0; s_ptr[s_cur] = memb; while (s_ptr[s_cur] != NULL) { _A(s_cur < (sizeof s_ptr / sizeof (SEXP_t *))); SEXP_VALIDATE(s_ptr[s_cur]); s_ptr[++s_cur] = va_arg (alist, SEXP_t *); } if (SEXP_val_new (&v_dsc, sizeof (void *) + sizeof (uint16_t), SEXP_VALTYPE_LIST) != 0) { /* TODO: handle this */ return (NULL); } if (s_cur > 0) { for (b_exp = 0; (size_t)(1 << b_exp) < s_cur; ++b_exp); SEXP_LCASTP(v_dsc.mem)->offset = 0; SEXP_LCASTP(v_dsc.mem)->b_addr = (void *)SEXP_rawval_lblk_new (b_exp); if (SEXP_rawval_lblk_fill ((uintptr_t)SEXP_LCASTP(v_dsc.mem)->b_addr, s_ptr, s_cur) != ((uintptr_t)SEXP_LCASTP(v_dsc.mem)->b_addr)) { /* TODO: handle this */ return (NULL); } } else { SEXP_LCASTP(v_dsc.mem)->offset = 0; SEXP_LCASTP(v_dsc.mem)->b_addr = NULL; } SEXP_init(sexp_mem); sexp_mem->s_type = NULL; sexp_mem->s_valp = v_dsc.ptr; SEXP_VALIDATE(sexp_mem); return (sexp_mem); }
SEXP_t *SEXP_string_newf_rv(SEXP_t *sexp_mem, const char *format, va_list ap) { SEXP_val_t v_dsc; char *v_string = NULL; int v_strlen = 0; va_list copy; if (sexp_mem == NULL) { errno = EFAULT; return (NULL); } va_copy(copy, ap); v_strlen = vsnprintf(v_string, v_strlen, format, copy); va_end(copy); if (v_strlen < 0) { return NULL; } v_strlen++; /* For '\0' */ v_string = malloc(v_strlen); v_strlen = vsnprintf(v_string, v_strlen, format, ap); if (v_strlen < 0) { free(v_string); return NULL; } if (v_strlen < 0) { /* TODO: handle this */ return (NULL); } if (SEXP_val_new (&v_dsc, sizeof (char) * v_strlen, SEXP_VALTYPE_STRING) != 0) { /* TODO: handle this */ return (NULL); } memcpy (v_dsc.mem, v_string, sizeof (char) * v_strlen); free(v_string); SEXP_init(sexp_mem); sexp_mem->s_type = NULL; sexp_mem->s_valp = v_dsc.ptr; return (sexp_mem); }
void *probe_init (void) { SEXP_init(&gr_lastpath); /* * Initialize mutex. */ switch (pthread_mutex_init (&__file_probe_mutex, NULL)) { case 0: return ((void *)&__file_probe_mutex); default: dI("Can't initialize mutex: errno=%u, %s.", errno, strerror (errno)); } #if 0 probe_setoption(PROBEOPT_VARREF_HANDLING, false, "path"); probe_setoption(PROBEOPT_VARREF_HANDLING, false, "filename"); #endif probe_setoption(PROBEOPT_OFFLINE_MODE_SUPPORTED, PROBE_OFFLINE_CHROOT); return (NULL); }
SEXP_t *SEXP_string_new_r (SEXP_t *sexp_mem, const void *string, size_t length) { SEXP_val_t v_dsc; if (sexp_mem == NULL) { errno = EFAULT; return (NULL); } if (SEXP_val_new (&v_dsc, sizeof (char) * length, SEXP_VALTYPE_STRING) != 0) { /* TODO: handle this */ return (NULL); } memcpy (v_dsc.mem, string, sizeof (char) * length); SEXP_init(sexp_mem); sexp_mem->s_type = NULL; sexp_mem->s_valp = v_dsc.ptr; return (sexp_mem); }
static int file_cb (const char *p, const char *f, void *ptr) { char path_buffer[PATH_MAX]; SEXP_t *item, xattr_name; struct cbargs *args = (struct cbargs *) ptr; const char *st_path; ssize_t xattr_count = -1; char *xattr_buf = NULL; size_t xattr_buflen = 0, i; if (f == NULL) { st_path = p; } else { snprintf (path_buffer, sizeof path_buffer, "%s/%s", p, f); st_path = path_buffer; } SEXP_init(&xattr_name); do { /* estimate the size of the buffer */ xattr_count = llistxattr(st_path, NULL, 0); if (xattr_count == 0) return (0); if (xattr_count < 0) { dI("FAIL: llistxattr(%s, %p, %zu): errno=%u, %s.", errno, strerror(errno)); return 0; } /* allocate space for xattr names */ xattr_buflen = xattr_count; xattr_buf = oscap_realloc(xattr_buf, sizeof(char) * xattr_buflen); /* fill the buffer */ xattr_count = llistxattr(st_path, xattr_buf, xattr_buflen); /* check & retry if needed */ } while (errno == ERANGE); if (xattr_count < 0) { dI("FAIL: llistxattr(%s, %p, %zu): errno=%u, %s.", errno, strerror(errno)); oscap_free(xattr_buf); } /* update lastpath if needed */ if (!SEXP_emptyp(&gr_lastpath)) { if (SEXP_strcmp(&gr_lastpath, p) != 0) { SEXP_free_r(&gr_lastpath); SEXP_string_new_r(&gr_lastpath, p, strlen(p)); } } else SEXP_string_new_r(&gr_lastpath, p, strlen(p)); i = 0; /* collect */ do { SEXP_string_new_r(&xattr_name, xattr_buf + i, strlen(xattr_buf +i)); if (probe_entobj_cmp(args->attr_ent, &xattr_name) == OVAL_RESULT_TRUE) { ssize_t xattr_vallen = -1; char *xattr_val = NULL; xattr_vallen = lgetxattr(st_path, xattr_buf + i, NULL, 0); retry_value: if (xattr_vallen >= 0) { // Check possible buffer overflow if (sizeof(char) * (xattr_vallen + 1) <= sizeof(char) * xattr_vallen) { dE("Attribute is too long."); abort(); } // Allocate buffer, '+1' is for trailing '\0' xattr_val = oscap_realloc(xattr_val, sizeof(char) * (xattr_vallen + 1)); // we don't want to override space for '\0' by call of 'lgetxattr' // we pass only 'xattr_vallen' instead of 'xattr_vallen + 1' xattr_vallen = lgetxattr(st_path, xattr_buf + i, xattr_val, xattr_vallen); if (xattr_vallen < 0 || errno == ERANGE) goto retry_value; xattr_val[xattr_vallen] = '\0'; item = probe_item_create(OVAL_UNIX_FILEEXTENDEDATTRIBUTE, NULL, "filepath", OVAL_DATATYPE_STRING, f == NULL ? NULL : st_path, "path", OVAL_DATATYPE_SEXP, &gr_lastpath, "filename", OVAL_DATATYPE_STRING, f == NULL ? "" : f, "attribute_name", OVAL_DATATYPE_SEXP, &xattr_name, "value", OVAL_DATATYPE_STRING, xattr_val, NULL); oscap_free(xattr_val); } else { dI("FAIL: lgetxattr(%s, %s, NULL, 0): errno=%u, %s.", errno, strerror(errno)); item = probe_item_create(OVAL_UNIX_FILEEXTENDEDATTRIBUTE, NULL, NULL); probe_item_setstatus(item, SYSCHAR_STATUS_ERROR); if (xattr_val != NULL) oscap_free(xattr_val); } probe_item_collect(args->ctx, item); /* XXX: handle ENOMEM */ } SEXP_free_r(&xattr_name); /* skip to next name */ while (i < xattr_buflen && xattr_buf[i] != '\0') ++i; ++i; } while (xattr_buf + i < xattr_buf + xattr_buflen - 1); oscap_free(xattr_buf); return (0); }