/** * seccore_exectldata - control data execute. * @pData: control binary data pointer * @size: control binary data size * * This function is control data execute. * * return infomation * true: execute success * false: execute failed */ bool seccore_exectldata(const char *pData, size_t size) { struct Header *pHeader = (struct Header*)pData; while (!IS_NONDATA(pHeader->mType)) { int type = 0; int size = 0; struct Control *pControl; pControl = (struct Control*)pHeader; switch (pControl->mHeader.mType) { case CONTROL_DELETE: type = 0; if (pControl->mData.mDelete.mTarget & CONTROL_DELETE_TARGET_CONTROL) /* delete control file */ type |= CONTROL_FILEREMOVE_TYPE_CONTROL; if (pControl->mData.mDelete.mTarget & CONTROL_DELETE_TARGET_PROCESSACCESS) /* delete process guard file */ type |= CONTROL_FILEREMOVE_TYPE_PROCESS; if (pControl->mData.mDelete.mTarget & CONTROL_DELETE_TARGET_FILEACCESS) /* delete file guard file */ type |= CONTROL_FILEREMOVE_TYPE_FILE; secpolicy_setctlfsremove(type); size = sizeof(struct Header) + sizeof(pControl->mData.mDelete.mTarget); break; case CONTROL_RESETDATA: if (pControl->mData.mResetData.mTarget & CONTROL_RESETDATA_TARGET_FILEACCESSGUARD) /* reset file guard */ secpolicy_resetfileguarddata(); if (pControl->mData.mResetData.mTarget & CONTROL_RESETDATA_TARGET_PROCESSACCESSGUARD) /* reset process guard */ secpolicy_resetprocguarddata(); size = sizeof(struct Header) + sizeof(pControl->mData.mResetData.mTarget); break; default: SECERROR("Unknown Type=%08X",pControl->mHeader.mType); return false; } /* header shift */ pHeader = seccore_nextheader(pHeader, size); while (IS_SEPARATE(pHeader->mType)) { pHeader = seccore_nextheader(pHeader, sizeof(struct Header)); } } return true; }
static int check_file_access(DATA_BIN_PTR dbin) { PROCESS_INFO_LIST plist = NULL; PROCESS_INFO_PTR pinfo = NULL; int error = 0; error = db_ask(dbin, DBASK_PROCESS_INFO, FFF_OUTPUT, &plist); if (!error) { BOOLEAN no_overwrite = FALSE; if (nt_askexist(dbin, NT_ANYWHERE, "nooverwrite")) no_overwrite = TRUE; plist = dll_first(plist); pinfo = FF_PI(plist); while (pinfo) { if (PINFO_IS_FILE(pinfo)) { if (os_file_exist(PINFO_FNAME(pinfo))) { if (PINFO_MATE(pinfo) && PINFO_MATE_IS_FILE(pinfo) && !strcmp(PINFO_FNAME(pinfo), PINFO_MATE_FNAME(pinfo))) error = err_push(ERR_GENERAL, "Input and output %s files have the same name!", IS_DATA(PINFO_FORMAT(pinfo)) ? "data" : "header"); else if (!PINFO_IS_BROKEN(pinfo)) { if (no_overwrite) error = err_push(ERR_FILE_EXISTS, PINFO_FNAME(pinfo)); else { if (IS_SEPARATE(PINFO_FORMAT(pinfo)) && IS_FILE_HEADER(PINFO_FORMAT(pinfo))) { /* Is this a zero length file? If so, go ahead and overwrite it. */ if (os_filelength(PINFO_FNAME(pinfo))) { err_push(ERR_WARNING_ONLY + ERR_FILE_EXISTS, "Output header (%s) will not be overwritten", PINFO_FNAME(pinfo)); remove_header_from_ac_list(dbin, PINFO_FORMAT(pinfo)->name); } } else err_push(ERR_WARNING_ONLY + ERR_WILL_OVERWRITE_FILE, "%s: \"%s\"", PINFO_FNAME(pinfo), PINFO_NAME(pinfo)); } } } } plist = dll_next(plist); pinfo = FF_PI(plist); } ff_destroy_process_info_list(plist); error = db_ask(dbin, DBASK_PROCESS_INFO, FFF_OUTPUT, &plist); if (!error) { plist = dll_first(plist); pinfo = FF_PI(plist); while (pinfo) { if (PINFO_IS_FILE(pinfo) && !PINFO_IS_BROKEN(pinfo)) { /* Can we write to file? */ if ((!error || error > ERR_WARNING_ONLY) && (!no_overwrite || !os_file_exist(PINFO_FNAME(pinfo)))) { #ifdef ND_FP PINFO_SUB_ARRAY(pinfo)->fp = fopen(PINFO_FNAME(pinfo), "w"); if (PINFO_SUB_ARRAY(pinfo)->fp) { fclose(PINFO_SUB_ARRAY(pinfo)->fp); PINFO_SUB_ARRAY(pinfo)->fp = fopen(PINFO_FNAME(pinfo), "w+b"); if (!PINFO_SUB_ARRAY(pinfo)->fp) { release_file_handles(dbin, FFF_OUTPUT); break; } } #else FILE *fp = NULL; fp = fopen(PINFO_FNAME(pinfo), "w"); if (fp) fclose(fp); #endif else error = err_push(ERR_CREATE_FILE, "%s: \"%s\"", PINFO_FNAME(pinfo), PINFO_NAME(pinfo)); } } plist = dll_next(plist); pinfo = FF_PI(plist); } ff_destroy_process_info_list(plist); } else if (error == ERR_GENERAL) error = 0; } else if (error == ERR_GENERAL) error = 0; #ifdef ND_FP if (!error) { error = db_ask(dbin, DBASK_PROCESS_INFO, FFF_INPUT, &plist); if (!error) { plist = dll_first(plist); pinfo = FF_PI(plist); while (pinfo) { if (PINFO_IS_FILE(pinfo) && !PINFO_IS_BROKEN(pinfo)) { PINFO_SUPER_ARRAY(pinfo)->fp = fopen(PINFO_FNAME(pinfo), "rb"); if (!PINFO_SUPER_ARRAY(pinfo)->fp) { release_file_handles(dbin, FFF_INPUT); release_file_handles(dbin, FFF_OUTPUT); break; } } plist = dll_next(plist); pinfo = FF_PI(plist); } } ff_destroy_process_info_list(plist); } #endif return(error); }