int is_prog_syst(t_vars *v) { t_exec c; if (v->argc >= 1 && can_access(v->argv[0])) return (PROG_SYST); else if (v->argc >= 1 && (c.path = get_the_path(v))) { c.i = 0; while (c.path[c.i]) { c.bin_path = my_strcat(c.path[c.i], "/"); c.bin_name = my_strcat(c.bin_path, v->argv[0]); if (can_access(c.bin_name)) { c.bin_path = my_xxfree(c.bin_path); c.bin_name = my_xxfree(c.bin_name); c.path = my_xfree_tab(c.path); return (PROG_SYST); } c.bin_name = my_xxfree(c.bin_name); c.bin_path = my_xxfree(c.bin_path); c.i += 1; } c.path = my_xfree_tab(c.path); } return (SMTH_ELSE); }
/*---------------------------------------------------------------------- Check if we can access a file in a given way in the given path Args: path -- The path to look for "file" in file -- The file to check mode -- The mode ala the access() system call, see ACCESS_EXISTS and friends in alpine.h. Result: returns 0 if the user can access the file according to the mode, -1 if he can't (and errno is set). ----*/ int can_access_in_path(char *path, char *file, int mode) { char tmp[MAXPATH]; int rv = -1; if(!path || !*path || is_rooted_path(file)){ rv = can_access(file, mode); } else if(is_homedir_path(file)){ strncpy(tmp, file, sizeof(tmp)); tmp[sizeof(tmp)-1] = '\0'; rv = fnexpand(tmp, sizeof(tmp)) ? can_access(tmp, mode) : -1; } else if((rv = ACCESS_IN_CWD(file,mode)) < 0){ char path_copy[MAXPATH + 1], *p, *t; if(strlen(path) < MAXPATH){ strncpy(path_copy, path, sizeof(path_copy)); path_copy[sizeof(path_copy)-1] = '\0'; for(p = path_copy; p && *p; p = t){ if((t = strchr(p, PATH_SEP)) != NULL) *t++ = '\0'; snprintf(tmp, sizeof(tmp), "%s%c%s", p, FILE_SEP, file); if((rv = can_access(tmp, mode)) == 0) break; } } } return(rv); }
int redirection_droite(t_struct *pile, char *str, int i) { char *tmp; int k; i++; tmp = extraction_file(str, i, tmp, pile); if (tmp != NULL) { if (can_access(tmp, 1, 1) == 1) return (NOT_OK); k = open(tmp, O_CREAT | O_RDWR | O_TRUNC, 0777); if (k == -1) aff_err("open", 1); free(tmp); pile->red_d = 0; if (k != -1) pile->fd = k; } else { my_putstr(INV_COM, 2); return (NOT_OK); } return (OK); }
//-------------------------------------------------------------------------- // get path+name from a mapped file in the debugged process bool win32_debmod_t::get_mapped_filename(HANDLE process_handle, ea_t imagebase, char *buf, size_t bufsize) { if ( _GetMappedFileName != NULL ) { TCHAR name[QMAXPATH]; name[0] = '\0'; if ( !can_access(imagebase) ) imagebase += MEMORY_PAGE_SIZE; if ( _GetMappedFileName(process_handle, (LPVOID)imagebase, name, qnumber(name)) ) { // translate path with device name to drive letters. // based on http://msdn.microsoft.com/library/default.asp?url=/library/en-us/fileio/base/obtaining_a_file_name_from_a_file_handle.asp TCHAR szTemp[MAX_PATH]; szTemp[0] = '\0'; if ( GetLogicalDriveStrings(sizeof(szTemp), szTemp) ) { char szName[MAX_PATH]; char szDrive[3] = " :"; bool bFound = FALSE; char *p = szTemp; do { // Copy the drive letter to the template string szDrive[0] = *p; // Look up each device name if ( QueryDosDevice(szDrive, szName, MAX_PATH) ) { size_t uNameLen = strlen(szName); if ( uNameLen < MAX_PATH ) { bFound = strnicmp(name, szName, uNameLen) == 0; if ( bFound ) { // Reconstruct pszFilename using szTemp // Replace device path with DOS path qstrncpy(name, szDrive, sizeof(name)); qstrncat(name, name+uNameLen, sizeof(name)); } } } // Go to the next NULL character. while ( *p++ ); } while ( !bFound && *p ); // end of string } wcstr(buf, name, bufsize); return true; } } return false; }
/* * new_client() * Create new per-connect structure */ static void new_client(struct msg *m) { struct file *f; /* * Get data structure */ if ((f = malloc(sizeof(struct file))) == 0) { msg_err(m->m_sender, strerror()); return; } /* * Fill in fields. Note that our buffer is the * information on the permissions our client * possesses. For an M_CONNECT, the message is * from the kernel, and trusted. * * As soon as possible, check access modes and bomb * if they're bad. */ f->f_nperm = m->m_buflen/sizeof(struct perm); bcopy(m->m_buf, &f->f_perms, f->f_nperm*sizeof(struct perm)); if (can_access(f, m->m_arg, &namer_prot)) { msg_err(m->m_sender, EPERM); free(f); return; } /* f->f_mode set by can_access() */ f->f_pos = 0L; /* * Hash under the sender's handle */ if (hash_insert(filehash, m->m_sender, f)) { free(f); msg_err(m->m_sender, ENOMEM); return; } /* * Start out at root node */ f->f_node = &rootnode; rootnode.n_refs += 1; /* * Return acceptance */ msg_accept(m->m_sender); }
int exec_prog_syst(t_vars *v) { t_exec c; c.exe = 0; if (v->argc >= 1 && can_access(v->argv[0])) c.exe = my_xexecve(v, v->argv[0]); else if (v->argc >= 1 && (c.path = get_the_path(v))) { c.i = 0; while (c.path[c.i]) { c.bin_path = my_strcat(c.path[c.i], "/"); c.bin_name = my_strcat(c.bin_path, v->argv[0]); if (can_access(c.bin_name)) c.exe = my_xexecve(v, c.bin_name); c.bin_name = my_xxfree(c.bin_name); c.bin_path = my_xxfree(c.bin_path); c.i += 1; } c.path = my_xfree_tab(c.path); } return (c.exe); }
void handle_request(char *request, const struct ucred *src) { char *buff; int omode; if ((buff = strdup(request)) == NULL) { perror("strdup(3) couldn't allocate memory"); return; } if (sscanf(request, "open %s %d", buff, &omode) != 2) { fprintf(stderr, "Invalid request: %s\n", request); goto outbuff; } if (!can_access(buff, src)) { errno = EACCES; if (send_errno(STDOUT_FILENO) < 0) { fprintf(stderr, "send_errno() failed attempting to notify client: %s\n", strerror(errno)); fprintf(stderr, "Note: Permission denied for pid %ld to open %s (euid = %ld, egid = %ld)\n", (long) src->pid, buff, (long) src->uid, (long) src->gid); } goto outbuff; } int fd = open(buff, omode); if (fd < 0) { int open_error = errno; if (send_errno(STDOUT_FILENO) < 0) { fprintf(stderr, "send_errno() failed attempting to notify client: %s\n", strerror(errno)); fprintf(stderr, "Note: couldn't open %s: %s\n", buff, strerror(open_error)); } goto outbuff; } if (send_fd(STDOUT_FILENO, fd) < 0) { fprintf(stderr, "send_fd() failed attempting to send fd for %s: %s\n", buff, strerror(errno)); goto outclose; } outclose: close(fd); outbuff: free(buff); }
int request_list(char **cmp, int client_fd) { char *dir_name; DIR *dir; char *tmp; dir_name = (cmp[1] == 0 ? "." : cmp[1]); if (can_access(dir_name, R_OK) == -1 || (dir = opendir(dir_name)) == NULL) { send_response(client_fd, NOTFOUND, strerror(errno)); return (0); } if ((tmp = proceed_list(dir)) == NULL) send_response(client_fd, NOTFOUND, "Error, list failed"); else send_response(client_fd, LIST, tmp); closedir(dir); return (0); }
int redirection_gauche(t_struct *pile, char *str, int i) { int flag; char *tmp; i++; flag = 0; tmp = extraction_file(str, i, tmp, pile); if (tmp != NULL) { if (can_access(tmp, 0, 0) == 1) return (NOT_OK); if (redir_leftsec(tmp, flag, pile) == NOT_OK) return (NOT_OK); } else { my_putstr(INV_COM, 2); return (NOT_OK); } return (OK); }
/* * The interface - hook to obtain an AFS token if needed based on the * result of a stat (returned by can_access) or an open file */ int afs_auth_internal(request_rec * r, char *cell) { afsassert(r); afsassert(r->uri); afsassert(cell); if (FIND_LINKED_MODULE("afs_module.c") != NULL) { int rc, status; char *type; static int haveToken = 1; /* assume that we always have a token */ extern int logAccessErrors; /* * Get afs_authtype directive value for that directory or location */ type = (char *)get_afsauthtype(r); /* * UserDir (tilde) support */ #ifndef APACHE_1_3 if (FIND_LINKED_MODULE("mod_userdir.c") != NULL) { rc = translate_userdir(r); if ((rc != OK) && (rc != DECLINED)) { LOG_REASON("afs_module: Failure while translating userdir", r->uri, r); return rc; } } #endif afslog(20, ("%s: pid:%d r->uri:%s", module_name, getpid(), r->uri)); if (type) afslog(20, ("%s: AFSAuthType: %s", module_name, type)); else afslog(20, ("%s: AFSAuthType NULL", module_name)); /* if AuthType is not AFS, then unlog any existing tokens and DECLINE */ if (type == NULL) { if (haveToken) unlog(); return DECLINED; } if ((strcasecmp(type, AFS_AUTHTYPE)) && (strcasecmp(type, AFS_DFS_AUTHTYPE))) { if (haveToken) unlog(); afslog(10, ("%s: Error unknown AFSAuthType:%s returning DECLINED", module_name, type)); return DECLINED; } if (cell) status = authenticateUser(r, cell, afs_str->cacheExpiration, type); else status = authenticateUser(r, afs_str->defaultCell, afs_str->cacheExpiration, type); if (status != OK) { afslog(10, ("%s: Returning status %d", module_name, status)); return status; } /* can we access this URL? */ rc = can_access(r); if (rc == OK) { return DECLINED; } if (rc == REDIRECT) { return REDIRECT; } if (rc == FORBIDDEN) { rc = forbToAuthReqd(r); if (rc == FORBIDDEN) { if (logAccessErrors) { log_Access_Error(r); } } return rc; } return DECLINED; } }
char * rd_metadata_name(void) { char *p, *q, *metafile; char path[MAXPATH], pinerc_dir[MAXPATH]; struct variable *vars = ps_global->vars; dprint((9, "rd_metadata_name\n")); pinerc_dir[0] = '\0'; if(ps_global->pinerc){ char *prcn = ps_global->pinerc; char *lc; if((lc = last_cmpnt(prcn)) != NULL){ int to_copy; to_copy = (lc - prcn > 1) ? (lc - prcn - 1) : 1; strncpy(pinerc_dir, prcn, MIN(to_copy, sizeof(pinerc_dir)-1)); pinerc_dir[MIN(to_copy, sizeof(pinerc_dir)-1)] = '\0'; } else{ pinerc_dir[0] = '.'; pinerc_dir[1] = '\0'; } } /* * If there is no metadata file specified in the pinerc, create a filename. */ if(!(VAR_REMOTE_ABOOK_METADATA && VAR_REMOTE_ABOOK_METADATA[0])){ if(pinerc_dir[0] && (p = tempfile_in_same_dir(ps_global->pinerc, meta_prefix, NULL))){ /* fill in the pinerc variable */ q = p + strlen(pinerc_dir) + 1; set_variable(V_REMOTE_ABOOK_METADATA, q, 1, 0, Main); dprint((2, "creating name for metadata file: %s\n", q ? q : "?")); /* something's broken, return NULL rab */ if(!VAR_REMOTE_ABOOK_METADATA || !VAR_REMOTE_ABOOK_METADATA[0]){ our_unlink(p); fs_give((void **)&p); return(NULL); } fs_give((void **)&p); } else{ q_status_message(SM_ORDER, 3, 5, "can't create metadata file in pinerc directory, continuing"); return(NULL); } } build_path(path, pinerc_dir ? pinerc_dir : NULL, VAR_REMOTE_ABOOK_METADATA, sizeof(path)); metafile = path; /* * If the metadata file doesn't exist, create it. */ if(can_access(metafile, ACCESS_EXISTS) != 0){ int fd; if((fd = our_open(metafile, O_CREAT|O_EXCL|O_WRONLY|O_BINARY, 0600)) < 0){ set_variable(V_REMOTE_ABOOK_METADATA, NULL, 1, 0, Main); q_status_message2(SM_ORDER, 3, 5, "can't create cache file %.200s, continuing (%.200s)", metafile, error_description(errno)); dprint((2, "can't create metafile %s: %s\n", metafile ? metafile : "?", error_description(errno))); return(NULL); } dprint((2, "created metadata file: %s\n", metafile ? metafile : "?")); (void)close(fd); } return(cpystr(metafile));; }
int check_mailfile_size(char *mfile) { /** Check to ensure we have mail. Only used with the '-z' starting option. So we output a diagnostic if there is no mail to read (including forwarding). Return 0 if there is mail, <0 if no permission to check, 1 if no mail, 2 if no mail because mail is being forwarded. **/ char firstline[SLEN]; int retcode; struct stat statbuf; FILE *fp = NULL; /* see if file exists first */ if (can_access(mfile, READ_ACCESS) != 0) retcode = 1; /* no file or no perm */ /* read access - now see if file has a reasonable size */ else if ((fp = fopen(mfile, "r")) == NULL) retcode = -1; /* no perm? should have detected this above! */ else if (fstat(fileno(fp), &statbuf) == -1) retcode = -1; /* arg error! */ else if (statbuf.st_size < 2) retcode = 1; /* empty or virtually empty, e.g. just a newline */ /* file has reasonable size - see if forwarding */ else if (mail_gets (firstline, SLEN, fp) == 0) retcode = 1; /* empty? should have detected this above! */ else if (strbegConst(firstline, FORWARDSIGN)) retcode = 2; /* forwarding */ /* not forwarding - so file must have some mail in it */ else retcode = 0; /* now display the appropriate message if there isn't mail in it */ switch(retcode) { case -1: fprintf(stderr, catgets(elm_msg_cat, ElmSet, ElmNoPermRead, "You have no permission to read %s!\n\r"), mfile); break; case 1: fprintf(stderr, catgets(elm_msg_cat, ElmSet, ElmNoMail, "You have no mail.\n\r")); break; case 2: no_ret(firstline) /* remove newline before using */ fprintf(stderr, catgets(elm_msg_cat, ElmSet,ElmMailBeingForwarded, "Your mail is being forwarded to %s.\n\r"), firstline + strlen(FORWARDSIGN)); break; } if (fp) fclose(fp); return(retcode); }