source-git / openscap

Clone
Source Code
GIT

Blame src/OVAL/probes/independent/environmentvariable58_probe.c

c8 c8s master
  1.   9fde34a9368600463ad0960fd2991f3e2174c7e4
  2.   src
  3.   OVAL
  4.   probes
  5.   independent
  6.   environmentvariable58_probe.c
Blob History Raw
Packit Service 569379 
/**
Packit Service 569379 
 * @file   environmentvariable58_probe.c
Packit Service 569379 
 * @brief  environmentvariable58 probe
Packit Service 569379 
 * @author "Petr Lautrbach" <plautrba@redhat.com>
Packit Service 569379 
 *
Packit Service 569379 
 *  This probe is able to process a environmentvariable58_object as defined in OVAL 5.8.
Packit Service 569379 
 *
Packit Service 569379 
 */
Packit Service 569379
Packit Service 569379 
/*
Packit Service 569379 
 * Copyright 2009-2011 Red Hat Inc., Durham, North Carolina.
Packit Service 569379 
 * All Rights Reserved.
Packit Service 569379 
 *
Packit Service 569379 
 * This library is free software; you can redistribute it and/or
Packit Service 569379 
 * modify it under the terms of the GNU Lesser General Public
Packit Service 569379 
 * License as published by the Free Software Foundation; either
Packit Service 569379 
 * version 2.1 of the License, or (at your option) any later version.
Packit Service 569379 
 *
Packit Service 569379 
 * This library is distributed in the hope that it will be useful,
Packit Service 569379 
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 569379 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 569379 
 * Lesser General Public License for more details.
Packit Service 569379 
 *
Packit Service 569379 
 * You should have received a copy of the GNU Lesser General Public
Packit Service 569379 
 * License along with this library; if not, write to the Free Software
Packit Service 569379 
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Packit Service 569379 
 *
Packit Service 569379 
 * Authors:
Packit Service 569379 
 *   Petr Lautrbach <plautrba@redhat.com>
Packit Service 569379 
 */
Packit Service 569379
Packit Service 569379 
/*
Packit Service 569379 
 * environmentvariable58 probe:
Packit Service 569379 
 *
Packit Service 569379 
 * pid
Packit Service 569379 
 * name
Packit Service 569379 
 * value
Packit Service 569379 
 */
Packit Service 569379
Packit Service 569379 
#ifdef HAVE_CONFIG_H
Packit Service 569379 
#include <config.h>
Packit Service 569379 
#endif
Packit Service 569379
Packit Service 569379 
#include <stdlib.h>
Packit Service 569379 
#include <unistd.h>
Packit Service 569379 
#include <string.h>
Packit Service 569379 
#include <stdio.h>
Packit Service 569379 
#include <errno.h>
Packit Service 569379 
#include <sys/stat.h>
Packit Service 569379 
#include <fcntl.h>
Packit Service 569379 
#include <sys/types.h>
Packit Service 569379 
#include <dirent.h>
Packit Service 569379
Packit Service 569379 
#include <probe/probe.h>
Packit Service 569379 
#include "_seap.h"
Packit Service 569379 
#include "probe-api.h"
Packit Service 569379 
#include "probe/entcmp.h"
Packit Service 569379 
#include "common/debug_priv.h"
Packit Service 569379 
#include "environmentvariable58_probe.h"
Packit Service 569379
Packit Service 569379 
#define BUFFER_SIZE 256
Packit Service 569379
Packit Service 569379 
extern char **environ;
Packit Service 569379
Packit Service 569379 
static int collect_variable(char *buffer, size_t env_name_size, int pid, SEXP_t *name_ent, probe_ctx *ctx)
Packit Service 569379 
{
Packit Service 569379 
	int res = 1;
Packit Service 569379
Packit Service 569379 
	SEXP_t *env_name = SEXP_string_new(buffer, env_name_size);
Packit Service 569379 
	SEXP_t *env_value = SEXP_string_newf("%s", buffer + env_name_size + 1);
Packit Service 569379
Packit Service 569379 
	if (probe_entobj_cmp(name_ent, env_name) == OVAL_RESULT_TRUE) {
Packit Service 569379 
		SEXP_t *item = probe_item_create(
Packit Service 569379 
			OVAL_INDEPENDENT_ENVIRONMENT_VARIABLE58, NULL,
Packit Service 569379 
			"pid", OVAL_DATATYPE_INTEGER, (int64_t)pid,
Packit Service 569379 
			"name",  OVAL_DATATYPE_SEXP, env_name,
Packit Service 569379 
			"value", OVAL_DATATYPE_SEXP, env_value,
Packit Service 569379 
			NULL);
Packit Service 569379 
		probe_item_collect(ctx, item);
Packit Service 569379 
		res = 0;
Packit Service 569379 
	}
Packit Service 569379 
	SEXP_free(env_name);
Packit Service 569379 
	SEXP_free(env_value);
Packit Service 569379
Packit Service 569379 
	return res;
Packit Service 569379 
}
Packit Service 569379
Packit Service 569379 
static int read_environment(SEXP_t *pid_ent, SEXP_t *name_ent, probe_ctx *ctx)
Packit Service 569379 
{
Packit Service 569379 
	int err = 1, pid, fd;
Packit Service 569379 
	bool empty;
Packit Service 569379 
	SEXP_t *item, *pid_sexp;
Packit Service 569379 
	DIR *d;
Packit Service 569379 
	struct dirent *d_entry;
Packit Service 569379 
	char *buffer, *null_char, path[PATH_MAX] = {0};
Packit Service 569379 
	ssize_t buffer_used;
Packit Service 569379 
	size_t buffer_size;
Packit Service 569379
Packit Service 9fde34 
	const char *extra_vars = getenv("OSCAP_CONTAINER_VARS");
Packit Service 9fde34 
	if (extra_vars && *extra_vars) {
Packit Service 9fde34 
		char *vars = strdup(extra_vars);
Packit Service 9fde34 
		char *tok, *eq_chr, *str, *strp;
Packit Service 9fde34
Packit Service 9fde34 
		for (str = vars; ; str = NULL) {
Packit Service 9fde34 
			tok = strtok_r(str, "\n", &strp;;
Packit Service 9fde34 
			if (tok == NULL)
Packit Service 9fde34 
				break;
Packit Service 9fde34 
			eq_chr = strchr(tok, '=');
Packit Service 9fde34 
			if (eq_chr == NULL)
Packit Service 9fde34 
				continue;
Packit Service 9fde34 
			PROBE_ENT_I32VAL(pid_ent, pid, pid = -1;, pid = 0;);
Packit Service 9fde34 
			collect_variable(tok, eq_chr - tok, pid, name_ent, ctx);
Packit Service 9fde34 
		}
Packit Service 9fde34
Packit Service 9fde34 
		free(vars);
Packit Service 9fde34 
		return 0;
Packit Service 9fde34 
	}
Packit Service 9fde34
Packit Service 569379 
	const char *prefix = getenv("OSCAP_PROBE_ROOT");
Packit Service 569379 
	snprintf(path, PATH_MAX, "%s/proc", prefix ? prefix : "");
Packit Service 569379 
	d = opendir(path);
Packit Service 569379 
	if (d == NULL) {
Packit Service 9fde34 
		dE("Can't read %s/proc: errno=%d, %s.", prefix ? prefix : "", errno, strerror(errno));
Packit Service 9fde34 
		return PROBE_EACCESS;
Packit Service 569379 
	}
Packit Service 569379
Packit Service 569379 
	if ((buffer = realloc(NULL, BUFFER_SIZE)) == NULL) {
Packit Service 569379 
		dE("Can't allocate memory");
Packit Service 569379 
		closedir(d);
Packit Service 569379 
		return PROBE_EFAULT;
Packit Service 569379 
	}
Packit Service 569379 
	buffer_size = BUFFER_SIZE;
Packit Service 569379
Packit Service 569379 
	while ((d_entry = readdir(d))) {
Packit Service 569379 
		if (strspn(d_entry->d_name, "0123456789") != strlen(d_entry->d_name))
Packit Service 569379 
			continue;
Packit Service 569379
Packit Service 569379 
		pid = atoi(d_entry->d_name);
Packit Service 569379 
		pid_sexp = SEXP_number_newi_32(pid);
Packit Service 569379
Packit Service 569379 
		if (probe_entobj_cmp(pid_ent, pid_sexp) != OVAL_RESULT_TRUE) {
Packit Service 569379 
			SEXP_free(pid_sexp);
Packit Service 569379 
			continue;
Packit Service 569379 
		}
Packit Service 569379 
		SEXP_free(pid_sexp);
Packit Service 569379
Packit Service 569379 
		snprintf(path, PATH_MAX, "%s/proc/%d/environ", prefix ? prefix : "", pid);
Packit Service 569379 
		if ((fd = open(path, O_RDONLY)) == -1) {
Packit Service 569379 
			dE("Can't open \"%s\": errno=%d, %s.", path, errno, strerror (errno));
Packit Service 569379 
			item = probe_item_create(
Packit Service 569379 
					OVAL_INDEPENDENT_ENVIRONMENT_VARIABLE58, NULL,
Packit Service 569379 
					"pid", OVAL_DATATYPE_INTEGER, (int64_t)pid,
Packit Service 569379 
					NULL
Packit Service 569379 
			);
Packit Service 569379
Packit Service 569379 
			probe_item_setstatus(item, SYSCHAR_STATUS_ERROR);
Packit Service 569379 
			probe_item_add_msg(item, OVAL_MESSAGE_LEVEL_ERROR,
Packit Service 569379 
					   "Can't open \"%s\": errno=%d, %s.", path, errno, strerror (errno));
Packit Service 569379 
			probe_item_collect(ctx, item);
Packit Service 569379 
			continue;
Packit Service 569379 
		}
Packit Service 569379
Packit Service 569379 
		empty = true;
Packit Service 569379
Packit Service 569379 
		if ((buffer_used = read(fd, buffer, buffer_size - 1)) > 0) {
Packit Service 569379 
			empty = false;
Packit Service 569379 
		}
Packit Service 569379
Packit Service 569379 
		while (! empty) {
Packit Service 569379 
			while (! (null_char = memchr(buffer, 0, buffer_used))) {
Packit Service 569379 
				ssize_t s;
Packit Service 569379 
				if ((size_t)buffer_used >= buffer_size) {
Packit Service 569379 
					buffer_size += BUFFER_SIZE;
Packit Service 569379 
					buffer = realloc(buffer, buffer_size);
Packit Service 569379 
					if (buffer == NULL) {
Packit Service 569379 
						dE("Can't allocate memory");
Packit Service 569379 
						exit(ENOMEM);
Packit Service 569379 
					}
Packit Service 569379
Packit Service 569379 
				}
Packit Service 569379 
				s = read(fd, buffer + buffer_used, buffer_size - buffer_used);
Packit Service 569379 
				if (s <= 0) {
Packit Service 569379 
					empty = true;
Packit Service 569379 
					buffer[buffer_used++] = 0;
Packit Service 569379 
				}
Packit Service 569379 
				else {
Packit Service 569379 
					buffer_used += s;
Packit Service 569379 
				}
Packit Service 569379 
			}
Packit Service 569379
Packit Service 569379 
			do {
Packit Service 569379 
				char *eq_char = strchr(buffer, '=');
Packit Service 569379 
				if (eq_char == NULL) {
Packit Service 569379 
					/* strange but possible:
Packit Service 569379 
					 * $ strings /proc/1218/environ
Packit Service 569379 
 					/dev/input/event0 /dev/input/event1 /dev/input/event4 /dev/input/event3
Packit Service 569379 
					*/
Packit Service 569379 
					buffer_used -= null_char + 1 - buffer;
Packit Service 569379 
					memmove(buffer, null_char + 1, buffer_used);
Packit Service 569379 
					continue;
Packit Service 569379 
				}
Packit Service 569379
Packit Service 569379 
				collect_variable(buffer, eq_char - buffer, pid, name_ent, ctx);
Packit Service 569379
Packit Service 569379 
				buffer_used -= null_char + 1 - buffer;
Packit Service 569379 
				memmove(buffer, null_char + 1, buffer_used);
Packit Service 569379 
			} while ((null_char = memchr(buffer, 0, buffer_used)));
Packit Service 569379 
		}
Packit Service 569379
Packit Service 569379 
		close(fd);
Packit Service 569379 
	}
Packit Service 569379 
	closedir(d);
Packit Service 569379 
	free(buffer);
Packit Service 569379 
	if (err) {
Packit Service 569379 
		SEXP_t *msg = probe_msg_creatf(OVAL_MESSAGE_LEVEL_ERROR,
Packit Service 569379 
				"Can't find process with requested PID.");
Packit Service 569379 
		probe_cobj_add_msg(probe_ctx_getresult(ctx), msg);
Packit Service 569379 
		SEXP_free(msg);
Packit Service 569379 
		err = 0;
Packit Service 569379 
	}
Packit Service 569379
Packit Service 569379 
	return err;
Packit Service 569379 
}
Packit Service 569379
Packit Service 569379 
int environmentvariable58_probe_offline_mode_supported(void)
Packit Service 569379 
{
Packit Service 569379 
	return PROBE_OFFLINE_OWN;
Packit Service 569379 
}
Packit Service 569379
Packit Service 569379 
int environmentvariable58_probe_main(probe_ctx *ctx, void *arg)
Packit Service 569379 
{
Packit Service 569379 
	SEXP_t *probe_in, *name_ent, *pid_ent;
Packit Service 569379 
	int pid, err;
Packit Service 569379
Packit Service 569379 
	probe_in  = probe_ctx_getobject(ctx);
Packit Service 569379 
	name_ent = probe_obj_getent(probe_in, "name", 1);
Packit Service 569379
Packit Service 569379 
	if (name_ent == NULL) {
Packit Service 569379 
		return PROBE_ENOENT;
Packit Service 569379 
	}
Packit Service 569379
Packit Service 569379 
	pid_ent = probe_obj_getent(probe_in, "pid", 1);
Packit Service 569379 
	if (pid_ent == NULL) {
Packit Service 569379 
		SEXP_free(name_ent);
Packit Service 569379 
		return PROBE_ENOENT;
Packit Service 569379 
	}
Packit Service 569379
Packit Service 569379 
	PROBE_ENT_I32VAL(pid_ent, pid, pid = -1;, pid = 0;);
Packit Service 569379
Packit Service 569379 
	if (pid == -1) {
Packit Service 569379 
		SEXP_free(name_ent);
Packit Service 569379 
		SEXP_free(pid_ent);
Packit Service 569379 
		return PROBE_ERANGE;
Packit Service 569379 
	}
Packit Service 569379
Packit Service 569379 
	if (pid == 0) {
Packit Service 569379 
		/* overwrite pid value with actual pid */
Packit Service 569379 
		SEXP_t *nref, *nval, *new_pid_ent;
Packit Service 569379
Packit Service 569379 
		nref = SEXP_list_first(probe_in);
Packit Service 569379 
		nval = SEXP_number_newu_32(getpid());
Packit Service 569379 
		new_pid_ent = SEXP_list_new(nref, nval, NULL);
Packit Service 569379 
		SEXP_free(pid_ent);
Packit Service 569379 
		SEXP_free(nref);
Packit Service 569379 
		SEXP_free(nval);
Packit Service 569379 
		pid_ent = new_pid_ent;
Packit Service 569379 
	}
Packit Service 569379
Packit Service 569379 
	err = read_environment(pid_ent, name_ent, ctx);
Packit Service 569379
Packit Service 569379 
	SEXP_free(name_ent);
Packit Service 569379 
	SEXP_free(pid_ent);
Packit Service 569379
Packit Service 569379 
	return err;
Packit Service 569379 
}

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation