aboutsummaryrefslogtreecommitdiff
path: root/src/librc/librc-daemon.c
AgeCommit message (Collapse)Author
2019-02-23librc: fix potential buffer overflow in pid_is_argvWilliam Hubbs
This fixes #299.
2019-02-23Revert "src/librc/librc-daemon.c: fix buffer overrun in pid_is_argv"William Hubbs
This reverts commit 084877eb52971faf8f52c780ddd08ed9af140eb6. The mentioned commit caused some systems to have some services reported as crashed. This fixes #297. This fixes #298.
2018-12-27fix potential out-of-bounds readsphilhofer
readlink(3) does not nul-terminate the result it sticks into the supplied buffer. Consequently, the code rc = readlink(path, buf, sizeof(buf)); does not necessarily produce a C string. The code in rc_find_pid() produces some C strings this way and passes them to strlen() and strcmp(), which can lead to an out-of-bounds read. In this case, since the code already takes care to zero-initialize the buffers before passing them to readlink(3), only allow sizeof(buf)-1 bytes to be returned. (While fixing this issue, I fixed two other locations that used the same problematic pattern.) This fixes #270.
2018-12-24src/librc/librc-daemon.c: fix buffer overrun in pid_is_argvphilhofer
The contents of /proc/<pid>/cmdline are read into a stack buffer using bytes = read(fd, buffer, sizeof(buffer)); followed by appending a null terminator to the buffer with buffer[bytes] = '\0'; If bytes == sizeof(buffer), then this write is out-of-bounds. Refactor the code to use rc_getfile instead, since PATH_MAX is not the maximum size of /proc/<pid>/cmdline. (I hit this issue in practice while compiling Linux; it tripped the stack-smashing protector.) This is roughly the same buffer overflow condition that was fixed by commit 0ddee9b7d2b8dea810e252ca6a95c457876df120 This fixes #269.
2018-06-27librc-daemon.c: fix memory leaksWilliam Hubbs
2018-06-22librc-daemon: convert most snprintf calls to xasprintfWilliam Hubbs
2017-11-13rc_find_pids: namespace fixWilliam Hubbs
Ignore namespaces if there are errors reading either the pid namespace for the current process or the process we aare testing. This fixes https://github.com/openrc/openrc/issues/180.
2017-10-24rc_find_pids: ignore pids that are not in our pid namespaceWilliam Hubbs
X-Gentoo-Bug: 634634 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=634634
2015-12-21Convert OpenRC to a centralized copyright/license structureWilliam Hubbs
In the past, OpenRC was a hybrid of a centralized and file-scope license/copyright structure. I followed the instructions from the Software Freedom Law Center [1] to convert to a Centralized structure where possible, for easier future maintenance. [1] https://softwarefreedom.org/resources/2012/ManagingCopyrightInformation.html
2015-11-11Standardize macro tests for gnu hurdBenda Xu
This also fixes breakage of GNU/hurd builds introduced by commit 3f82edbeb92.
2015-04-27convert all references from runscript to openrc-runWilliam Hubbs
2015-03-24Fix some compiler warningsDoug Freed
librc: Fix C90 warning (mixed declaration and code) rc: Fix warning about discarding const qualifier Fixes #45.
2015-01-12fix double free of pidfileDoug Freed
This fixes a double free of the pidfile variable. For discussion of this issue, see the bug. X-Gentoo-Bug: 531600 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=531600
2014-11-01Fix incorrect handling of chroot option.Alexander Vershilov
Fixes #28. X-Gentoo-Bug: #527370 X-Gentoo-Bug-Url: https://bugs.gentoo.org/show_bug.cgi?id=527370
2014-10-23Bundle <sys/queue.h> from NetBSDAnthony G. Basile
We are bundling this to allow building on musl-based systems since musl does not include <sys/queue.h>.
2014-10-23Fix all tests for GNU/kFreeBSDWilliam Hubbs
It is necessary to check for both the kernel and c library because __FreeBSD_kernel is also defined on native FreeBSD [1]. [1] http://sourceforge.net/p/predef/wiki/OperatingSystems/
2014-10-22Fix GNU/kFreeBSD portSvante Signell
Check for __FreeBSD_kernel instead of __GLIBC__ in source files. note from William Hubbs: I was told this is a better check for GNU/kFreeBSD than checking the C library the source is being compiled against. GNU/kFreeBSD than checking which library we are using.
2014-10-20librc:look for the pid file in a chroot if definedAlexander Vershilov
X-Gentoo-Bug: 524388 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=524388
2014-07-19src/librc/librc-daemon.c: style fixWilliam Hubbs
2014-06-20librc: filter out container processes on OpenVZ hostWilliam Hubbs
Thanks to info and testing done by Daniel Robbins <drobbins@funtoo.org>, there is now a fix for this. Below is his description of the steps OpenRC needed to use. 1) See if /proc/<pid>/status exists 2) If it does, see if it has a "envID:" field 3) If it does, see if "envID:" is set to "0" 4) If so, then it's one of the host's processes and should be a candidate for the list. Otherwise, it is one of the container's processes and should be ignored. This should fix the bug and allow start-stop-daemon to work properly on OpenVZ hosts. X-Gentoo-Bug: 376817 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=376817
2013-10-30Begin port to GNU/kFreeBSDSteven Chamberlain
This is just a minimal port to get Debian up and running; the rest will be done later.
2013-07-25Add support for DragonFly BSDGary
2011-06-29drop useless "All rights reserved" noticeMike Frysinger
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2011-05-28librc: tweak style: foo () -> foo()Mike Frysinger
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2011-01-17Style fix: "char *foo" not "char* foo".Robin H. Johnson
2011-01-17Clean up all trailing whitespace in src/.Robin H. Johnson
2009-05-01Add (c) to CopyrightRoy Marples
2009-04-25Use kill for the pid check as it's fast.Roy Marples
2009-04-23Improve style for KNFRoy Marples
2009-01-12CopyrightRoy Marples
2009-01-12Use snprintf instead of strlcpy to save on size if not available.Roy Marples
2008-09-22We don't check exec when starting, so don't when testing for crashed.Roy Marples
2008-09-19Fix stopping wpa_supplicant incorrectly, #107Roy Marples
2008-07-27Attempt to make s-s-d simpler by not enforcing the need for a full path and ↵Roy Marples
maybe working better with interpreted scripts.
2008-04-30Wups, test compiles before commiting :)Roy Marples
2008-04-30Remove redundant checking of /proc/pid/exeRoy Marples
2008-04-30Save a few bytes and make it easier to read.Roy Marples
2008-04-30No need to init this.Roy Marples
2008-04-30Make the function a little smaller.Roy Marples
2008-04-30StyleRoy Marples
2008-04-21If we don't have permission to inspect the pidfile, don't report crashed. ↵Roy Marples
Gentoo #218028.
2008-03-26Add license blurb to a few files and append my email to my name.Roy Marples
2008-03-21We should only free the buffer when done reading the dir.Roy Marples
2008-03-17Make rc_getline private and save it's buffer so it's sort of like getline ↵Roy Marples
from glibc.
2008-03-17init some vars.Roy Marples
2008-03-17We should check for NULL here.Roy Marples
2008-03-17Punt the rc_strcatpaths function and use snprintf instead to save on ↵Roy Marples
expensive malloc calls.
2008-03-17rc_find_pids now returns RC_PIDLIST instead of a NULL terminated array.Roy Marples
2008-03-16Remove null terminated char ** lists in favour of RC_STRINGLIST, using TAILQ ↵Roy Marples
from queue(3). Refactor code style around the BSD KNF.
2008-03-03Sanitise the BSD defines a little.Roy Marples