libsandbox: catch calls to remove()

People rarely use this, but all it takes is one lame package.

URL: http://bugs.gentoo.org/297684
Reported-by: Pacho Ramos <pacho@gentoo.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>

diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index 70c30b2..fd3d2ea 100644 (file)
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -637,6 +637,7 @@ static bool symlink_func(int sb_nr, int flags, const char *abs_path)
        if (!(sb_nr == SB_NR_UNLINK   ||
              sb_nr == SB_NR_UNLINKAT ||
              sb_nr == SB_NR_LCHOWN   ||
+             sb_nr == SB_NR_REMOVE   ||
              sb_nr == SB_NR_RENAME   ||
              sb_nr == SB_NR_SYMLINK))
        {
@@ -736,6 +737,7 @@ static int check_access(sbcontext_t *sbcontext, int sb_nr, const char *func,
            sb_nr == SB_NR_MKNOD       ||
            sb_nr == SB_NR_MKNODAT     ||
            sb_nr == SB_NR_OPEN_WR     ||
+           sb_nr == SB_NR_REMOVE      ||
            sb_nr == SB_NR_RENAME      ||
            sb_nr == SB_NR_RENAMEAT    ||
            sb_nr == SB_NR_RMDIR       ||

diff --git a/libsandbox/symbols.h.in b/libsandbox/symbols.h.in
index b674b5e..cf33e72 100644 (file)
--- a/libsandbox/symbols.h.in
+++ b/libsandbox/symbols.h.in
@@ -31,6 +31,7 @@ mkfifo
 mkfifoat
 access
 faccessat
+remove
 rename
 renameat
 rmdir

diff --git a/libsandbox/wrapper-funcs/remove.c b/libsandbox/wrapper-funcs/remove.c
new file mode 100644 (file)
index 0000000..10b3c0e
--- /dev/null
+++ b/libsandbox/wrapper-funcs/remove.c
@@ -0,0 +1,12 @@
+/*
+ * remove() wrapper.
+ *
+ * Copyright 1999-2009 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+#define WRAPPER_ARGS_PROTO const char *pathname
+#define WRAPPER_ARGS pathname
+#define WRAPPER_SAFE() SB_SAFE(pathname)
+#define WRAPPER_PRE_CHECKS() sb_unlinkat_pre_check(STRING_NAME, pathname, AT_FDCWD)
+#include "__wrapper_simple.c"

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 6405bc6..5f9702c 100644 (file)
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -43,6 +43,7 @@ check_PROGRAMS = \
        openat_static-0 \
        openat64-0 \
        opendir-0 \
+       remove-0 \
        rename-0 \
        renameat-0 \
        signal_static-0 \

diff --git a/tests/remove-0.c b/tests/remove-0.c
new file mode 100644 (file)
index 0000000..1e9444f
--- /dev/null
+++ b/tests/remove-0.c
@@ -0,0 +1,12 @@
+#define FUNC remove
+#define SFUNC "remove"
+#define FUNC_STR "\"%s\""
+#define FUNC_IMP path
+#define ARG_CNT 1
+#define ARG_USE "<path>"
+
+#define process_args() \
+       s = argv[i++]; \
+       char *path = s;
+
+#include "test-skel-0.c"

diff --git a/tests/remove-1.sh b/tests/remove-1.sh
new file mode 100755 (executable)
index 0000000..89c2a7e
--- /dev/null
+++ b/tests/remove-1.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+# make sure we catch openat with relative path
+[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
+
+export SANDBOX_LOG=$PWD/sb.log
+remove-0 -1 f
+test -e sb.log

diff --git a/tests/remove.at b/tests/remove.at
new file mode 100644 (file)
index 0000000..081d7d2
--- /dev/null
+++ b/tests/remove.at
@@ -0,0 +1 @@
+SB_CHECK(1)

diff --git a/tests/testsuite.at b/tests/testsuite.at
index 846dc80..ca0f09c 100644 (file)
--- a/tests/testsuite.at
+++ b/tests/testsuite.at
@@ -26,6 +26,7 @@ sb_inc([open])
 sb_inc([open_static])
 sb_inc([openat])
 sb_inc([openat_static])
+sb_inc([remove])
 sb_inc([rename])
 sb_inc([renameat])
 sb_inc([sb_printf])
@@ -33,6 +34,7 @@ sb_inc([script])
 sb_inc([signal_static])
 sb_inc([symlink])
 sb_inc([symlinkat])
+sb_inc([unlink])
 sb_inc([utimensat])
 sb_inc([utimensat_static])
 sb_inc([vfork])

diff --git a/tests/unlink-1.sh b/tests/unlink-1.sh
new file mode 100755 (executable)
index 0000000..74d4403
--- /dev/null
+++ b/tests/unlink-1.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+# make sure we catch openat with relative path
+[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
+
+export SANDBOX_LOG=$PWD/sb.log
+unlink-0 -1 f
+test -e sb.log

diff --git a/tests/unlink.at b/tests/unlink.at
new file mode 100644 (file)
index 0000000..081d7d2
--- /dev/null
+++ b/tests/unlink.at
@@ -0,0 +1 @@
+SB_CHECK(1)