Google Git
Sign in
akaros/upstream/c34d074cd200620b19a2536652ed156b4d0e207d^!/.
commit
c34d074cd200620b19a2536652ed156b4d0e207d
[log] [tgz]
author
Barret Rhoden <brho@cs.berkeley.edu>
Mon Apr 20 18:38:40 2015 -0400
committer
Barret Rhoden <brho@cs.berkeley.edu>
Mon Apr 20 18:38:40 2015 -0400
tree
a0453d8039e5eba3db7a8baa24e867f157f2d5fb
parent
572f500f0f636d54a55336dafa84f2bce8c3742a [diff]
Syscall tests for PATH_MAX

Even though it's possible for the user to build a path longer than
PATH_MAX (e.g. 16 NAME_MAX filenames), we still need a limit.  If
anything 4096 seems ridiculously large (and will trigger 2-contig page
allocs...).

diff --git a/kern/src/syscall.c b/kern/src/syscall.c
index 7d2e0d5..9769707 100644
--- a/kern/src/syscall.c
+++ b/kern/src/syscall.c

@@ -313,6 +313,29 @@
 	return target;
 }
 
+/* Helper, copies a pathname from the process into the kernel.  Returns a string
+ * on success, which you must free with free_path.  Returns 0 on failure and
+ * sets errno. */
+static char *copy_in_path(struct proc *p, const char *path, size_t path_l)
+{
+	char *t_path;
+	/* PATH_MAX includes the \0 */
+	if (path_l > PATH_MAX) {
+		set_errno(ENAMETOOLONG);
+		return 0;
+	}
+	t_path = user_strdup_errno(p, path, path_l);
+	if (!t_path)
+		return 0;
+	return t_path;
+}
+
+/* Helper, frees a path that was allocated with copy_in_path. */
+static void free_path(struct proc *p, char *t_path)
+{
+	user_memdup_free(p, t_path);
+}
+
 /************** Utility Syscalls **************/
 
 static int sys_null(void)
@@ -475,13 +498,12 @@
 	struct file *program;
 	struct proc *new_p;
 
-	/* Copy in the path.  Consider putting an upper bound on path_l. */
-	t_path = user_strdup_errno(p, path, path_l);
+	t_path = copy_in_path(p, path, path_l);
 	if (!t_path)
 		return -1;
 	/* TODO: 9ns support */
 	program = do_file_open(t_path, 0, 0);
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	if (!program)
 		return -1;			/* presumably, errno is already set */
 	/* TODO: need to split the proc creation, since you must load after setting
@@ -698,8 +720,7 @@
 		set_errno(EINVAL);
 		return -1;
 	}
-	/* Copy in the path.  Consider putting an upper bound on path_l. */
-	t_path = user_strdup_errno(p, path, path_l);
+	t_path = copy_in_path(p, path, path_l);
 	if (!t_path)
 		return -1;
 	disable_irqsave(&state);	/* protect cur_ctx */
@@ -725,7 +746,7 @@
 	/* This could block: */
 	/* TODO: 9ns support */
 	program = do_file_open(t_path, 0, 0);
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	if (!program)
 		goto early_error;
 	if (!is_valid_elf(program)) {
@@ -1278,7 +1299,7 @@
 	struct file *file;
 
 	printd("File %s Open attempt oflag %x mode %x\n", path, oflag, mode);
-	char *t_path = user_strdup_errno(p, path, path_l);
+	char *t_path = copy_in_path(p, path, path_l);
 	if (!t_path)
 		return -1;
 	if (t) {
@@ -1291,7 +1312,7 @@
 	    ((oflag & (O_RDONLY | O_WRONLY | O_RDWR)) != O_WRONLY) &&
 	    ((oflag & (O_RDONLY | O_WRONLY | O_RDWR)) != O_RDWR)) {
 		set_errno(EINVAL);
-		user_memdup_free(p, t_path);
+		free_path(p, t_path);
 		return -1;
 	}
 
@@ -1313,7 +1334,7 @@
 			if ((oflag & O_CREATE) && (oflag & O_EXCL)) {
 				set_errno(EEXIST);
 				sysclose(fd);
-				user_memdup_free(p, t_path);
+				free_path(p, t_path);
 				return -1;
 			}
 		} else {
@@ -1323,7 +1344,7 @@
 			}
 		}
 	}
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	printd("File %s Open, fd=%d\n", path, fd);
 	return fd;
 }
@@ -1392,7 +1413,7 @@
 {
 	struct kstat *kbuf;
 	struct dentry *path_d;
-	char *t_path = user_strdup_errno(p, path, path_l);
+	char *t_path = copy_in_path(p, path, path_l);
 	int retval = 0;
 	if (!t_path)
 		return -1;
@@ -1423,7 +1444,7 @@
 out_with_kbuf:
 	kfree(kbuf);
 out_with_path:
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	return retval;
 }
 
@@ -1507,12 +1528,12 @@
                            int mode)
 {
 	int retval;
-	char *t_path = user_strdup_errno(p, path, path_l);
+	char *t_path = copy_in_path(p, path, path_l);
 	if (!t_path)
 		return -1;
 	/* TODO: 9ns support */
 	retval = do_access(t_path, mode);
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	printd("Access for path: %s retval: %d\n", path, retval);
 	if (retval < 0) {
 		set_errno(-retval);
@@ -1563,24 +1584,24 @@
                   char *new_path, size_t new_l)
 {
 	int ret;
-	char *t_oldpath = user_strdup_errno(p, old_path, old_l);
+	char *t_oldpath = copy_in_path(p, old_path, old_l);
 	if (t_oldpath == NULL)
 		return -1;
-	char *t_newpath = user_strdup_errno(p, new_path, new_l);
+	char *t_newpath = copy_in_path(p, new_path, new_l);
 	if (t_newpath == NULL) {
-		user_memdup_free(p, t_oldpath);
+		free_path(p, t_oldpath);
 		return -1;
 	}
 	ret = do_link(t_oldpath, t_newpath);
-	user_memdup_free(p, t_oldpath);
-	user_memdup_free(p, t_newpath);
+	free_path(p, t_oldpath);
+	free_path(p, t_newpath);
 	return ret;
 }
 
 intreg_t sys_unlink(struct proc *p, const char *path, size_t path_l)
 {
 	int retval;
-	char *t_path = user_strdup_errno(p, path, path_l);
+	char *t_path = copy_in_path(p, path, path_l);
 	if (!t_path)
 		return -1;
 	retval = do_unlink(t_path);
@@ -1588,7 +1609,7 @@
 		unset_errno();
 		retval = sysremove(t_path);
 	}
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	return retval;
 }
 
@@ -1596,17 +1617,17 @@
                      char *new_path, size_t new_l)
 {
 	int ret;
-	char *t_oldpath = user_strdup_errno(p, old_path, old_l);
+	char *t_oldpath = copy_in_path(p, old_path, old_l);
 	if (t_oldpath == NULL)
 		return -1;
-	char *t_newpath = user_strdup_errno(p, new_path, new_l);
+	char *t_newpath = copy_in_path(p, new_path, new_l);
 	if (t_newpath == NULL) {
-		user_memdup_free(p, t_oldpath);
+		free_path(p, t_oldpath);
 		return -1;
 	}
 	ret = do_symlink(t_newpath, t_oldpath, S_IRWXU | S_IRWXG | S_IRWXO);
-	user_memdup_free(p, t_oldpath);
-	user_memdup_free(p, t_newpath);
+	free_path(p, t_oldpath);
+	free_path(p, t_newpath);
 	return ret;
 }
 
@@ -1618,7 +1639,7 @@
 	ssize_t copy_amt;
 	int ret = -1;
 	struct dentry *path_d;
-	char *t_path = user_strdup_errno(p, path, path_l);
+	char *t_path = copy_in_path(p, path, path_l);
 	if (t_path == NULL)
 		return -1;
 	/* TODO: 9ns support */
@@ -1637,7 +1658,7 @@
 	} else
 		symname = path_d->d_inode->i_op->readlink(path_d);
 
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 
 	if (symname){
 		copy_amt = strnlen(symname, buf_l - 1) + 1;
@@ -1652,21 +1673,22 @@
 	return ret;
 }
 
-static intreg_t sys_chdir(struct proc *p, pid_t pid, const char *path, size_t path_l)
+static intreg_t sys_chdir(struct proc *p, pid_t pid, const char *path,
+                          size_t path_l)
 {
 	int retval;
 	char *t_path;
 	struct proc *target = get_controllable_proc(p, pid);
 	if (!target)
 		return -1;
-	t_path = user_strdup_errno(p, path, path_l);
+	t_path = copy_in_path(p, path, path_l);
 	if (!t_path) {
 		proc_decref(target);
 		return -1;
 	}
 	/* TODO: 9ns support */
 	retval = do_chdir(&target->fs_env, t_path);
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	proc_decref(target);
 	return retval;
 }
@@ -1696,7 +1718,12 @@
 {
 	int retval = 0;
 	char *kfree_this;
-	char *k_cwd = do_getcwd(&p->fs_env, &kfree_this, cwd_l);
+	char *k_cwd;
+	if (cwd_l > PATH_MAX) {
+		set_errno(ENAMETOOLONG);
+		return -1;
+	}
+	k_cwd = do_getcwd(&p->fs_env, &kfree_this, cwd_l);
 	if (!k_cwd)
 		return -1;		/* errno set by do_getcwd */
 	if (memcpy_to_user_errno(p, u_cwd, k_cwd, strnlen(k_cwd, cwd_l - 1) + 1))
@@ -1709,7 +1736,7 @@
 intreg_t sys_mkdir(struct proc *p, const char *path, size_t path_l, int mode)
 {
 	int retval;
-	char *t_path = user_strdup_errno(p, path, path_l);
+	char *t_path = copy_in_path(p, path, path_l);
 	if (!t_path)
 		return -1;
 	mode &= S_PMASK;
@@ -1722,19 +1749,19 @@
 		static_assert(!(S_PMASK & DMDIR));
 		retval = syscreate(t_path, O_RDWR, DMDIR | mode);
 	}
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	return retval;
 }
 
 intreg_t sys_rmdir(struct proc *p, const char *path, size_t path_l)
 {
 	int retval;
-	char *t_path = user_strdup_errno(p, path, path_l);
+	char *t_path = copy_in_path(p, path, path_l);
 	if (!t_path)
 		return -1;
 	/* TODO: 9ns support */
 	retval = do_rmdir(t_path);
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	return retval;
 }
 
@@ -1864,21 +1891,21 @@
 
 {
 	int ret;
-	char *t_srcpath = user_strdup_errno(p, src_path, src_l);
+	char *t_srcpath = copy_in_path(p, src_path, src_l);
 	if (t_srcpath == NULL) {
 		printd("srcpath dup failed ptr %p size %d\n", src_path, src_l);
 		return -1;
 	}
-	char *t_ontopath = user_strdup_errno(p, onto_path, onto_l);
+	char *t_ontopath = copy_in_path(p, onto_path, onto_l);
 	if (t_ontopath == NULL) {
-		user_memdup_free(p, t_srcpath);
+		free_path(p, t_srcpath);
 		printd("ontopath dup failed ptr %p size %d\n", onto_path, onto_l);
 		return -1;
 	}
 	printd("sys_nbind: %s -> %s flag %d\n", t_srcpath, t_ontopath, flag);
 	ret = sysbind(t_srcpath, t_ontopath, flag);
-	user_memdup_free(p, t_srcpath);
-	user_memdup_free(p, t_ontopath);
+	free_path(p, t_srcpath);
+	free_path(p, t_ontopath);
 	return ret;
 }
 
@@ -1896,11 +1923,11 @@
 	int afd;
 
 	afd = -1;
-	char *t_ontopath = user_strdup_errno(p, onto_path, onto_l);
+	char *t_ontopath = copy_in_path(p, onto_path, onto_l);
 	if (t_ontopath == NULL)
 		return -1;
 	ret = sysmount(fd, afd, t_ontopath, flag, /* spec or auth */"");
-	user_memdup_free(p, t_ontopath);
+	free_path(p, t_ontopath);
 	return ret;
 }
 
@@ -1908,18 +1935,18 @@
 intreg_t sys_nunmount(struct proc *p, char *name, int name_l, char *old_path, int old_l)
 {
 	int ret;
-	char *t_oldpath = user_strdup_errno(p, old_path, old_l);
+	char *t_oldpath = copy_in_path(p, old_path, old_l);
 	if (t_oldpath == NULL)
 		return -1;
-	char *t_name = user_strdup_errno(p, name, name_l);
+	char *t_name = copy_in_path(p, name, name_l);
 	if (t_name == NULL) {
-		user_memdup_free(p, t_oldpath);
+		free_path(p, t_oldpath);
 		return -1;
 	}
 	ret = sysunmount(t_name, t_oldpath);
 	printd("go do it\n");
-	user_memdup_free(p, t_oldpath);
-	user_memdup_free(p, t_name);
+	free_path(p, t_oldpath);
+	free_path(p, t_name);
 	return ret;
 }
 
@@ -1996,19 +2023,19 @@
                    uint8_t *stat_m, size_t stat_sz, int flags)
 {
 	int retval = 0;
-	char *t_path = user_strdup_errno(p, path, path_l);
+	char *t_path = copy_in_path(p, path, path_l);
 	struct file *file;
 
 	if (!t_path)
 		return -1;
 	retval = syswstat(t_path, stat_m, stat_sz);
 	if (retval == stat_sz) {
-		user_memdup_free(p, t_path);
+		free_path(p, t_path);
 		return stat_sz;
 	}
 	/* 9ns failed, we'll need to check the VFS */
 	file = do_file_open(t_path, 0, 0);
-	user_memdup_free(p, t_path);
+	free_path(p, t_path);
 	if (!file)
 		return -1;
 	retval = vfs_wstat(file, stat_m, stat_sz, flags);
@@ -2041,8 +2068,8 @@
 	struct systrace_record *t = pcpui->cur_kthread->trace;
 	ERRSTACK(1);
 	int mountpointlen = 0;
-	char *from_path = user_strdup_errno(p, old_path, old_path_l);
-	char *to_path = user_strdup_errno(p, new_path, new_path_l);
+	char *from_path = copy_in_path(p, old_path, old_path_l);
+	char *to_path = copy_in_path(p, new_path, new_path_l);
 	struct chan *oldchan = 0, *newchan = NULL;
 	int retval = -1;
 
@@ -2063,8 +2090,8 @@
 	poperror();
 	if (!oldchan) {
 		retval = do_rename(from_path, to_path);
-		user_memdup_free(p, from_path);
-		user_memdup_free(p, to_path);
+		free_path(p, from_path);
+		free_path(p, to_path);
 		return retval;
 	}
 
@@ -2152,8 +2179,8 @@
 	printk("syswstat returns %d\n", retval);
 
 done: 
-	user_memdup_free(p, from_path);
-	user_memdup_free(p, to_path);
+	free_path(p, from_path);
+	free_path(p, to_path);
 	cclose(oldchan);
 	cclose(newchan);
 	return retval;