1 /*
2 * This file contains helper functions for labeling support.
3 *
4 * Author : Richard Haines <[email protected]>
5 */
6
7 #include <stdlib.h>
8 #include <stdarg.h>
9 #include <ctype.h>
10 #include <string.h>
11 #include <stdio.h>
12 #include <errno.h>
13 #include "label_internal.h"
14
15 /*
16 * Read an entry from a spec file (e.g. file_contexts)
17 * entry - Buffer to allocate for the entry.
18 * ptr - current location of the line to be processed.
19 * returns - 0 on success and *entry is set to be a null
20 * terminated value. On Error it returns -1 and
21 * errno will be set.
22 *
23 */
read_spec_entry(char ** entry,char ** ptr,int * len,const char ** errbuf)24 static inline int read_spec_entry(char **entry, char **ptr, int *len, const char **errbuf)
25 {
26 *entry = NULL;
27 char *tmp_buf = NULL;
28
29 while (isspace((unsigned char)**ptr) && **ptr != '\0')
30 (*ptr)++;
31
32 tmp_buf = *ptr;
33 *len = 0;
34
35 while (!isspace((unsigned char)**ptr) && **ptr != '\0') {
36 if (!isascii((unsigned char)**ptr)) {
37 errno = EINVAL;
38 *errbuf = "Non-ASCII characters found";
39 return -1;
40 }
41 (*ptr)++;
42 (*len)++;
43 }
44
45 if (*len) {
46 *entry = strndup(tmp_buf, *len);
47 if (!*entry)
48 return -1;
49 }
50
51 return 0;
52 }
53
54 /*
55 * line_buf - Buffer containing the spec entries .
56 * errbuf - Double pointer used for passing back specific error messages.
57 * num_args - The number of spec parameter entries to process.
58 * ... - A 'char **spec_entry' for each parameter.
59 * returns - The number of items processed. On error, it returns -1 with errno
60 * set and may set errbuf to a specific error message.
61 *
62 * This function calls read_spec_entry() to do the actual string processing.
63 * As such, can return anything from that function as well.
64 */
read_spec_entries(char * line_buf,const char ** errbuf,int num_args,...)65 int read_spec_entries(char *line_buf, const char **errbuf, int num_args, ...)
66 {
67 char **spec_entry, *buf_p;
68 int len, rc, items, entry_len = 0;
69 va_list ap;
70
71 *errbuf = NULL;
72
73 len = strlen(line_buf);
74 if (line_buf[len - 1] == '\n')
75 line_buf[len - 1] = '\0';
76 else
77 /* Handle case if line not \n terminated by bumping
78 * the len for the check below (as the line is NUL
79 * terminated by getline(3)) */
80 len++;
81
82 buf_p = line_buf;
83 while (isspace((unsigned char)*buf_p))
84 buf_p++;
85
86 /* Skip comment lines and empty lines. */
87 if (*buf_p == '#' || *buf_p == '\0')
88 return 0;
89
90 /* Process the spec file entries */
91 va_start(ap, num_args);
92
93 items = 0;
94 while (items < num_args) {
95 spec_entry = va_arg(ap, char **);
96
97 if (len - 1 == buf_p - line_buf) {
98 va_end(ap);
99 return items;
100 }
101
102 rc = read_spec_entry(spec_entry, &buf_p, &entry_len, errbuf);
103 if (rc < 0) {
104 va_end(ap);
105 return rc;
106 }
107 if (entry_len)
108 items++;
109 }
110 va_end(ap);
111 return items;
112 }
113
114 /* Once all the specfiles are in the hash_buf, generate the hash. */
digest_gen_hash(struct selabel_digest * digest)115 void digest_gen_hash(struct selabel_digest *digest)
116 {
117 Sha1Context context;
118 size_t remaining_size;
119 const unsigned char *ptr;
120
121 /* If SELABEL_OPT_DIGEST not set then just return */
122 if (!digest)
123 return;
124
125 Sha1Initialise(&context);
126
127 /* Process in blocks of UINT32_MAX bytes */
128 remaining_size = digest->hashbuf_size;
129 ptr = digest->hashbuf;
130 while (remaining_size > UINT32_MAX) {
131 Sha1Update(&context, ptr, UINT32_MAX);
132 remaining_size -= UINT32_MAX;
133 ptr += UINT32_MAX;
134 }
135 Sha1Update(&context, ptr, remaining_size);
136
137 Sha1Finalise(&context, (SHA1_HASH *)digest->digest);
138 free(digest->hashbuf);
139 digest->hashbuf = NULL;
140 }
141
142 /**
143 * digest_add_specfile - Add a specfile to the hashbuf and if gen_hash true
144 * then generate the hash.
145 * @digest: pointer to the selabel_digest struct
146 * @fp: file pointer for fread(3) or NULL if not.
147 * @from_addr: pointer at start of buffer for memcpy or NULL if not (used for
148 * mmap(3) files).
149 * @buf_len: length of buffer to copy.
150 * @path: pointer to the specfile.
151 *
152 * Return %0 on success, -%1 with @errno set on failure.
153 */
digest_add_specfile(struct selabel_digest * digest,FILE * fp,const char * from_addr,size_t buf_len,const char * path)154 int digest_add_specfile(struct selabel_digest *digest, FILE *fp,
155 const char *from_addr, size_t buf_len,
156 const char *path)
157 {
158 unsigned char *tmp_buf;
159
160 /* If SELABEL_OPT_DIGEST not set then just return */
161 if (!digest)
162 return 0;
163
164 if (digest->hashbuf_size + buf_len < digest->hashbuf_size) {
165 errno = EOVERFLOW;
166 return -1;
167 }
168 digest->hashbuf_size += buf_len;
169
170 tmp_buf = realloc(digest->hashbuf, digest->hashbuf_size);
171 if (!tmp_buf)
172 return -1;
173
174 digest->hashbuf = tmp_buf;
175
176 if (fp) {
177 if (fseek(fp, 0L, SEEK_SET) == -1)
178 return -1;
179
180 if (fread(digest->hashbuf + (digest->hashbuf_size - buf_len),
181 1, buf_len, fp) != buf_len)
182 return -1;
183
184 } else if (from_addr) {
185 tmp_buf = memcpy(digest->hashbuf +
186 (digest->hashbuf_size - buf_len),
187 from_addr, buf_len);
188 if (!tmp_buf)
189 return -1;
190 }
191 /* Now add path to list */
192 digest->specfile_list[digest->specfile_cnt] = strdup(path);
193 if (!digest->specfile_list[digest->specfile_cnt])
194 return -1;
195
196 digest->specfile_cnt++;
197 if (digest->specfile_cnt > DIGEST_FILES_MAX) {
198 errno = EOVERFLOW;
199 return -1;
200 }
201
202 return 0;
203 }
204