s6

Mirror/fork of https://skarnet.org/software/s6/
git clone https://ccx.te2000.cz/git/s6
Log | Files | Refs | README | LICENSE
commit b7b2b35e27f8cff08924e3b3e31b056cfae01a42
parent 13ecbabacafb6bdaf54488783ab051bc9b986653
Author: Laurent Bercot <ska-skaware@skarnet.org>
Date:   Tue, 12 Sep 2017 22:11:56 +0000

 bugfix: s6_accessrules_backend_cdb could incorrectly return ERROR instead of DENY

Diffstat:

Msrc/libs6/s6_accessrules_backend_cdb.c | 13+++++++------


1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/libs6/s6_accessrules_backend_cdb.c b/src/libs6/s6_accessrules_backend_cdb.c
@@ -18,18 +18,19 @@ s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keyl
   if (r < 0) return S6_ACCESSRULES_ERROR ;
   else if (!r) return S6_ACCESSRULES_NOTFOUND ;
   n = cdb_datalen(c) ;
-  if ((n < 5U) || (n > 8197U)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+  if (!n || n > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
   if (!stralloc_readyplus(&params->exec, n)) return S6_ACCESSRULES_ERROR ;
   execbase = params->exec.len ;
   if (cdb_read(c, params->exec.s + execbase, n, cdb_datapos(c)) < 0) return S6_ACCESSRULES_ERROR ;
   if (params->exec.s[execbase] == 'D') return S6_ACCESSRULES_DENY ;
   else if (params->exec.s[execbase] != 'A') return S6_ACCESSRULES_NOTFOUND ;
-  uint16_unpack_big(params->exec.s + execbase + 1U, &envlen) ;
-  if ((envlen > 4096U) || (envlen+5U > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+  else if (n < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+  uint16_unpack_big(params->exec.s + execbase + 1, &envlen) ;
+  if ((envlen > 4096) || (envlen + 5 > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
   uint16_unpack_big(params->exec.s + execbase + 3 + envlen, &execlen) ;
-  if ((execlen > 4096U) || (5U + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
-  if (!stralloc_catb(&params->env, params->exec.s + execbase + 3U, envlen)) return S6_ACCESSRULES_ERROR ;
-  memcpy(params->exec.s + execbase, params->exec.s + execbase + 5U + envlen, execlen) ;
+  if ((execlen > 4096) || (5 + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+  if (!stralloc_catb(&params->env, params->exec.s + execbase + 3, envlen)) return S6_ACCESSRULES_ERROR ;
+  memcpy(params->exec.s + execbase, params->exec.s + execbase + 5 + envlen, execlen) ;
   if (execlen)
   {
     params->exec.len += execlen ;