Revision: 107518 https://trac.macports.org/changeset/107518 Author: cal@macports.org Date: 2013-07-01 17:38:37 -0700 (Mon, 01 Jul 2013) Log Message: ----------- darwintrace: provide __dt_pathbeginswith() Previously, prefixes of directory names could be matched, e.g., allowing access to /var/tmp would also allow access to /var/tmpfoobar. This change prevents this. Modified Paths: -------------- trunk/base/src/darwintracelib1.0/darwintrace.c Modified: trunk/base/src/darwintracelib1.0/darwintrace.c =================================================================== --- trunk/base/src/darwintracelib1.0/darwintrace.c 2013-07-02 00:26:56 UTC (rev 107517) +++ trunk/base/src/darwintracelib1.0/darwintrace.c 2013-07-02 00:38:37 UTC (rev 107518) @@ -137,6 +137,7 @@ * Prototypes. */ inline int __darwintrace_strbeginswith(const char* str, const char* prefix); +static inline int __darwintrace_pathbeginswith(const char* str, const char* prefix); inline void __darwintrace_log_op(const char* op, const char* path, int fd); void __darwintrace_copy_env() __attribute__((constructor)); inline char* __darwintrace_alloc_env(const char* varName, const char* varValue); @@ -188,17 +189,32 @@ #define debug_printf(...) #endif -/* - * return 0 if str doesn't begin with prefix, 1 otherwise. +/** + * Return 0 if str doesn't begin with prefix, 1 otherwise. Note that this is + * not a simple string comparison, but works on a path component level. + * A prefix of /var/tmp will not match a string of /var/tmpfoo. */ +static inline int __darwintrace_pathbeginswith(const char* str, const char* prefix) { + char s; + char p; + do { + s = *str++; + p = *prefix++; + } while (p && (p == s)); + return (p == 0 && (s == '/' || s == '\0')); +} + +/** + * Return 0 if str doesn't begin with prefix, 1 otherwise. + */ inline int __darwintrace_strbeginswith(const char* str, const char* prefix) { - char theCharS; - char theCharP; + char s; + char p; do { - theCharS = *str++; - theCharP = *prefix++; - } while(theCharP && (theCharP == theCharS)); - return (theCharP == 0); + s = *str++; + p = *prefix++; + } while (p && (p == s)); + return (p == 0); } /* @@ -658,7 +674,7 @@ for (t = filemap; *t;) { char state; - if (__darwintrace_strbeginswith(normalizedpath, t)) { + if (__darwintrace_pathbeginswith(normalizedpath, t)) { /* move t to the integer describing how to handle this match */ t += strlen(t) + 1; switch (*t) {