[darwinbuild-changes] [443] branches/PR-6358021/darwintrace/darwintrace.c

Thu Dec 18 18:32:58 PST 2008

Revision: 443
          http://trac.macosforge.org/projects/darwinbuild/changeset/443
Author:   wsiegrist at apple.com
Date:     2008-12-18 18:32:58 -0800 (Thu, 18 Dec 2008)
Log Message:
-----------
Fix the determination of procname so we dont end up with a bad pointer. Also, use bounded cpy and cmp functions.

Modified Paths:
--------------
    branches/PR-6358021/darwintrace/darwintrace.c

Modified: branches/PR-6358021/darwintrace/darwintrace.c
===================================================================

--- branches/PR-6358021/darwintrace/darwintrace.c	2008-12-19 00:09:12 UTC (rev 442)
+++ branches/PR-6358021/darwintrace/darwintrace.c	2008-12-19 02:32:58 UTC (rev 443)
@@ -86,7 +86,10 @@
 		__darwintrace_pid = getpid();
 		char** progname = _NSGetProgname();
 		if (progname && *progname) {
-			strcpy(__darwintrace_progname, *progname);
+		  if (strlcpy(__darwintrace_progname, *progname, sizeof(__darwintrace_progname)) 
+		      >= sizeof(__darwintrace_progname)) {
+		    dprintf("darwintrace: progname too long to copy: %s\n", *progname);
+		  }
 		}
 	}
 
@@ -99,13 +102,8 @@
   int size;
 
   size = snprintf(__darwintrace_buf, sizeof(__darwintrace_buf),
-
-		  "%s[%d]\t"
-
-		  "%s\t%s\n",
-
+		  "%s[%d]\t%s\t%s\n",
 		  procname ? procname : __darwintrace_progname, __darwintrace_pid,
-
 		  tag, path );
   
   write(fd, __darwintrace_buf, size);
@@ -124,8 +122,8 @@
   pathlen = strlen(path);
   rsrclen = strlen(_PATH_RSRCFORKSPEC);
   if(pathlen > rsrclen
-     && 0 == strcmp(path + pathlen - rsrclen,
-		    _PATH_RSRCFORKSPEC)) {
+     && 0 == strncmp(path + pathlen - rsrclen,
+		     _PATH_RSRCFORKSPEC, rsrclen)) {
     path[pathlen - rsrclen] = '\0';
     pathlen -= rsrclen;
   }
@@ -196,10 +194,14 @@
 	      } else {
 		/* use original path */
 		dprintf("darwintrace: failed to resolve %s\n", path);
-		strcpy(realpath, path);
+		if (strlcpy(realpath, path, sizeof(realpath)) >= sizeof(realpath)) {
+		  dprintf("darwintrace: in open: original path too long to copy: %s\n", path);
+		}
 	      }
 	    } else {
-		strcpy(realpath, path);
+	      if (strlcpy(realpath, path, sizeof(realpath)) >= sizeof(realpath)) {
+		dprintf("darwintrace: in open (without getpath): path too long to copy: %s\n", path);
+	      }
 	    }
 
 	    __darwintrace_cleanup_path(realpath);
@@ -227,7 +229,9 @@
 
 	    dprintf("darwintrace: original readlink path is %s\n", path);
 
-	    strcpy(realpath, path);
+	    if (strlcpy(realpath, path, sizeof(realpath)) >= sizeof(realpath)) {
+	      dprintf("darwintrace: in readlink: path too long to copy: %s\n", path);
+	    }
 	    
 	    __darwintrace_cleanup_path(realpath);
 
@@ -277,8 +281,11 @@
 	    }
 
 	    if(printorig) {
-	      strcpy(realpath, path);
+	      if (strlcpy(realpath, path, sizeof(realpath)) >= sizeof(realpath)) {
+		dprintf("darwintrace: in execve: path too long to copy: %s\n", path);
+	      }
 
+
 	      __darwintrace_cleanup_path(realpath);
 	      __darwintrace_logpath(__darwintrace_fd, NULL, "execve", realpath);
 	    }
@@ -297,10 +304,14 @@
 		    dprintf("darwintrace: resolved execve path %s to %s\n", path, realpath);
 		  } else {
 		    dprintf("darwintrace: failed to resolve %s\n", path);
-		    strcpy(realpath, path);
+		    if (strlcpy(realpath, path, sizeof(realpath)) >= sizeof(realpath)) {
+		      dprintf("darwintrace: in execve: original path too long to copy: %s\n", path);
+		    }
 		  }
 		} else {
-		  strcpy(realpath, path);
+		  if (strlcpy(realpath, path, sizeof(realpath)) >= sizeof(realpath)) {
+		    dprintf("darwintrace: in execve (without getpath): path too long to copy: %s\n", path);
+		  }
 		}
 		__darwintrace_cleanup_path(realpath);
 
@@ -333,8 +344,15 @@
 		if (interp && interp[0] != '\0') {
 		  const char* procname = NULL;
 
-		  procname = strrchr(argv[0], '/') + 1;
-		  if (procname == NULL) procname = argv[0];
+		  /* look for slash to get the basename */
+		  procname = strrchr(argv[0], '/');
+		  if (procname == NULL) {
+		    /* no slash found, so assume whole string is basename */
+		    procname = argv[0];
+		  } else {
+		    /* advance pointer to just after slash */
+		    procname++;
+		  }
 
 		  __darwintrace_cleanup_path(interp);
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/darwinbuild-changes/attachments/20081218/6635227a/attachment.html>
