Use regular expression against /proc symlinks.

* safepath.c (bad_proc): New static variable; regular expression that matches paths under /proc that traverse dangerous symlinks. (bad_proc_rx): Compiled version of above regex. (abs_path_check): Replace ad-hoc path match with regexec call. (safepath_init, safepath_deinit): New functions needed because have to compile a regular expression one time, and then keep using it. We could do this lazily but then we need pthread_once to make things thread safe. * safepath.h (safepath_init, safepath_cleanup): Declared. * testsp.c (main): Call safepath_init and safepath_cleanup.
author: Kaz Kylheku <kaz@kylheku.com> 2022-07-29 20:08:41 -0700
committer: Kaz Kylheku <kaz@kylheku.com> 2022-07-29 20:08:41 -0700
commit: 2f27d6c386daff041017b7aaec51d0e50e603a8e (patch)
tree: c78c8777533fbb91bf6aa909eaef1c79b7cfd75e /safepath.h
parent: 101303eb8bfd6a5ac99324467e83139e0e6c4b18 (diff)
download: safepath-2f27d6c386daff041017b7aaec51d0e50e603a8e.tar.gz
safepath-2f27d6c386daff041017b7aaec51d0e50e603a8e.tar.bz2
safepath-2f27d6c386daff041017b7aaec51d0e50e603a8e.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/safepath.h b/safepath.h
index 99786b1..822686f 100644
--- a/safepath.h
+++ b/safepath.h
@@ -48,6 +48,8 @@ enum {
   SAFEPATH_TOOLONG,             /* component or symlink target too long */
 };
 
+int safepath_init(void);
+void safepath_cleanup(void);
 int safepath_check(const char *name);
 const char *safepath_strerr(int err);
author	Kaz Kylheku <kaz@kylheku.com>	2022-07-29 20:08:41 -0700
committer	Kaz Kylheku <kaz@kylheku.com>	2022-07-29 20:08:41 -0700
commit	2f27d6c386daff041017b7aaec51d0e50e603a8e (patch)
tree	c78c8777533fbb91bf6aa909eaef1c79b7cfd75e /safepath.h
parent	101303eb8bfd6a5ac99324467e83139e0e6c4b18 (diff)
download	safepath-2f27d6c386daff041017b7aaec51d0e50e603a8e.tar.gz safepath-2f27d6c386daff041017b7aaec51d0e50e603a8e.tar.bz2 safepath-2f27d6c386daff041017b7aaec51d0e50e603a8e.zip