1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
/*
* Copyright (C) 2006,2007 Lauri Leukkunen <lle@rahina.org>
*
* Licensed under LGPL version 2.1, see top level LICENSE file for details.
*/
#ifndef MAPPING_H
#define MAPPING_H
#include <sys/types.h>
#define enable_mapping(a) ((a)->mapping_disabled--)
#define disable_mapping(a) ((a)->mapping_disabled++)
/* Mapping results are returned in a structure: */
typedef struct mapping_results_s {
/* mapping result buffer: This is usually an absolute path.
* Note that a fixed-sized array can NOT be used, because the
* path mapping engine may produce results that are longer than
* PATH_MAX. And this is not just theory, it does happen (some
* "configure" scripts create really deep directory structures)
* Also note that this may be an empty string, or relative path
* after all in some situations.
*/
char *mres_result_buf;
/* "normalized result", either absolute path or relative.
* if the result is absolute, then
* mres_result_path == mres_result_buf
* for most of relative results,
* mres_result_path == mres_result_buf+N
* but sometimes this may be separately allocated.
*/
char *mres_result_path;
int mres_result_path_was_allocated;
/* Flag: set if the result has been marked read only */
int mres_readonly;
} mapping_results_t;
extern void clear_mapping_results_struct(mapping_results_t *res);
extern void free_mapping_results(mapping_results_t *res);
extern void sbox_map_path(const char *func_name, const char *path,
int dont_resolve_final_symlink, mapping_results_t *res);
extern void sbox_map_path_at(const char *func_name, int dirfd,
const char *path, int dont_resolve_final_symlink,
mapping_results_t *res);
extern void sbox_map_path_for_sb2show(const char *binary_name,
const char *func_name, const char *path, mapping_results_t *res);
extern void sbox_map_path_for_exec(const char *func_name, const char *path,
mapping_results_t *res);
extern int sb_execve_preprocess(char **file, char ***argv, char ***envp);
extern char *emumode_map(const char *path);
extern void sb_push_string_to_lua_stack(char *str);
extern char *sb_execve_map_script_interpreter(const char *interpreter,
const char *interp_arg, const char *mapped_script_filename,
const char *orig_script_filename, char ***argv, char ***envp);
extern int sb_execve_postprocess(char *exec_type,
char **mapped_file, char **filename, const char *binary_name,
char ***argv, char ***envp);
extern char *sb_query_exec_policy(const char *field_name,
const char *binary_name, const char *real_binary_name);
extern char *scratchbox_reverse_path(
const char *func_name, const char *full_path);
extern const char *fdpathdb_find_path(int fd);
#endif
|
