PERFORCE change 214661 for review

Fri Jul 20 22:36:06 UTC 2012

http://p4web.freebsd.org/@@214661?ac=10

Change 214661 by brooks at brooks_ecr_current on 2012/07/20 22:35:10

	Update the capsicum code to return the mime result via a pipe
	rather than relying on a shared stdout.  This is more similar to
	the code in browser, but is not identical.

Affected files ...

.. //depot/projects/ctsrd/beribsd/src/ctsrd/minifile/minifile.c#2 edit

Differences ...

==== //depot/projects/ctsrd/beribsd/src/ctsrd/minifile/minifile.c#2 (text+ko) ====

@@ -4,12 +4,15 @@
 #include <sys/wait.h>
 
 #include <err.h>
+#include <errno.h>
 #include <fcntl.h>
 #include <magic.h>
+#define _WITH_DPRINTF
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <vis.h>
 
 enum _sbtype {
 	SB_NONE = 0,
@@ -30,10 +33,14 @@
 	char ch;
 	const char *fname;
 	int fd, status;
+	ssize_t rlen;
 	pid_t pid;
 	const char *type;
 	struct magic_set *magic;
+	char buf[4096], *ttype;
+	int pfd[2];
 
+
 	while ((ch = getopt(argc, argv, "s:")) != -1) {
 		switch(ch) {
 		case 's':
@@ -52,7 +59,7 @@
 	argc -= optind;
 	argv += optind;
 
-	magic = magic_open(0);
+	magic = magic_open(MAGIC_MIME_TYPE);
 	if (magic == NULL)
 		errx(1, "magic_open()");
 	if (magic_load(magic, NULL) == -1) {
@@ -76,30 +83,55 @@
 			if (type == NULL)
 				errx(1, "magic_file(): %s",
 				    magic_error(magic));
-			printf("%s: %s\n", fname, type);
 			break;
 		case SB_CAPSICUM:
+			if (pipe(pfd) == -1)
+				err(1, "pipe()");
 			pid = fork();
 			if (pid < 0)
 				err(1, "fork()");
 			else if (pid == 0) {
+				close(fd);
+				close(pfd[0]);
+				/* XXX: do more cleanup here */
 				cap_enter();
 				type = magic_descriptor(magic, fd);
 				if (type == NULL)
-					errx(1, "magic_file(): %s",
-					    magic_error(magic));
-					printf("%s: %s\n", fname, type);
-					exit(0);
+					dprintf(pfd[1], "badmagic");
+				else
+					dprintf(pfd[1], "%s", type);
+				close(pfd[1]);
+				exit(0);
 			} else {
-				if (wait4(pid, &status, 0, NULL) == -1)
-					err(1, "wait4()");
+				close(pfd[1]);
+				while (wait4(pid, &status, 0, NULL) == -1)
+					if (errno != EINTR)
+						err(1, "wait4()");
 				if (WIFEXITED(status) &&
-				    WEXITSTATUS(status) != 0)
-					errx(1, "child exited with %d",
+				    WEXITSTATUS(status) != 0) {
+					warnx("child exited with %d",
 					    WEXITSTATUS(status));
-				else if(WIFSIGNALED(status))
-					errx(1, "child killed by signal %d",
+					close(pfd[0]);
+					type = "badmagic";
+				} else if(WIFSIGNALED(status)) {
+					warn("child killed by signal %d",
 					    WTERMSIG(status));
+					close(pfd[0]);
+					type = "badmagic";
+				} else {
+					rlen = read(pfd[0], buf, 128);
+					close(pfd[0]);
+					if (rlen == -1)
+						type = "read error";
+					else if (rlen == 0 || rlen == 1)
+						type = "unknown";
+					else {
+						/* Don't trust the result */
+						ttype = buf + rlen;
+						strvisx(ttype, buf, rlen, 0);
+						type = ttype;
+					}
+				}
 			}
 			break;
 		case SB_CHERI:
@@ -107,5 +139,6 @@
 		default:
 			errx(1, "invalid sandbox type");
 		}
+		printf("%s: %s\n", fname, type);
 	}
 }	
