Michael Vogt

Merge ~mvo/+git/c-code-review:improve into ~mvo/+git/c-code-review:main

  1. Git
  2. lp:~mvo/+git/c-code-review
  3. improve
  4. Merge into main
Proposed by Michael Vogt
Status: Needs review
Proposed branch: ~mvo/+git/c-code-review:improve
Merge into: ~mvo/+git/c-code-review:main
Diff against target: 86 lines (+33/-3)
4 files modified
main.c (+2/-2)
seccomp.c (+8/-1)
seccomp.h (+1/-0)
unit-tests/unit-tests.c (+22/-0)
Reviewer Review Type Date Requested Status
Michael Vogt Pending
Review via email: mp+450440@code.launchpad.net

Commit message

Improve

Description of the change

Improve main.c

To post a comment you must log in.

Unmerged commits

ad14d62... by Michael Vogt

improve code

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/main.c b/main.c
2index 98999c3..43e9fb4 100644
3--- a/main.c
4+++ b/main.c
5@@ -13,7 +13,7 @@ int main(int argc, char **argv) {
6 const char *profile_path = argv[1];
7 FILE *file = sc_must_read_and_validate_header_from_file(profile_path, &hdr);
8 sc_must_read_filter_from_file(file, hdr.len_filter, &prog_allow);
9-
10-
11 sc_apply_seccomp_filter(&prog_allow);
12+ fclose(file);
13+ fprintf(stderr, "filter loaded okay");
14 }
15diff --git a/seccomp.c b/seccomp.c
16index 27c5971..e495423 100644
17--- a/seccomp.c
18+++ b/seccomp.c
19@@ -41,13 +41,20 @@ FILE* sc_must_read_and_validate_header_from_file(const char *profile_path, struc
20 if (num_read < sizeof(struct sc_seccomp_file_header)) {
21 die("short read on seccomp header: %zu", num_read);
22 }
23+ // check everything
24+ if (hdr->header[0] != 'S' || hdr->header[1] != 'C') {
25+ die("unexpected seccomp header: %x%x", hdr->header[0], hdr->header[1]);
26+ }
27+ if (hdr->len_filter > MAX_BPF_SIZE) {
28+ die("allow filter size too big %u", hdr->len_filter);
29+ }
30 return file;
31 }
32
33 void sc_must_read_filter_from_file(FILE *file, uint32_t len_bytes, struct sock_fprog *prog)
34 {
35 prog->len = len_bytes / sizeof(struct sock_filter);
36- prog->filter = (struct sock_filter *)malloc(MAX_BPF_SIZE);
37+ prog->filter = (struct sock_filter *)malloc(len_bytes);
38 if (prog->filter == NULL) {
39 die("cannot allocate %u bytes of memory for seccomp filter ", len_bytes);
40 }
41diff --git a/seccomp.h b/seccomp.h
42index d60ce6b..30a12d3 100644
43--- a/seccomp.h
44+++ b/seccomp.h
45@@ -23,3 +23,4 @@ void sc_apply_seccomp_filter(struct sock_fprog *prog);
46 void die(const char *fmt, ...);
47
48 #endif
49+
50diff --git a/unit-tests/unit-tests.c b/unit-tests/unit-tests.c
51index 571ca01..26cd7ab 100644
52--- a/unit-tests/unit-tests.c
53+++ b/unit-tests/unit-tests.c
54@@ -27,10 +27,32 @@ static void test_must_read_and_validate_header_from_file__happy(void)
55 g_assert_true(file != NULL);
56 }
57
58+static void test_must_read_and_validate_header_from_file__missing_header(void)
59+{
60+ struct sc_seccomp_file_header hdr = {};
61+
62+ if (g_test_subprocess()) {
63+ char *profile = NULL;
64+ int fd = 0;
65+ make_seccomp_profile(&hdr, &fd, &profile);
66+ FILE *file = sc_must_read_and_validate_header_from_file(profile, &hdr);
67+ g_assert_not_reached();
68+ // check null
69+ g_assert_null(file);
70+ }
71+
72+ g_test_trap_subprocess(NULL, 0, 0);
73+ g_test_trap_assert_failed();
74+ g_test_trap_assert_stderr("unexpected seccomp header: 00\n");
75+}
76+
77 static void __attribute__((constructor)) init(void)
78 {
79 g_test_add_func("/seccomp/must_read_and_validate_header_from_file/happy",
80 test_must_read_and_validate_header_from_file__happy);
81+ g_test_add_func("/seccomp/must_read_and_validate_header_from_file/missing_header",
82+ test_must_read_and_validate_header_from_file__missing_header);
83+
84 }
85
86 int main(int argc, char **argv)

Subscribers

People subscribed via source and target branches

to all changes: