Description:
added /dev/urandom to file allowed to be accessed, probably needed after ubuntu 9.04
git-svn-id: http://theory.cpe.ku.ac.th/grader/judge/trunk/scripts@417 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
jittat
-
r76:4469d653fe5f - - 1 file changed: 1 inserted, 0 deleted
| @@ -142,96 +142,97 | |||
|
|
142 | 142 | if (file_access >= 9) |
|
|
143 | 143 | return; |
|
|
144 | 144 | |
|
|
145 | 145 | if (!mem_fd) |
|
|
146 | 146 | { |
|
|
147 | 147 | sprintf(namebuf, "/proc/%d/mem", (int) box_pid); |
|
|
148 | 148 | mem_fd = open(namebuf, O_RDONLY); |
|
|
149 | 149 | if (mem_fd < 0) |
|
|
150 | 150 | die("open(%s): %m", namebuf); |
|
|
151 | 151 | } |
|
|
152 | 152 | p = end = namebuf; |
|
|
153 | 153 | do |
|
|
154 | 154 | { |
|
|
155 | 155 | if (p >= end) |
|
|
156 | 156 | { |
|
|
157 | 157 | int remains = PAGE_SIZE - (addr & (PAGE_SIZE-1)); |
|
|
158 | 158 | int l = namebuf + sizeof(namebuf) - end; |
|
|
159 | 159 | if (l > remains) |
|
|
160 | 160 | l = remains; |
|
|
161 | 161 | if (!l) |
|
|
162 | 162 | die("Access to file with name too long."); |
|
|
163 | 163 | if (long_seek(mem_fd, addr, SEEK_SET) < 0) |
|
|
164 | 164 | die("long_seek(mem): %m"); |
|
|
165 | 165 | remains = read(mem_fd, end, l); |
|
|
166 | 166 | if (remains < 0) |
|
|
167 | 167 | die("read(mem): %m"); |
|
|
168 | 168 | if (!remains) |
|
|
169 | 169 | die("Access to file with name out of memory."); |
|
|
170 | 170 | end += l; |
|
|
171 | 171 | addr += l; |
|
|
172 | 172 | } |
|
|
173 | 173 | } |
|
|
174 | 174 | while (*p++); |
|
|
175 | 175 | |
|
|
176 | 176 | log("[%s] ", namebuf); |
|
|
177 | 177 | if (file_access >= 3) |
|
|
178 | 178 | return; |
|
|
179 | 179 | if (!strchr(namebuf, '/') && strcmp(namebuf, "..")) |
|
|
180 | 180 | return; |
|
|
181 | 181 | if (file_access >= 2) |
|
|
182 | 182 | { |
|
|
183 | 183 | if ((!strncmp(namebuf, "/etc/", 5) || |
|
|
184 | 184 | !strncmp(namebuf, "/lib/", 5) || |
|
|
185 | 185 | !strncmp(namebuf, "/usr/lib/", 9)) |
|
|
186 | 186 | && !strstr(namebuf, "..")) |
|
|
187 | 187 | return; |
|
|
188 | 188 | if (!strcmp(namebuf, "/dev/null") || |
|
|
189 | 189 | !strcmp(namebuf, "/dev/zero") || |
|
|
190 | + !strcmp(namebuf, "/dev/urandom") || | |
|
|
190 | 191 | !strcmp(namebuf, "/proc/meminfo") || |
|
|
191 | 192 | !strcmp(namebuf, "/proc/self/stat") || |
|
|
192 | 193 | !strncmp(namebuf, "/usr/share/zoneinfo/", 20)) |
|
|
193 | 194 | return; |
|
|
194 | 195 | } |
|
|
195 | 196 | die("Forbidden access to file `%s'.", namebuf); |
|
|
196 | 197 | } |
|
|
197 | 198 | |
|
|
198 | 199 | static int |
|
|
199 | 200 | valid_syscall(struct user *u) |
|
|
200 | 201 | { |
|
|
201 | 202 | switch (u->regs.orig_eax) |
|
|
202 | 203 | { |
|
|
203 | 204 | case __NR_execve: |
|
|
204 | 205 | { |
|
|
205 | 206 | static int exec_counter; |
|
|
206 | 207 | return !exec_counter++; |
|
|
207 | 208 | } |
|
|
208 | 209 | case __NR_open: |
|
|
209 | 210 | case __NR_creat: |
|
|
210 | 211 | case __NR_unlink: |
|
|
211 | 212 | case __NR_oldstat: |
|
|
212 | 213 | case __NR_access: |
|
|
213 | 214 | case __NR_oldlstat: |
|
|
214 | 215 | case __NR_truncate: |
|
|
215 | 216 | case __NR_stat: |
|
|
216 | 217 | case __NR_lstat: |
|
|
217 | 218 | case __NR_truncate64: |
|
|
218 | 219 | case __NR_stat64: |
|
|
219 | 220 | case __NR_lstat64: |
|
|
220 | 221 | valid_filename(u->regs.ebx); |
|
|
221 | 222 | return 1; |
|
|
222 | 223 | case __NR_exit: |
|
|
223 | 224 | case __NR_read: |
|
|
224 | 225 | case __NR_write: |
|
|
225 | 226 | case __NR_close: |
|
|
226 | 227 | case __NR_lseek: |
|
|
227 | 228 | case __NR_getpid: |
|
|
228 | 229 | case __NR_getuid: |
|
|
229 | 230 | case __NR_oldfstat: |
|
|
230 | 231 | case __NR_dup: |
|
|
231 | 232 | case __NR_brk: |
|
|
232 | 233 | case __NR_getgid: |
|
|
233 | 234 | case __NR_geteuid: |
|
|
234 | 235 | case __NR_getegid: |
|
|
235 | 236 | case __NR_dup2: |
|
|
236 | 237 | case __NR_ftruncate: |
|
|
237 | 238 | case __NR_fstat: |
You need to be logged in to leave comments.
Login now