2010-08-26 18:50:56 +00:00
|
|
|
/*
|
|
|
|
* CDDL HEADER START
|
|
|
|
*
|
|
|
|
* The contents of this file are subject to the terms of the
|
|
|
|
* Common Development and Distribution License (the "License").
|
|
|
|
* You may not use this file except in compliance with the License.
|
|
|
|
*
|
|
|
|
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
|
2022-07-11 21:16:13 +00:00
|
|
|
* or https://opensource.org/licenses/CDDL-1.0.
|
2010-08-26 18:50:56 +00:00
|
|
|
* See the License for the specific language governing permissions
|
|
|
|
* and limitations under the License.
|
|
|
|
*
|
|
|
|
* When distributing Covered Code, include this CDDL HEADER in each
|
|
|
|
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
|
|
|
* If applicable, add the following below this CDDL HEADER, with the
|
|
|
|
* fields enclosed by brackets "[]" replaced with your own identifying
|
|
|
|
* information: Portions Copyright [yyyy] [name of copyright owner]
|
|
|
|
*
|
|
|
|
* CDDL HEADER END
|
|
|
|
*/
|
|
|
|
/*
|
|
|
|
* Copyright 2006 Ricardo Correia. All rights reserved.
|
|
|
|
* Use is subject to license terms.
|
|
|
|
*/
|
|
|
|
|
2021-02-21 16:19:43 +00:00
|
|
|
#include <unistd.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <errno.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <limits.h>
|
|
|
|
#include <string.h>
|
|
|
|
|
2010-08-26 18:50:56 +00:00
|
|
|
#include <zone.h>
|
|
|
|
|
2013-11-01 19:26:11 +00:00
|
|
|
zoneid_t
|
2022-01-12 16:37:40 +00:00
|
|
|
getzoneid(void)
|
2010-08-26 18:50:56 +00:00
|
|
|
{
|
2021-02-21 16:19:43 +00:00
|
|
|
char path[PATH_MAX];
|
|
|
|
char buf[128] = { '\0' };
|
|
|
|
char *cp;
|
|
|
|
|
|
|
|
int c = snprintf(path, sizeof (path), "/proc/self/ns/user");
|
|
|
|
/* This API doesn't have any error checking... */
|
Introduce kmem_scnprintf()
`snprintf()` is meant to protect against buffer overflows, but operating
on the buffer using its return value, possibly by calling it again, can
cause a buffer overflow, because it will return how many characters it
would have written if it had enough space even when it did not. In a
number of places, we repeatedly call snprintf() by successively
incrementing a buffer offset and decrementing a buffer length, by its
return value. This is a potentially unsafe usage of `snprintf()`
whenever the buffer length is reached. CodeQL complained about this.
To fix this, we introduce `kmem_scnprintf()`, which will return 0 when
the buffer is zero or the number of written characters, minus 1 to
exclude the NULL character, when the buffer was too small. In all other
cases, it behaves like snprintf(). The name is inspired by the Linux and
XNU kernels' `scnprintf()`. The implementation was written before I
thought to look at `scnprintf()` and had a good name for it, but it
turned out to have identical semantics to the Linux kernel version.
That lead to the name, `kmem_scnprintf()`.
CodeQL only catches this issue in loops, so repeated use of snprintf()
outside of a loop was not caught. As a result, a thorough audit of the
codebase was done to examine all instances of `snprintf()` usage for
potential problems and a few were caught. Fixes for them are included in
this patch.
Unfortunately, ZED is one of the places where `snprintf()` is
potentially used incorrectly. Since using `kmem_scnprintf()` in it would
require changing how it is linked, we modify its usage to make it safe,
no matter what buffer length is used. In addition, there was a bug in
the use of the return value where the NULL format character was not
being written by pwrite(). That has been fixed.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #14098
2022-10-27 18:16:04 +00:00
|
|
|
if (c < 0 || c >= sizeof (path))
|
2021-02-21 16:19:43 +00:00
|
|
|
return (0);
|
|
|
|
|
|
|
|
ssize_t r = readlink(path, buf, sizeof (buf) - 1);
|
|
|
|
if (r < 0)
|
|
|
|
return (0);
|
|
|
|
|
|
|
|
cp = strchr(buf, '[');
|
|
|
|
if (cp == NULL)
|
|
|
|
return (0);
|
|
|
|
cp++;
|
|
|
|
|
|
|
|
unsigned long n = strtoul(cp, NULL, 10);
|
|
|
|
if (n == ULONG_MAX && errno == ERANGE)
|
|
|
|
return (0);
|
|
|
|
zoneid_t z = (zoneid_t)n;
|
|
|
|
|
|
|
|
return (z);
|
2010-08-26 18:50:56 +00:00
|
|
|
}
|