Diff

Differences From Artifact [f0663dcc45]:

To Artifact [99975a5e76]:


  1134   1134   
  1135   1135   	appfs_get_path_info_cache_flush(-1, -1);
  1136   1136   
  1137   1137   	fuse_exit(fuse_get_context()->fuse);
  1138   1138   
  1139   1139   	return;
  1140   1140   }
         1141  +
         1142  +#endif
         1143  +
         1144  +#if defined(APPFS_EXEC_PATH_ENABLE_MAJOR_SECURITY_HOLE)
         1145  +static void appfs_runTcl(const char *script, size_t scriptLen) {
         1146  +	Tcl_Interp *interp;
         1147  +	Tcl_Obj *scriptObj;
         1148  +	int tcl_ret;
         1149  +
         1150  +	interp = appfs_TclInterp();
         1151  +	if (interp == NULL) {
         1152  +		APPFS_DEBUG("Error creating an interpreter.");
         1153  +
         1154  +		return;
         1155  +	}
         1156  +
         1157  +	appfs_call_libtcl(scriptObj = Tcl_NewStringObj(script, scriptLen);)
         1158  +
         1159  +	if (scriptObj == NULL) {
         1160  +		APPFS_DEBUG("Error creating a script object.");
         1161  +
         1162  +		return;
         1163  +	}
         1164  +
         1165  +	appfs_call_libtcl(tcl_ret = Tcl_EvalObjEx(interp, scriptObj, TCL_EVAL_DIRECT);)
         1166  +	if (tcl_ret != TCL_OK) {
         1167  +		appfs_call_libtcl(
         1168  +			APPFS_DEBUG("Script returned error %i: %s", tcl_ret, Tcl_GetStringResult(interp));
         1169  +		)
         1170  +	}
         1171  +
         1172  +	return;
         1173  +}
  1141   1174   #endif
  1142   1175   
  1143   1176   static int appfs_fuse_readlink(const char *path, char *buf, size_t size) {
  1144   1177   	struct appfs_pathinfo pathinfo;
  1145   1178   	int retval = 0;
  1146   1179   
  1147   1180   	APPFS_DEBUG("Enter (path = %s, ...)", path);
................................................................................
  1176   1209   	APPFS_DEBUG("Enter (path = %s, ...)", path);
  1177   1210   
  1178   1211   #if (defined(DEBUG) && defined(APPFS_EXIT_PATH)) || defined(APPFS_EXIT_PATH_ENABLE_MAJOR_SECURITY_HOLE)
  1179   1212   	/*
  1180   1213   	 * This is a major security issue so we cannot let it be compiled into
  1181   1214   	 * any release
  1182   1215   	 */
  1183         -
  1184   1216   	if (strcmp(path, "/exit") == 0) {
  1185   1217   		appfs_exit();
  1186   1218   	}
         1219  +#endif
         1220  +#if defined(APPFS_EXEC_PATH_ENABLE_MAJOR_SECURITY_HOLE)
         1221  +	if (strcmp(path, "/exec") == 0) {
         1222  +		memset(stbuf, 0, sizeof(struct stat));
         1223  +
         1224  +		stbuf->st_mtime = 0;
         1225  +		stbuf->st_ctime = 0;
         1226  +		stbuf->st_atime = 0;
         1227  +		stbuf->st_ino   = 3;
         1228  +		stbuf->st_mode  = 0;
         1229  +		stbuf->st_mode  = S_IFREG | 0600;
         1230  +		stbuf->st_nlink = 1;
         1231  +		stbuf->st_size  = 0;
         1232  +
         1233  +		return(retval);
         1234  +	}
  1187   1235   #endif
  1188   1236   
  1189   1237   	pathinfo.type = APPFS_PATHTYPE_INVALID;
  1190   1238   
  1191   1239   	retval = appfs_get_path_info(path, &pathinfo);
  1192   1240   	if (retval != 0) {
  1193   1241   		if (retval == -ENOENT) {
................................................................................
  1332   1380   	Tcl_Interp *interp;
  1333   1381   	struct appfs_pathinfo pathinfo;
  1334   1382   	const char *real_path, *mode;
  1335   1383   	int gpi_ret, tcl_ret;
  1336   1384   	int fh;
  1337   1385   
  1338   1386   	APPFS_DEBUG("Enter (path = %s, ...)", path);
         1387  +
         1388  +#if defined(APPFS_EXEC_PATH_ENABLE_MAJOR_SECURITY_HOLE)
         1389  +	if (strcmp(path, "/exec") == 0) {
         1390  +		fi->fh = 0;
         1391  +
         1392  +		return(0);
         1393  +	}
         1394  +#endif
  1339   1395   
  1340   1396   	gpi_ret = appfs_get_path_info(path, &pathinfo);
  1341   1397   
  1342   1398   	if ((fi->flags & (O_WRONLY|O_CREAT)) == (O_CREAT|O_WRONLY)) {
  1343   1399   		/* The file will be created if it does not exist */
  1344   1400   		if (gpi_ret != 0 && gpi_ret != -ENOENT) {
  1345   1401   			APPFS_DEBUG("error: get_path_info failed");
................................................................................
  1423   1479   	APPFS_DEBUG("Opened \"%s\" (for \"%s\") with file descriptor %i", real_path, path, fh);
  1424   1480   
  1425   1481   	return(0);
  1426   1482   }
  1427   1483   
  1428   1484   static int appfs_fuse_close(const char *path, struct fuse_file_info *fi) {
  1429   1485   	int close_ret;
         1486  +
         1487  +	APPFS_DEBUG("Enter (path = %s, ...)", path);
         1488  +
         1489  +#if defined(APPFS_EXEC_PATH_ENABLE_MAJOR_SECURITY_HOLE)
         1490  +	if (strcmp(path, "/exec") == 0) {
         1491  +		return(0);
         1492  +	}
         1493  +#endif
  1430   1494   
  1431   1495   	appfs_get_path_info_cache_rm(path, appfs_get_fsuid());
  1432   1496   
  1433   1497   	close_ret = close(fi->fh);
  1434   1498   	if (close_ret != 0) {
  1435   1499   		APPFS_DEBUG("error: close failed");
  1436   1500   
................................................................................
  1477   1541   }
  1478   1542   
  1479   1543   static int appfs_fuse_write(const char *path, const char *buf, size_t size, off_t offset, struct fuse_file_info *fi) {
  1480   1544   	ssize_t write_ret;
  1481   1545   	int retval;
  1482   1546   
  1483   1547   	APPFS_DEBUG("Enter (path = %s, ...)", path);
         1548  +
         1549  +#if defined(APPFS_EXEC_PATH_ENABLE_MAJOR_SECURITY_HOLE)
         1550  +	if (strcmp(path, "/exec") == 0) {
         1551  +		appfs_runTcl(buf, size);
         1552  +
         1553  +		return(size);
         1554  +	}
         1555  +#endif
  1484   1556   
  1485   1557   	appfs_get_path_info_cache_rm(path, appfs_get_fsuid());
  1486   1558   
  1487   1559   	retval = 0;
  1488   1560   
  1489   1561   	while (size != 0) {
  1490   1562   		write_ret = pwrite(fi->fh, buf, size, offset);
................................................................................
  1583   1655   }
  1584   1656   
  1585   1657   static int appfs_fuse_truncate(const char *path, off_t size) {
  1586   1658   	char *real_path;
  1587   1659   	int truncate_ret;
  1588   1660   
  1589   1661   	APPFS_DEBUG("Enter (path = %s, ...)", path);
         1662  +
         1663  +#if defined(APPFS_EXEC_PATH_ENABLE_MAJOR_SECURITY_HOLE)
         1664  +	if (strcmp(path, "/exec") == 0) {
         1665  +		return(0);
         1666  +	}
         1667  +#endif
  1590   1668   
  1591   1669   	real_path = appfs_localpath(path);
  1592   1670   	if (real_path == NULL) {
  1593   1671   		return(-EIO);
  1594   1672   	}
  1595   1673   
  1596   1674   	appfs_get_path_info_cache_rm(path, appfs_get_fsuid());