illumos-gate Sdiff usr/src/cmd/svc/svccfg/svccfg

Print this page

12585 insufficient validation in svccfg for service name

   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
  23  */
  24 /*
  25  * Copyright 2011 Nexenta Systems, Inc.  All rights reserved.
  26  * Copyright 2019 Joyent, Inc.
  27  */
  28 
  29 
  30 /*
  31  * XML document manipulation routines
  32  *
  33  * These routines provide translation to and from the internal representation to
  34  * XML.  Directionally-oriented verbs are with respect to the external source,
  35  * so lxml_get_service() fetches a service from the XML file into the
  36  * internal representation.
  37  */
  38 
  39 #include <libxml/parser.h>
  40 #include <libxml/xinclude.h>
  41 
  42 #include <assert.h>
  43 #include <ctype.h>
  44 #include <errno.h>
  45 #include <libintl.h>
  46 #include <libscf.h>

3387                 if (scf_error() == SCF_ERROR_NOT_FOUND)
3388                         rc = SCF_SUCCESS;
3389 
3390                 goto out;
3391         }
3392 
3393         if (scf_service_get_pg(svc, SCF_PG_MANIFESTFILES, pg) != SCF_SUCCESS)
3394                 goto out;
3395 
3396         rc = SCF_SUCCESS;
3397 out:
3398         scf_pg_destroy(pg);
3399         scf_service_destroy(svc);
3400         scf_scope_destroy(sc);
3401         scf_handle_destroy(h);
3402 
3403         return (rc);
3404 }
3405 
3406 /*






















3407  * Translate a service element into an internal instance/property tree, added
3408  * to bundle.
3409  *
3410  * If op is SVCCFG_OP_APPLY (i.e., apply a profile), do not allow for
3411  * modification of template data.
3412  */
3413 static int
3414 lxml_get_service(bundle_t *bundle, xmlNodePtr svc, svccfg_op_t op)
3415 {
3416         pgroup_t *pg;
3417         property_t *p;
3418         entity_t *s;
3419         xmlNodePtr cursor;
3420         xmlChar *type;
3421         xmlChar *version;
3422         int e;
3423 
3424         /*
3425          * Fetch attributes, as appropriate.
3426          */
3427         s = internal_service_new((char *)xmlGetProp(svc,
3428             (xmlChar *)name_attr));
3429 


3430         version = xmlGetProp(svc, (xmlChar *)version_attr);
3431         s->sc_u.sc_service.sc_service_version = atol((const char *)version);
3432         xmlFree(version);
3433 
3434         type = xmlGetProp(svc, (xmlChar *)type_attr);
3435         s->sc_u.sc_service.sc_service_type = lxml_xlate_service_type(type);
3436         xmlFree(type);
3437 
3438         /*
3439          * Set the global missing type to false before processing the service
3440          */
3441         est->sc_miss_type = B_FALSE;
3442         s->sc_op = op;
3443 
3444         /*
3445          * Now that the service is created create the manifest
3446          * property group and add the property value of the service.
3447          */
3448         if (lxml_check_upgrade(s->sc_name) == SCF_SUCCESS &&
3449             svc->doc->name != NULL &&

   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
  23  */
  24 /*
  25  * Copyright 2011 Nexenta Systems, Inc.  All rights reserved.
  26  * Copyright 2020 Joyent, Inc.
  27  */
  28 
  29 
  30 /*
  31  * XML document manipulation routines
  32  *
  33  * These routines provide translation to and from the internal representation to
  34  * XML.  Directionally-oriented verbs are with respect to the external source,
  35  * so lxml_get_service() fetches a service from the XML file into the
  36  * internal representation.
  37  */
  38 
  39 #include <libxml/parser.h>
  40 #include <libxml/xinclude.h>
  41 
  42 #include <assert.h>
  43 #include <ctype.h>
  44 #include <errno.h>
  45 #include <libintl.h>
  46 #include <libscf.h>

3387                 if (scf_error() == SCF_ERROR_NOT_FOUND)
3388                         rc = SCF_SUCCESS;
3389 
3390                 goto out;
3391         }
3392 
3393         if (scf_service_get_pg(svc, SCF_PG_MANIFESTFILES, pg) != SCF_SUCCESS)
3394                 goto out;
3395 
3396         rc = SCF_SUCCESS;
3397 out:
3398         scf_pg_destroy(pg);
3399         scf_service_destroy(svc);
3400         scf_scope_destroy(sc);
3401         scf_handle_destroy(h);
3402 
3403         return (rc);
3404 }
3405 
3406 /*
3407  * Validate the svc:/-prefixed FMRI generated from the service name.
3408  */
3409 static void
3410 validate_service_name(const entity_t *s)
3411 {
3412         char *fmri;
3413         int ftype;
3414         const char *finst;
3415 
3416         if ((fmri = uu_strdup(s->sc_fmri)) == NULL)
3417                 uu_die(gettext("couldn't allocate memory"));
3418 
3419         if (scf_parse_fmri(fmri, &ftype, NULL, NULL, &finst, NULL, NULL) != 0 ||
3420             finst != NULL || ftype != SCF_FMRI_TYPE_SVC) {
3421                 uu_die(gettext("invalid value \"%s\": should be a bare "
3422                     "service name\n"), s->sc_name);
3423         }
3424 
3425         uu_free(fmri);
3426 }
3427 
3428 /*
3429  * Translate a service element into an internal instance/property tree, added
3430  * to bundle.
3431  *
3432  * If op is SVCCFG_OP_APPLY (i.e., apply a profile), do not allow for
3433  * modification of template data.
3434  */
3435 static int
3436 lxml_get_service(bundle_t *bundle, xmlNodePtr svc, svccfg_op_t op)
3437 {
3438         pgroup_t *pg;
3439         property_t *p;
3440         entity_t *s;
3441         xmlNodePtr cursor;
3442         xmlChar *type;
3443         xmlChar *version;
3444         int e;
3445 
3446         /*
3447          * Fetch attributes, as appropriate.
3448          */
3449         s = internal_service_new((char *)xmlGetProp(svc,
3450             (xmlChar *)name_attr));
3451 
3452         validate_service_name(s);
3453 
3454         version = xmlGetProp(svc, (xmlChar *)version_attr);
3455         s->sc_u.sc_service.sc_service_version = atol((const char *)version);
3456         xmlFree(version);
3457 
3458         type = xmlGetProp(svc, (xmlChar *)type_attr);
3459         s->sc_u.sc_service.sc_service_type = lxml_xlate_service_type(type);
3460         xmlFree(type);
3461 
3462         /*
3463          * Set the global missing type to false before processing the service
3464          */
3465         est->sc_miss_type = B_FALSE;
3466         s->sc_op = op;
3467 
3468         /*
3469          * Now that the service is created create the manifest
3470          * property group and add the property value of the service.
3471          */
3472         if (lxml_check_upgrade(s->sc_name) == SCF_SUCCESS &&
3473             svc->doc->name != NULL &&