diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2010-01-21 02:56:53 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2010-01-21 02:56:53 +0100 |
| commit | 6443695f275167adb123070daf2a6b6ecc0bb371 (patch) | |
| tree | e55e9cb7795f3a5fb239793eab60f2320fe11cbc /inc | |
| parent | f1322558475277ffed7a9c61f4b9478b4dd1d46c (diff) | |
| download | abrt-6443695f275167adb123070daf2a6b6ecc0bb371.tar.gz abrt-6443695f275167adb123070daf2a6b6ecc0bb371.tar.xz abrt-6443695f275167adb123070daf2a6b6ecc0bb371.zip | |
abrtd: fix Report() dbus call gaping security holes
We were blindly trusting the values passed to us
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'inc')
| -rw-r--r-- | inc/CrashTypes.h | 35 |
1 files changed, 17 insertions, 18 deletions
diff --git a/inc/CrashTypes.h b/inc/CrashTypes.h index 9daefa93..834a849e 100644 --- a/inc/CrashTypes.h +++ b/inc/CrashTypes.h @@ -45,21 +45,18 @@ #define FILENAME_MEMORYMAP "memorymap" #define FILENAME_KERNELOOPS "kerneloops" +#define CD_DUPHASH "DUPHASH" #define CD_UUID "UUID" -#define CD_UID "UID" +#define CD_DUMPDIR "DumpDir" #define CD_COUNT "Count" -#define CD_EXECUTABLE "Executable" -#define CD_PACKAGE "Package" -#define CD_DESCRIPTION "Description" -#define CD_TIME "Time" #define CD_REPORTED "Reported" #define CD_MESSAGE "Message" -#define CD_COMMENT "Comment" -#define CD_REPRODUCE "How to reproduce" -#define CD_MWANALYZER "_MWAnalyzer" -#define CD_MWUID "_MWUID" -#define CD_MWUUID "_MWUUID" -#define CD_MWDDD "_MWDDD" + + +// crash data is a map of 3-element vectors of strings: type, editable, content +#define CD_TYPE 0 +#define CD_EDITABLE 1 +#define CD_CONTENT 2 // SYS - system value, should not be displayed // BIN - binary data @@ -67,18 +64,18 @@ #define CD_SYS "s" #define CD_BIN "b" #define CD_TXT "t" - /* Text bigger than this usually is attached, not added inline */ #define CD_TEXT_ATT_SIZE (2*1024) -#define CD_ISEDITABLE "y" -#define CD_ISNOTEDITABLE "n" +#define CD_ISEDITABLE "y" +#define CD_ISNOTEDITABLE "n" + -#define CD_TYPE (0) -#define CD_EDITABLE (1) -#define CD_CONTENT (2) +extern const char *const must_have_files[]; + + +bool is_editable_file(const char *file_name); -// currently, vector always has exactly 3 elements -> <type, editable, content> // <key, data> typedef map_vector_string_t map_crash_data_t; @@ -97,4 +94,6 @@ void add_to_crash_data_ext(map_crash_data_t& pCrashData, const std::string& get_crash_data_item_content(const map_crash_data_t& crash_data, const char *key); +void log_map_crash_data(const map_crash_data_t& data, const char *name); + #endif |