From ea78eecbd275fa7466e56d6eb0dc7a3c60f5b640 Mon Sep 17 00:00:00 2001
From: Yufang Zhang <zhangyufang@360.cn>
Date: Tue, 14 May 2013 14:58:19 +0800
Subject: Update KillFilter to stop at '\0' for readlink() function.

Python's readlink() implementation doesn't stop at '\0' when reading
file path. Thus after dnsmasq upgrade, it may return something like
'/usr/sbin/dnsmasq\03453 (deleted)', while C's or Shell's readlink()
return '/usr/sbin/dnsmasq'. This patch fixes this problem by cutting
the readlink() results with '\0', so that KillFilter could get correct
path.

Bug 1179793

Change-Id: I7354941e0508e019c8c9b63b87ad39f52ccb51ca
---
 openstack/common/rootwrap/filters.py |  4 ++++
 tests/unit/test_rootwrap.py          | 12 ++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/openstack/common/rootwrap/filters.py b/openstack/common/rootwrap/filters.py
index 58121cb..ae7c62c 100644
--- a/openstack/common/rootwrap/filters.py
+++ b/openstack/common/rootwrap/filters.py
@@ -194,6 +194,10 @@ class KillFilter(CommandFilter):
                 return False
         try:
             command = os.readlink("/proc/%d/exe" % int(args[1]))
+            # NOTE(yufang521247): /proc/PID/exe may have '\0' on the
+            # end, because python doen't stop at '\0' when read the
+            # target path.
+            command = command.split('\0')[0]
             # NOTE(dprince): /proc/PID/exe may have ' (deleted)' on
             # the end if an executable is updated or deleted
             if command.endswith(" (deleted)"):
diff --git a/tests/unit/test_rootwrap.py b/tests/unit/test_rootwrap.py
index ea6ccbb..5a5d9ca 100644
--- a/tests/unit/test_rootwrap.py
+++ b/tests/unit/test_rootwrap.py
@@ -134,6 +134,18 @@ class RootwrapTestCase(utils.BaseTestCase):
         self.stubs.Set(os, 'readlink', fake_readlink)
         self.assertTrue(f.match(usercmd))
 
+    def test_KillFilter_upgraded_exe(self):
+        """Makes sure upgraded exe's are killed correctly"""
+        # See bug #1179793.
+        def fake_readlink(blah):
+            return '/bin/commandddddd\0\05190bfb2 (deleted)'
+
+        f = filters.KillFilter("root", "/bin/commandddddd")
+        usercmd = ['kill', 1234]
+
+        self.stubs.Set(os, 'readlink', fake_readlink)
+        self.assertTrue(f.match(usercmd))
+
     def test_ReadFileFilter(self):
         goodfn = '/good/file.name'
         f = filters.ReadFileFilter(goodfn)
-- 
cgit