Merge branch 'master' of git://sources.redhat.com/git/systemtap

2 files changed, 17 insertions, 3 deletions

diff --git a/runtime/staprun/ChangeLog b/runtime/staprun/ChangeLog
index 53545db2..e9ef2e2d 100644
--- a/runtime/staprun/ChangeLog
+++ b/runtime/staprun/ChangeLog
@@ -1,7 +1,11 @@
+2008-02-21  David Smith  <dsmith@redhat.com>
+
+	* staprun_funcs.c (check_path): Small security fix.
+
 2008-01-21  Martin Hunt  <hunt@redhat.com>
 
-	* symbols.c (send_module): Simplify and use new send_data() function to keep
-	longword alignment.
+	* symbols.c (send_module): Simplify and use new send_data()
+	function to keep longword alignment.
 
 2008-01-14  Martin Hunt  <hunt@redhat.com>
 
diff --git a/runtime/staprun/staprun_funcs.c b/runtime/staprun/staprun_funcs.c
index 3a678405..34e12c25 100644
--- a/runtime/staprun/staprun_funcs.c
+++ b/runtime/staprun/staprun_funcs.c
@@ -277,10 +277,20 @@ check_path(void)
 	
 	/* Use realpath() to canonicalize the module path. */
 	if (realpath(modpath, module_realpath) == NULL) {
-		perr("Unable to canonicalize path \"%s\"",modpath);
+		perr("Unable to canonicalize path \"%s\"", modpath);
 		return -1;
 	}
 	
+	/* To make sure the user can't specify something like
+	 * /lib/modules/`uname -r`/systemtapmod.ko, put a '/' on the
+	 * end of staplib_dir_realpath. */
+	if (strlen(staplib_dir_realpath) < (PATH_MAX - 1))
+		strcat(staplib_dir_realpath, "/");
+	else {
+		err("Path \"%s\" is too long.", modpath);
+		return -1;
+	}
+
 	/* Now we've got two canonicalized paths.  Make sure
 	 * module_realpath starts with staplib_dir_realpath. */
 	if (strncmp(staplib_dir_realpath, module_realpath,