diff options
author | Frank Ch. Eigler <fche@elastic.org> | 2010-02-12 10:25:43 -0500 |
---|---|---|
committer | Frank Ch. Eigler <fche@elastic.org> | 2010-02-12 10:29:53 -0500 |
commit | c0d1b5a004b9949bb455b7dbe17b335b7cab9ead (patch) | |
tree | da4f5aa8118117bf4c7053ea1bb9af9ad8fda6df /util.cxx | |
parent | 84b49730802c1cc625b85a2bfd473f6839d4e99c (diff) | |
download | systemtap-steved-c0d1b5a004b9949bb455b7dbe17b335b7cab9ead.tar.gz systemtap-steved-c0d1b5a004b9949bb455b7dbe17b335b7cab9ead.tar.xz systemtap-steved-c0d1b5a004b9949bb455b7dbe17b335b7cab9ead.zip |
PR11105 part 2: tighten constraints on stap-server parameters passed to make
* util.h, util.cxx (assert_match_regexp): New function.
* main.cxx (main): Constrain -R, -r, -a, -D, -S, -q, -B flags.
* stap-serverd (listen): Harden stap-server-connect with ulimit/loop.
* testsuite/systemtap.server/{client,server}_args.exp: Revised.
Diffstat (limited to 'util.cxx')
-rw-r--r-- | util.cxx | 36 |
1 files changed, 35 insertions, 1 deletions
@@ -1,5 +1,5 @@ // Copyright (C) Andrew Tridgell 2002 (original file) -// Copyright (C) 2006, 2009 Red Hat Inc. (systemtap changes) +// Copyright (C) 2006-2010 Red Hat Inc. (systemtap changes) // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License as @@ -19,6 +19,8 @@ #include "sys/sdt.h" #include <stdexcept> #include <cerrno> +#include <map> +#include <string> extern "C" { #include <fcntl.h> @@ -31,6 +33,7 @@ extern "C" { #include <sys/types.h> #include <sys/wait.h> #include <unistd.h> +#include <regex.h> } using namespace std; @@ -413,4 +416,35 @@ kill_stap_spawn(int sig) return spawned_pid ? kill(spawned_pid, sig) : 0; } + +void assert_regexp_match (const string& name, const string& value, const string& re) +{ + typedef map<string,regex_t*> cache; + static cache compiled; + cache::iterator it = compiled.find (re); + regex_t* r = 0; + if (it == compiled.end()) + { + r = new regex_t; + int rc = regcomp (r, re.c_str(), REG_ICASE|REG_NOSUB|REG_EXTENDED); + if (rc) { + cerr << "regcomp " << re << " (" << name << ") error rc=" << rc << endl; + exit(1); + } + compiled[re] = r; + } + else + r = it->second; + + // run regexec + int rc = regexec (r, value.c_str(), 0, 0, 0); + if (rc) + { + cerr << "ERROR: Safety pattern mismatch for " << name + << " ('" << value << "' vs. '" << re << "') rc=" << rc << endl; + exit(1); + } +} + + /* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ |