代码拉取完成,页面将自动刷新
同步操作将从 src-anolis-os/systemd 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From bc781489901fc6447cbd27b8d33f4f4439d6a5db Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 8 Apr 2019 02:22:40 +0900
Subject: [PATCH] util: introduce READ_FULL_FILE_SECURE flag for reading secure
data
(cherry picked from commit e0721f97b05c0a5f782233711ea95c1e02ccba44)
[Guorui Yu: include util.h for explicit_bzero_safe]
Signed-off-by: Guorui Yu <GuoRui.Yu@linux.alibaba.com>
---
src/basic/fileio.c | 68 ++++++++++++++++++++++++++++++++--------------
src/basic/fileio.h | 16 +++++++++--
2 files changed, 60 insertions(+), 24 deletions(-)
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 9fef97ff0c..cf7c92ebc7 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -35,6 +35,7 @@
#include "time-util.h"
#include "umask-util.h"
#include "utf8.h"
+#include "util.h"
#define READ_FULL_BYTES_MAX (4U*1024U*1024U)
@@ -383,26 +384,27 @@ int read_full_virtual_file(const char *filename, char **ret_contents, size_t *re
return 0;
}
-int read_full_stream(
+int read_full_stream_full(
FILE *f,
+ ReadFullFileFlags flags,
char **ret_contents,
size_t *ret_size) {
_cleanup_free_ char *buf = NULL;
struct stat st;
- size_t n, l;
- int fd;
+ size_t n, n_next, l;
+ int fd, r;
assert(f);
assert(ret_contents);
- n = LINE_MAX; /* Start size */
+ n_next = LINE_MAX; /* Start size */
fd = fileno(f);
if (fd >= 0) { /* If the FILE* object is backed by an fd (as opposed to memory or such, see fmemopen(), let's
* optimize our buffering) */
- if (fstat(fileno(f), &st) < 0)
+ if (fstat(fd, &st) < 0)
return -errno;
if (S_ISREG(st.st_mode)) {
@@ -415,27 +417,41 @@ int read_full_stream(
* to read here by one, so that the first read attempt already
* makes us notice the EOF. */
if (st.st_size > 0)
- n = st.st_size + 1;
+ n_next = st.st_size + 1;
}
}
- l = 0;
+ n = l = 0;
for (;;) {
char *t;
size_t k;
- t = realloc(buf, n + 1);
- if (!t)
- return -ENOMEM;
+ if (flags & READ_FULL_FILE_SECURE) {
+ t = malloc(n_next + 1);
+ if (!t) {
+ r = -ENOMEM;
+ goto finalize;
+ }
+ memcpy_safe(t, buf, n);
+ explicit_bzero_safe(buf, n);
+ } else {
+ t = realloc(buf, n_next + 1);
+ if (!t)
+ return -ENOMEM;
+ }
buf = t;
+ n = n_next;
+
errno = 0;
k = fread(buf + l, 1, n - l, f);
if (k > 0)
l += k;
- if (ferror(f))
- return errno > 0 ? -errno : -EIO;
+ if (ferror(f)) {
+ r = errno > 0 ? -errno : -EIO;
+ goto finalize;
+ }
if (feof(f))
break;
@@ -446,10 +462,12 @@ int read_full_stream(
assert(l == n);
/* Safety check */
- if (n >= READ_FULL_BYTES_MAX)
- return -E2BIG;
+ if (n >= READ_FULL_BYTES_MAX) {
+ r = -E2BIG;
+ goto finalize;
+ }
- n = MIN(n * 2, READ_FULL_BYTES_MAX);
+ n_next = MIN(n * 2, READ_FULL_BYTES_MAX);
}
if (!ret_size) {
@@ -457,8 +475,10 @@ int read_full_stream(
* trailing NUL byte. But if there's an embedded NUL byte, then we should refuse operation as otherwise
* there'd be ambiguity about what we just read. */
- if (memchr(buf, 0, l))
- return -EBADMSG;
+ if (memchr(buf, 0, l)) {
+ r = -EBADMSG;
+ goto finalize;
+ }
}
buf[l] = 0;
@@ -468,21 +488,27 @@ int read_full_stream(
*ret_size = l;
return 0;
+
+finalize:
+ if (flags & READ_FULL_FILE_SECURE)
+ explicit_bzero_safe(buf, n);
+
+ return r;
}
-int read_full_file(const char *fn, char **contents, size_t *size) {
+int read_full_file_full(const char *filename, ReadFullFileFlags flags, char **contents, size_t *size) {
_cleanup_fclose_ FILE *f = NULL;
- assert(fn);
+ assert(filename);
assert(contents);
- f = fopen(fn, "re");
+ f = fopen(filename, "re");
if (!f)
return -errno;
(void) __fsetlocking(f, FSETLOCKING_BYCALLER);
- return read_full_stream(f, contents, size);
+ return read_full_stream_full(f, flags, contents, size);
}
static int parse_env_file_internal(
diff --git a/src/basic/fileio.h b/src/basic/fileio.h
index c6ad375b8d..06649ef7e6 100644
--- a/src/basic/fileio.h
+++ b/src/basic/fileio.h
@@ -24,6 +24,10 @@ typedef enum {
} WriteStringFileFlags;
+typedef enum {
+ READ_FULL_FILE_SECURE = 1 << 0,
+} ReadFullFileFlags;
+
int write_string_stream_ts(FILE *f, const char *line, WriteStringFileFlags flags, struct timespec *ts);
static inline int write_string_stream(FILE *f, const char *line, WriteStringFileFlags flags) {
return write_string_stream_ts(f, line, flags, NULL);
@@ -35,9 +39,15 @@ static inline int write_string_file(const char *fn, const char *line, WriteStrin
int write_string_filef(const char *fn, WriteStringFileFlags flags, const char *format, ...) _printf_(3, 4);
-int read_one_line_file(const char *fn, char **line);
-int read_full_file(const char *fn, char **contents, size_t *size);
-int read_full_stream(FILE *f, char **contents, size_t *size);
+int read_one_line_file(const char *filename, char **line);
+int read_full_file_full(const char *filename, ReadFullFileFlags flags, char **contents, size_t *size);
+static inline int read_full_file(const char *filename, char **contents, size_t *size) {
+ return read_full_file_full(filename, 0, contents, size);
+}
+int read_full_stream_full(FILE *f, ReadFullFileFlags flags, char **contents, size_t *size);
+static inline int read_full_stream(FILE *f, char **contents, size_t *size) {
+ return read_full_stream_full(f, 0, contents, size);
+}
int read_full_virtual_file(const char *filename, char **ret_contents, size_t *ret_size);
int verify_file(const char *fn, const char *blob, bool accept_extra_nl);
--
2.39.1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手
