From aba885c4a2499776b0a57966ea5e7b1f3a0f6996 Mon Sep 17 00:00:00 2001 From: Frederick Akalin Date: Sun, 24 Aug 2014 16:55:11 -0700 Subject: [PATCH 1/5] Fix use-after-frees in unix_platform.hpp --- backend/src/unix_platform.hpp | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/backend/src/unix_platform.hpp b/backend/src/unix_platform.hpp index e2e060e..efc2ed2 100644 --- a/backend/src/unix_platform.hpp +++ b/backend/src/unix_platform.hpp @@ -61,7 +61,9 @@ class UnixPlatform : public AbstractPlatform int err; struct stat file_stat; - err = stat(this->path().c_str(), &file_stat); + const string &path = this->path(); + + err = stat(path.c_str(), &file_stat); if (err == -1) throw runtime_error("stat() failed"); @@ -75,10 +77,10 @@ class UnixPlatform : public AbstractPlatform int err; int fd; - const char *path = this->path().c_str(); + const string &path = this->path(); // Open the file. - fd = open(path, O_RDONLY, 0); + fd = open(path.c_str(), O_RDONLY, 0); if (fd < 0) throw runtime_error(str(boost::format("fix_permissions: open() failed: %d.") % errno)); From 0210957b7b406fce42a093dde0f5318ae3e3df5d Mon Sep 17 00:00:00 2001 From: Frederick Akalin Date: Sun, 24 Aug 2014 16:55:50 -0700 Subject: [PATCH 2/5] Fix use-after-free in osx_platform.cpp --- backend/src/osx_platform.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/osx_platform.cpp b/backend/src/osx_platform.cpp index 2bce65e..5279e2d 100644 --- a/backend/src/osx_platform.cpp +++ b/backend/src/osx_platform.cpp @@ -39,7 +39,7 @@ bool OSXPlatform::run_privileged() OSStatus err; AuthorizationFlags flags; - const char *path = this->path().c_str(); + const string &path = this->path(); flags = kAuthorizationFlagExtendRights | kAuthorizationFlagInteractionAllowed; @@ -49,7 +49,7 @@ bool OSXPlatform::run_privileged() char *args[] = { (char *) "--fix-permissions", NULL }; - err = AuthorizationExecuteWithPrivileges(auth, path, kAuthorizationFlagDefaults, args, NULL); + err = AuthorizationExecuteWithPrivileges(auth, path.c_str(), kAuthorizationFlagDefaults, args, NULL); AuthorizationFree(auth, kAuthorizationFlagDefaults); if (err == errAuthorizationCanceled) return false; From 298a8b150c995135722d8e30c278580d8e1b8d99 Mon Sep 17 00:00:00 2001 From: Frederick Akalin Date: Sun, 24 Aug 2014 16:56:25 -0700 Subject: [PATCH 3/5] Fix bug in UnixPlatform::path() It wasn't using the result of the call to realpath(). --- backend/src/unix_platform.hpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/unix_platform.hpp b/backend/src/unix_platform.hpp index efc2ed2..817f926 100644 --- a/backend/src/unix_platform.hpp +++ b/backend/src/unix_platform.hpp @@ -111,7 +111,7 @@ class UnixPlatform : public AbstractPlatform char path[PATH_MAX]; if (!realpath(m_path.c_str(), path)) throw runtime_error(str(boost::format("realpath() failed: %d\n") % errno)); - return m_path; + return string(path); } private: From 8114db17347d144c207d87d7af9c54376d48e5ad Mon Sep 17 00:00:00 2001 From: Frederick Akalin Date: Sun, 24 Aug 2014 16:56:58 -0700 Subject: [PATCH 4/5] Fix signature of WindowsPlatform constructor --- backend/src/windows_platform.cpp | 2 +- backend/src/windows_platform.hpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/windows_platform.cpp b/backend/src/windows_platform.cpp index ba6e97e..37260a7 100644 --- a/backend/src/windows_platform.cpp +++ b/backend/src/windows_platform.cpp @@ -27,7 +27,7 @@ #include "pcap.h" using namespace std; -WindowsPlatform::WindowsPlatform(vector) +WindowsPlatform::WindowsPlatform(string) { // FIXME } diff --git a/backend/src/windows_platform.hpp b/backend/src/windows_platform.hpp index 8fda1b8..bbf2b57 100644 --- a/backend/src/windows_platform.hpp +++ b/backend/src/windows_platform.hpp @@ -34,7 +34,7 @@ using namespace std; class WindowsPlatform : public AbstractPlatform { public: - WindowsPlatform(vector); + WindowsPlatform(string); bool is_root(); bool check_permissions(); void fix_permissions(); From 58218d582cd2b7af3ef29bcbcc9775a300c16304 Mon Sep 17 00:00:00 2001 From: Frederick Akalin Date: Sun, 24 Aug 2014 16:57:43 -0700 Subject: [PATCH 5/5] Remove instances of weird string(ptr).c_str() pattern --- backend/src/main.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/main.cpp b/backend/src/main.cpp index 989e88a..b2128d0 100644 --- a/backend/src/main.cpp +++ b/backend/src/main.cpp @@ -63,8 +63,8 @@ int main(int argc, const char *argv[]) string filter(argv[2]); if (argc > 4) { - freopen(string(argv[3]).c_str(), "w", stdout); - freopen(string(argv[4]).c_str(), "w", stderr); + freopen(argv[3], "w", stdout); + freopen(argv[4], "w", stderr); // rw-rw-rw- mode_t mode = S_IFREG |