Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits 9ba7144
Factorize the matching of globs and regexp
Baptiste Daroussin committed 5 years ago
commit 9ba7144fd92e65d327323334329d7ccd8cc18eb2
parent b5e8079
4 files changed +42 -66
modified libpkg/pkg_audit.c
@@ -37,7 +37,6 @@
#include <string.h>

#include <utlist.h>

#include <xstring.h>
- 
#include <regex.h>



#include <yxml.h>
@@ -733,43 +732,6 @@ pkg_audit_add_entry(struct pkg_audit_entry *e, struct pkg_audit_issues **ai)
}



bool
- 
ignore_package(const char *name)
- 
{
- 
	const ucl_object_t *globs, *regexes, *cur;
- 
	ucl_object_iter_t it;
-
- 
	globs = pkg_config_get("AUDIT_IGNORE_GLOB");
- 
	regexes = pkg_config_get("AUDIT_IGNORE_REGEX");
-
- 
	if (globs == NULL && regexes == NULL)
- 
		return (false);
-
- 
	if (globs != NULL) {
- 
		it = NULL;
- 
		while ((cur = ucl_iterate_object(globs, &it, true))) {
- 
			if (fnmatch(ucl_object_tostring(cur), name, 0) == 0)
- 
				return (true);
- 
		}
- 
	}
-
- 
	if (regexes != NULL) {
- 
		it = NULL;
- 
		while ((cur = ucl_iterate_object(regexes, &it, true))) {
- 
			regex_t re;
- 
			regcomp(&re, ucl_object_tostring(cur),
- 
			   REG_EXTENDED|REG_NOSUB);
- 
			if (regexec(&re, name, 0, NULL, 0) == 0) {
- 
				regfree(&re);
- 
				return (true);
- 
			}
- 
			regfree(&re);
- 
		}
- 
	}
-
- 
	return (false);
- 
}
-
- 
bool

pkg_audit_is_vulnerable(struct pkg_audit *audit, struct pkg *pkg,

    struct pkg_audit_issues **ai, bool stop_quick)

{
@@ -782,7 +744,9 @@ pkg_audit_is_vulnerable(struct pkg_audit *audit, struct pkg *pkg,
		return false;



	/* check if we decided to ignore that package or not */
- 
	if (ignore_package(pkg->name))
+ 
	if (match_ucl_lists(pkg->name,
+ 
	    pkg_config_get("AUDIT_IGNORE_GLOB"),
+ 
	    pkg_config_get("AUDIT_IGNORE_REGEX")))

		return (false);



	a = audit->items;
modified libpkg/private/utils.h
@@ -102,5 +102,6 @@ bool string_end_with(const char *path, const char *str);
bool mkdirat_p(int fd, const char *path);

int get_socketpair(int *);

int checkflags(const char *mode, int *optr);
+ 
bool match_ucl_lists(const char *buffer, const ucl_object_t *globs, const ucl_object_t *regexes);



#endif
modified libpkg/triggers.c
@@ -37,9 +37,7 @@
#include <err.h>

#include <errno.h>

#include <fcntl.h>
- 
#include <fnmatch.h>

#include <paths.h>
- 
#include <regex.h>

#include <spawn.h>



#include <private/pkg.h>
@@ -447,30 +445,8 @@ trigger_check_match(struct trigger *t, char *dir)
		}

	}
- 
	if (t->path_glob != NULL) {
- 
		it = NULL;
- 
		while ((cur = ucl_iterate_object(t->path_glob, &it, true))) {
- 
			if (fnmatch(ucl_object_tostring(cur), dir, 0) == 0) {
- 
				kh_safe_add(strings, t->matched, dir, dir);
- 
				return;
- 
			}
- 
		}
- 
	}
-
- 
	if (t->path_regex != NULL) {
- 
		it = NULL;
- 
		while ((cur = ucl_iterate_object(t->path_regex, &it, true))) {
- 
			regex_t re;
- 
			regcomp(&re, ucl_object_tostring(cur),
- 
			   REG_EXTENDED|REG_NOSUB);
- 
			if (regexec(&re, dir, 0, NULL, 0) == 0) {
- 
				kh_safe_add(strings, t->matched, dir, dir);
- 
				regfree(&re);
- 
				return;
- 
			}
- 
			regfree(&re);
- 
		}
- 
	}
+ 
	if (match_ucl_lists(dir, t->path_glob, t->path_regex))
+ 
		kh_safe_add(strings, t->matched, dir, dir);

}



/*
modified libpkg/utils.c
@@ -1,5 +1,5 @@
/*-
- 
 * Copyright (c) 2011-2016 Baptiste Daroussin <bapt@FreeBSD.org>
+ 
 * Copyright (c) 2011-2020 Baptiste Daroussin <bapt@FreeBSD.org>

 * Copyright (c) 2011-2012 Julien Laffaye <jlaffaye@FreeBSD.org>

 * Copyright (c) 2013 Vsevolod Stakhov <vsevolod@FreeBSD.org>

 * All rights reserved.
@@ -46,6 +46,7 @@
#include <paths.h>

#include <float.h>

#include <math.h>
+ 
#include <regex.h>



#include <bsd_compat.h>
@@ -57,6 +58,40 @@


extern struct pkg_ctx ctx;
+ 
bool
+ 
match_ucl_lists(const char *buf, const ucl_object_t *globs, const ucl_object_t *regexes)
+ 
{
+ 
	const ucl_object_t *cur;
+ 
	ucl_object_iter_t it;
+
+ 
	if (globs == NULL && regexes == NULL)
+ 
		return (false);
+
+ 
	if (globs != NULL) {
+ 
		it = NULL;
+ 
		while ((cur = ucl_iterate_object(globs, &it, true))) {
+ 
			if (fnmatch(ucl_object_tostring(cur), buf, 0) == 0)
+ 
				return (true);
+ 
		}
+ 
	}
+
+ 
	if (regexes != NULL) {
+ 
		it = NULL;
+ 
		while ((cur = ucl_iterate_object(regexes, &it, true))) {
+ 
			regex_t re;
+ 
			regcomp(&re, ucl_object_tostring(cur),
+ 
			   REG_EXTENDED|REG_NOSUB);
+ 
			if (regexec(&re, buf, 0, NULL, 0) == 0) {
+ 
				regfree(&re);
+ 
				return (true);
+ 
			}
+ 
			regfree(&re);
+ 
		}
+ 
	}
+
+ 
	return (false);
+ 
}
+ 


int

mkdirs(const char *_path)

{