X-Git-Url: https://git.lttng.org/?p=lttng-tools.git;a=blobdiff_plain;f=src%2Fbin%2Flttng-sessiond%2Fcmd.c;h=96f7433a6345fd90b1f608a272785fe3fc341578;hp=9a832b4558679f1a3586d578a9eca9a8b3e8980b;hb=43ed148559609eba941bb3dffa35bff67341e64d;hpb=ff588497b3dfc3138c9ce005e9270ed5568c05df diff --git a/src/bin/lttng-sessiond/cmd.c b/src/bin/lttng-sessiond/cmd.c index 9a832b455..96f7433a6 100644 --- a/src/bin/lttng-sessiond/cmd.c +++ b/src/bin/lttng-sessiond/cmd.c @@ -488,8 +488,14 @@ static int list_lttng_agent_events(struct agent *agt, .loglevel_type = agent_event->loglevel_type, }; - strncpy(event.name, agent_event->name, sizeof(event.name)); - event.name[sizeof(event.name) - 1] = '\0'; + ret = lttng_strncpy(event.name, agent_event->name, sizeof(event.name)); + if (ret) { + /* Internal error, invalid name. */ + ERR("Invalid event name while listing agent events: '%s' exceeds the maximal allowed length of %zu bytes", + agent_event->name, sizeof(event.name)); + ret = -LTTNG_ERR_UNK; + goto end; + } ret = lttng_dynamic_buffer_append( &payload->buffer, &event, sizeof(event)); @@ -556,8 +562,14 @@ static int list_lttng_ust_global_events(char *channel_name, continue; } - strncpy(event.name, uevent->attr.name, sizeof(event.name)); - event.name[sizeof(event.name) - 1] = '\0'; + ret = lttng_strncpy(event.name, uevent->attr.name, sizeof(event.name)); + if (ret) { + /* Internal error, invalid name. */ + ERR("Invalid event name while listing user space tracer events: '%s' exceeds the maximal allowed length of %zu bytes", + uevent->attr.name, sizeof(event.name)); + ret = -LTTNG_ERR_UNK; + goto end; + } event.enabled = uevent->enabled; @@ -647,8 +659,16 @@ static int list_lttng_kernel_events(char *channel_name, cds_list_for_each_entry(kevent, &kchan->events_list.head , list) { struct lttng_event event = {}; - strncpy(event.name, kevent->event->name, sizeof(event.name)); - event.name[sizeof(event.name) - 1] = '\0'; + ret = lttng_strncpy(event.name, kevent->event->name, sizeof(event.name)); + if (ret) { + /* Internal error, invalid name. */ + ERR("Invalid event name while listing kernel events: '%s' exceeds the maximal allowed length of %zu bytes", + kevent->event->name, + sizeof(event.name)); + ret = -LTTNG_ERR_UNK; + goto end; + } + event.enabled = kevent->enabled; event.filter = (unsigned char) !!kevent->filter_expression; @@ -3107,10 +3127,22 @@ enum lttng_error_code cmd_create_session(struct command_ctx *cmd_ctx, int sock, &payload, 0, cmd_ctx->lsm.u.create_session.home_dir_size); + if (cmd_ctx->lsm.u.create_session.home_dir_size > 0 && + !lttng_buffer_view_is_valid(&home_dir_view)) { + ERR("Invalid payload in \"create session\" command: buffer too short to contain home directory"); + ret_code = LTTNG_ERR_INVALID_PROTOCOL; + goto error; + } + session_descriptor_view = lttng_buffer_view_from_dynamic_buffer( &payload, cmd_ctx->lsm.u.create_session.home_dir_size, cmd_ctx->lsm.u.create_session.session_descriptor_size); + if (!lttng_buffer_view_is_valid(&session_descriptor_view)) { + ERR("Invalid payload in \"create session\" command: buffer too short to contain session descriptor"); + ret_code = LTTNG_ERR_INVALID_PROTOCOL; + goto error; + } ret = lttng_session_descriptor_create_from_buffer( &session_descriptor_view, &session_descriptor); @@ -4257,7 +4289,8 @@ end: } int cmd_register_trigger(struct command_ctx *cmd_ctx, int sock, - struct notification_thread_handle *notification_thread) + struct notification_thread_handle *notification_thread, + struct lttng_trigger **return_trigger) { int ret; size_t trigger_len; @@ -4282,8 +4315,7 @@ int cmd_register_trigger(struct command_ctx *cmd_ctx, int sock, sock, trigger_payload.buffer.data, trigger_len); if (sock_recv_len < 0 || sock_recv_len != trigger_len) { ERR("Failed to receive \"register trigger\" command payload"); - /* TODO: should this be a new error enum ? */ - ret = LTTNG_ERR_INVALID_TRIGGER; + ret = LTTNG_ERR_INVALID_PROTOCOL; goto end; } @@ -4314,12 +4346,50 @@ int cmd_register_trigger(struct command_ctx *cmd_ctx, int sock, } } - /* Set the trigger credential */ - lttng_trigger_set_credentials(trigger, &cmd_creds); + /* + * Validate the trigger credentials against the command credentials. + * Only the root user can register a trigger with non-matching + * credentials. + */ + if (!lttng_credentials_is_equal_uid( + lttng_trigger_get_credentials(trigger), + &cmd_creds)) { + if (lttng_credentials_get_uid(&cmd_creds) != 0) { + ERR("Trigger credentials do not match the command credentials"); + ret = LTTNG_ERR_INVALID_TRIGGER; + goto end; + } + } - /* Inform the notification thread */ + /* + * The bytecode generation also serves as a validation step for the + * bytecode expressions. + */ + ret = lttng_trigger_generate_bytecode(trigger, &cmd_creds); + if (ret != LTTNG_OK) { + goto end; + } + + /* + * A reference to the trigger is acquired by the notification thread. + * It is safe to return the same trigger to the caller since it the + * other user holds a reference. + * + * The trigger is modified during the execution of the + * "register trigger" command. However, by the time the command returns, + * it is safe to use without any locking as its properties are + * immutable. + */ ret = notification_thread_command_register_trigger(notification_thread, trigger); + if (ret != LTTNG_OK) { + goto end_notification_thread; + } + + /* Return an updated trigger to the client. */ + *return_trigger = trigger; + +end_notification_thread: /* Ownership of trigger was transferred. */ trigger = NULL; end: @@ -4385,7 +4455,20 @@ int cmd_unregister_trigger(struct command_ctx *cmd_ctx, int sock, } } - lttng_trigger_set_credentials(trigger, &cmd_creds); + /* + * Validate the trigger credentials against the command credentials. + * Only the root user can unregister a trigger with non-matching + * credentials. + */ + if (!lttng_credentials_is_equal_uid( + lttng_trigger_get_credentials(trigger), + &cmd_creds)) { + if (lttng_credentials_get_uid(&cmd_creds) != 0) { + ERR("Trigger credentials do not match the command credentials"); + ret = LTTNG_ERR_INVALID_TRIGGER; + goto end; + } + } ret = notification_thread_command_unregister_trigger(notification_thread, trigger); @@ -4395,6 +4478,29 @@ end: return ret; } +int cmd_list_triggers(struct command_ctx *cmd_ctx, + struct notification_thread_handle *notification_thread, + struct lttng_triggers **return_triggers) +{ + int ret = 0; + enum lttng_error_code ret_code; + struct lttng_triggers *triggers = NULL; + + /* Get the set of triggers from the notification thread. */ + ret_code = notification_thread_command_list_triggers( + notification_thread, cmd_ctx->creds.uid, &triggers); + if (ret_code != LTTNG_OK) { + ret = ret_code; + goto end; + } + + *return_triggers = triggers; + triggers = NULL; + ret = LTTNG_OK; +end: + lttng_triggers_destroy(triggers); + return ret; +} /* * Send relayd sockets from snapshot output to consumer. Ignore request if the * snapshot output is *not* set with a remote destination.