19979552133

Committed 05 Dec 2025 05:29PM UTC coverage: 72.765% (-0.2%) from 72.917%

Build # 19979552133

Build Type

push

github

Committed by

yuwata

Commit Message

udev-rules: use the right variable

We carefully prepare a copy of a local buffer to save in device cache
and then save the buffer there instead... This leads to abort in free()
on exit (also, copied is leaked).

Reproducer:
 # udevadm test /sys/block/sr0

Follow-up-for: a9559ebcb

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2406118

Run Details

0 of 1 new or added line in 1 file covered. (0.0%)

1564 existing lines in 65 files now uncovered.

309707 of 425625 relevant lines covered (72.77%)

1149816.14 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/integritysetup/integritysetup-generator.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <stdlib.h>

#include "alloc-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "fstab-util.h"
#include "generator.h"
#include "integrity-util.h"
#include "log.h"
#include "path-util.h"
#include "specifier.h"
#include "string-util.h"
#include "unit-name.h"

static const char *arg_dest = NULL;
static const char *arg_integritytab = NULL;
static char *arg_options = NULL;
STATIC_DESTRUCTOR_REGISTER(arg_options, freep);

static int create_disk(
                const char *name,
                const char *device,
                const char *key_file,
                const char *options) {

        _cleanup_free_ char *n = NULL, *dd = NULL, *e = NULL, *name_escaped = NULL, *key_file_escaped = NULL;
        _cleanup_fclose_ FILE *f = NULL;
        char *dmname = NULL;
        bool noauto, nofail, netdev;
        int r;

        assert(name);
        assert(device);

        noauto = fstab_test_yes_no_option(options, "noauto\0" "auto\0");
        nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0");
        netdev = fstab_test_option(options, "_netdev\0");

        name_escaped = specifier_escape(name);
        if (!name_escaped)
                return log_oom();

        e = unit_name_escape(name);
        if (!e)
                return log_oom();

        r = unit_name_build("systemd-integritysetup", e, ".service", &n);
        if (r < 0)
                return log_error_errno(r, "Failed to generate unit name: %m");

        r = unit_name_from_path(device, ".device", &dd);
        if (r < 0)
                return log_error_errno(r, "Failed to generate unit name: %m");

        r = generator_open_unit_file(arg_dest, NULL, n, &f);
        if (r < 0)
                return r;

        if (key_file) {
                if (!path_is_absolute(key_file))
                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "key file not absolute file path %s", key_file);

                key_file_escaped = specifier_escape(key_file);
                if (!key_file_escaped)
                        return log_oom();
        }

        if (options) {
                r = parse_integrity_options(options, NULL, NULL, NULL, NULL, NULL);
                if (r < 0)
                        return r;
        }

        fprintf(f,
                "[Unit]\n"
                "Description=Integrity Setup for %%I\n"
                "Documentation=man:integritytab(5) man:systemd-integritysetup-generator(8) man:systemd-integritysetup@.service(8)\n"
                "SourcePath=%s\n"
                "DefaultDependencies=no\n"
                "IgnoreOnIsolate=true\n"
                "After=integritysetup-pre.target systemd-udevd-kernel.socket\n"
                "Before=blockdev@dev-mapper-%%i.target\n"
                "Wants=blockdev@dev-mapper-%%i.target\n"
                "Conflicts=umount.target\n"
                "BindsTo=%s\n"
                "After=%s\n"
                "Before=umount.target\n",
                arg_integritytab,
                dd, dd);

        if (netdev)
                fprintf(f, "After=remote-fs-pre.target\n");

        if (!nofail)
                fprintf(f,
                        "Before=%s\n",
                        netdev ? "remote-integritysetup.target" : "integritysetup.target");

        fprintf(f,
                "\n"
                "[Service]\n"
                "Type=oneshot\n"
                "RemainAfterExit=yes\n"
                "TimeoutSec=infinity\n"
                "ExecStart=" LIBEXECDIR "/systemd-integritysetup attach '%s' '%s' '%s' '%s'\n"
                "ExecStop=" LIBEXECDIR "/systemd-integritysetup detach '%s'\n",
                name_escaped, device, empty_to_dash(key_file_escaped), empty_to_dash(options),
                name_escaped);

        r = fflush_and_check(f);
        if (r < 0)
                return log_error_errno(r, "Failed to write unit file %s: %m", n);

        if (!noauto) {
                r = generator_add_symlink(
                                arg_dest,
                                netdev ? "remote-integritysetup.target" : "integritysetup.target",
                                nofail ? "wants" : "requires",
                                n);
                if (r < 0)
                        return r;
        }

        dmname = strjoina("dev-mapper-", e, ".device");
        return generator_add_symlink(arg_dest, dmname, "requires", n);
}

static int add_integritytab_devices(void) {
        _cleanup_fclose_ FILE *f = NULL;
        unsigned integritytab_line = 0;
        int r;

        r = fopen_unlocked(arg_integritytab, "re", &f);
        if (r < 0) {
                if (errno != ENOENT)
                        log_error_errno(errno, "Failed to open %s: %m", arg_integritytab);
                return 0;
        }

        for (;;) {
                _cleanup_free_ char *line = NULL, *name = NULL, *device_id = NULL, *device_path = NULL, *key_file = NULL, *options = NULL;

                r = read_stripped_line(f, LONG_LINE_MAX, &line);
                if (r < 0)
                        return log_error_errno(r, "Failed to read %s: %m", arg_integritytab);
                if (r == 0)
                        break;

                integritytab_line++;

                if (IN_SET(line[0], 0, '#'))
                        continue;

                /* The key file and the options are optional */
                r = sscanf(line, "%ms %ms %ms %ms", &name, &device_id, &key_file, &options);
                if (!IN_SET(r, 2, 3, 4)) {
                        log_error("Failed to parse %s:%u, ignoring.", arg_integritytab, integritytab_line);
                        continue;
                }

                device_path = fstab_node_to_udev_node(device_id);
                if (!device_path) {
                        log_error("Failed to find device %s:%u, ignoring.", device_id, integritytab_line);
                        continue;
                }

                r = create_disk(name, device_path, empty_or_dash_to_null(key_file), empty_or_dash_to_null(options));
                if (r < 0)
                        return r;
        }

        return 0;
}

static int run(const char *dest, const char *dest_early, const char *dest_late) {
        assert_se(arg_dest = dest);

        arg_integritytab = getenv("SYSTEMD_INTEGRITYTAB") ?: "/etc/integritytab";

        return add_integritytab_devices();
}

DEFINE_MAIN_GENERATOR_FUNCTION(run);

1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3	#include <stdlib.h>
4
5	#include "alloc-util.h"
6	#include "fd-util.h"
7	#include "fileio.h"
8	#include "fstab-util.h"
9	#include "generator.h"
10	#include "integrity-util.h"
11	#include "log.h"
12	#include "path-util.h"
13	#include "specifier.h"
14	#include "string-util.h"
15	#include "unit-name.h"
16
17	static const char *arg_dest = NULL;
18	static const char *arg_integritytab = NULL;
19	static char *arg_options = NULL;
UNCOV 20	STATIC_DESTRUCTOR_REGISTER(arg_options, freep);	×
21
22	static int create_disk(	×
23	const char *name,
24	const char *device,
25	const char *key_file,
26	const char *options) {
27
28	_cleanup_free_ char n = NULL, dd = NULL, e = NULL, name_escaped = NULL, *key_file_escaped = NULL;	×
29	_cleanup_fclose_ FILE *f = NULL;	×
30	char *dmname = NULL;	×
31	bool noauto, nofail, netdev;	×
32	int r;	×
33
34	assert(name);	×
35	assert(device);	×
36
37	noauto = fstab_test_yes_no_option(options, "noauto\0" "auto\0");	×
38	nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0");	×
39	netdev = fstab_test_option(options, "_netdev\0");	×
40
41	name_escaped = specifier_escape(name);	×
42	if (!name_escaped)	×
43	return log_oom();	×
44
45	e = unit_name_escape(name);	×
46	if (!e)	×
47	return log_oom();	×
48
49	r = unit_name_build("systemd-integritysetup", e, ".service", &n);	×
50	if (r < 0)	×
51	return log_error_errno(r, "Failed to generate unit name: %m");	×
52
53	r = unit_name_from_path(device, ".device", &dd);	×
54	if (r < 0)	×
55	return log_error_errno(r, "Failed to generate unit name: %m");	×
56
57	r = generator_open_unit_file(arg_dest, NULL, n, &f);	×
58	if (r < 0)	×
59	return r;
60
61	if (key_file) {	×
62	if (!path_is_absolute(key_file))	×
63	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "key file not absolute file path %s", key_file);	×
64
65	key_file_escaped = specifier_escape(key_file);	×
66	if (!key_file_escaped)	×
67	return log_oom();	×
68	}
69
70	if (options) {	×
71	r = parse_integrity_options(options, NULL, NULL, NULL, NULL, NULL);	×
72	if (r < 0)	×
73	return r;
74	}
75
76	fprintf(f,	×
77	"[Unit]\n"
78	"Description=Integrity Setup for %%I\n"
79	"Documentation=man:integritytab(5) man:systemd-integritysetup-generator(8) man:systemd-integritysetup@.service(8)\n"
80	"SourcePath=%s\n"
81	"DefaultDependencies=no\n"
82	"IgnoreOnIsolate=true\n"
83	"After=integritysetup-pre.target systemd-udevd-kernel.socket\n"
84	"Before=blockdev@dev-mapper-%%i.target\n"
85	"Wants=blockdev@dev-mapper-%%i.target\n"
86	"Conflicts=umount.target\n"
87	"BindsTo=%s\n"
88	"After=%s\n"
89	"Before=umount.target\n",
90	arg_integritytab,
91	dd, dd);
92
93	if (netdev)	×
94	fprintf(f, "After=remote-fs-pre.target\n");	×
95
96	if (!nofail)	×
97	fprintf(f,	×
98	"Before=%s\n",
99	netdev ? "remote-integritysetup.target" : "integritysetup.target");
100
101	fprintf(f,	×
102	"\n"
103	"[Service]\n"
104	"Type=oneshot\n"
105	"RemainAfterExit=yes\n"
106	"TimeoutSec=infinity\n"
107	"ExecStart=" LIBEXECDIR "/systemd-integritysetup attach '%s' '%s' '%s' '%s'\n"
108	"ExecStop=" LIBEXECDIR "/systemd-integritysetup detach '%s'\n",
109	name_escaped, device, empty_to_dash(key_file_escaped), empty_to_dash(options),
110	name_escaped);
111
112	r = fflush_and_check(f);	×
113	if (r < 0)	×
114	return log_error_errno(r, "Failed to write unit file %s: %m", n);	×
115
116	if (!noauto) {	×
117	r = generator_add_symlink(	×
118	arg_dest,
119	netdev ? "remote-integritysetup.target" : "integritysetup.target",
120	nofail ? "wants" : "requires",
121	n);
122	if (r < 0)	×
123	return r;
124	}
125
126	dmname = strjoina("dev-mapper-", e, ".device");	×
127	return generator_add_symlink(arg_dest, dmname, "requires", n);	×
128	}
129
UNCOV 130	static int add_integritytab_devices(void) {	×
UNCOV 131	_cleanup_fclose_ FILE *f = NULL;	×
UNCOV 132	unsigned integritytab_line = 0;	×
UNCOV 133	int r;	×
134
UNCOV 135	r = fopen_unlocked(arg_integritytab, "re", &f);	×
UNCOV 136	if (r < 0) {	×
UNCOV 137	if (errno != ENOENT)	×
138	log_error_errno(errno, "Failed to open %s: %m", arg_integritytab);	×
UNCOV 139	return 0;	×
140	}
141
142	for (;;) {	×
143	_cleanup_free_ char line = NULL, name = NULL, device_id = NULL, device_path = NULL, key_file = NULL, options = NULL;	×
144
145	r = read_stripped_line(f, LONG_LINE_MAX, &line);	×
146	if (r < 0)	×
147	return log_error_errno(r, "Failed to read %s: %m", arg_integritytab);	×
148	if (r == 0)	×
149	break;
150
151	integritytab_line++;	×
152
153	if (IN_SET(line[0], 0, '#'))	×
154	continue;	×
155
156	/* The key file and the options are optional */
157	r = sscanf(line, "%ms %ms %ms %ms", &name, &device_id, &key_file, &options);	×
158	if (!IN_SET(r, 2, 3, 4)) {	×
159	log_error("Failed to parse %s:%u, ignoring.", arg_integritytab, integritytab_line);	×
160	continue;	×
161	}
162
163	device_path = fstab_node_to_udev_node(device_id);	×
164	if (!device_path) {	×
165	log_error("Failed to find device %s:%u, ignoring.", device_id, integritytab_line);	×
166	continue;	×
167	}
168
169	r = create_disk(name, device_path, empty_or_dash_to_null(key_file), empty_or_dash_to_null(options));	×
170	if (r < 0)	×
171	return r;
172	}
173
174	return 0;	×
175	}
176
UNCOV 177	static int run(const char dest, const char dest_early, const char *dest_late) {	×
UNCOV 178	assert_se(arg_dest = dest);	×
179
UNCOV 180	arg_integritytab = getenv("SYSTEMD_INTEGRITYTAB") ?: "/etc/integritytab";	×
181
UNCOV 182	return add_integritytab_devices();	×
183	}
184
UNCOV 185	DEFINE_MAIN_GENERATOR_FUNCTION(run);	×

systemd / systemd / 19979552133

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous