santa-driver: Deny execs with names over MAXPATHLEN with appropriate …

…errno (#231)
google · Jan 24, 2018 · 1031374 · 1031374
1 parent 8e57e37
commit 1031374
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/Source/common/SNTKernelCommon.h b/Source/common/SNTKernelCommon.h
@@ -63,6 +63,7 @@ typedef enum {
   // RESPONSES
   ACTION_RESPOND_ALLOW = 20,
   ACTION_RESPOND_DENY = 21,
+  ACTION_RESPOND_TOOLONG = 22,
 
   // NOTIFY
   ACTION_NOTIFY_EXEC = 30,

diff --git a/Source/santa-driver/SantaDecisionManager.cc b/Source/santa-driver/SantaDecisionManager.cc
@@ -366,8 +366,10 @@ santa_action_t SantaDecisionManager::FetchDecision(
   // Get path
   char path[MAXPATHLEN];
   int name_len = MAXPATHLEN;
-  if (vn_getpath(vp, path, &name_len) != 0) {
-    path[0] = '\0';
+  path[MAXPATHLEN - 1] = 0;
+
+  if (vn_getpath(vp, path, &name_len) == ENOSPC) {
+    return ACTION_RESPOND_TOOLONG;
   }
 
   auto message = NewMessage(cred);
@@ -463,6 +465,9 @@ int SantaDecisionManager::VnodeCallback(const kauth_cred_t cred,
     case ACTION_RESPOND_DENY:
       *errno = EPERM;
       return KAUTH_RESULT_DENY;
+    case ACTION_RESPOND_TOOLONG:
+      *errno = ENAMETOOLONG;
+      return KAUTH_RESULT_DENY;
     default:
       // NOTE: Any unknown response or error condition causes us to fail open.
       // Whilst from a security perspective this is bad, it's important that