A problematic combination of malloc and getCharacters.

  • Hi

    The method performChange would run a script which would modify a plist.

    When the control reaches line 12 I get this message "/: /: is a directory" in the run log and when I check in the debugger I find that plistScript and garage have "/" as the value. So I know where the problem is but dont' know what's causing it or what the solution is.

    There is no problem with the authorization or with the paths copyPlistScript_ (/tmp/script) or garage_ (/tmp/garage)

    I assume that the memory allocation in line 4 and line 6 would give the same result.

    Can someone guide me?

    1 - (BOOL)performChange  {
    2  char **plistArgs = (char **) malloc(3 *sizeof(char*));
    3  NSString *shell = @"/bin/sh";

    4  char *plistScript = (char *) malloc([copyPlistScript_ length]*sizeof(unichar));
    5  [copyPlistScript_ getCharacters:(unichar *) plistScript];

    6  char *garage = (char *) malloc([garage_ lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]);
    7  [garage_ getCharacters:(unichar *) garage];

    8  plistArgs[0] = plistScript;
    9  plistArgs[1] = garage;
    10 plistArgs[2] = NULL;

    12 OSStatus status = AuthorizationExecuteWithPrivileges(authRef_, [shell UTF8String], 0, plistArgs, NULL);

    13  if ((status == errAuthorizationCanceled) || (status != errAuthorizationSuccess)) {
    14    NSLog(@"Desktop Break Change: Authorization failed when installing new configuration plists.");
    15    return NO;
    16 }

    17  free(plistScript);
    18  free(garage);
    19 free(plistArgs);
    20}

          Why delete messages? Unlimited storage is just a click away. Go to http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html
  • On 10/24/07, deepak gopal <deengg...> wrote:
    > 1 - (BOOL)performChange  {
    > 2  char **plistArgs = (char **) malloc(3 *sizeof(char*));
    > 3  NSString *shell = @"/bin/sh";
    >
    > 4  char *plistScript = (char *) malloc([copyPlistScript_ length]*sizeof(unichar));
    > 5  [copyPlistScript_ getCharacters:(unichar *) plistScript];
    >
    > 6  char *garage = (char *) malloc([garage_ lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]);
    > 7  [garage_ getCharacters:(unichar *) garage];

    a) sizeof(unichar) != sizeof(char)

    b) a unichar string is very different from a char string.

    c) posix functions don't accept unichar's.

    d) <http://developer.apple.com/documentation/Cocoa/Conceptual/Strings/Articles/
    ManipulatingPaths.html#//apple_ref/doc/uid/20000152
    >
  • I believe AuthorizationExecuteWithPrivileges() is expecting NULL-
    terminated, UTF-8, C-string as the args instead of non-terminated
    unichar array.

    You can use -UTF8String methods for that.

    Since the second arg to the function is defined to be a POSIX path
    representation, you should use -fileSystemRepresentation instead.

    Aki

    On 2007/10/24, at 15:58, deepak gopal wrote:

    > Hi
    >
    > The method performChange would run a script which would modify a
    > plist.
    >
    > When the control reaches line 12 I get this message "/: /: is a
    > directory" in the run log and when I check in the debugger I find
    > that plistScript and garage have "/" as the value. So I know where
    > the problem is but dont' know what's causing it or what the solution
    > is.
    >
    > There is no problem with the authorization or with the paths
    > copyPlistScript_ (/tmp/script) or garage_ (/tmp/garage)
    >
    > I assume that the memory allocation in line 4 and line 6 would give
    > the same result.
    >
    > Can someone guide me?
    >
    > 1 - (BOOL)performChange  {
    > 2  char **plistArgs = (char **) malloc(3 *sizeof(char*));
    > 3  NSString *shell = @"/bin/sh";
    >
    > 4  char *plistScript = (char *) malloc([copyPlistScript_
    > length]*sizeof(unichar));
    > 5  [copyPlistScript_ getCharacters:(unichar *) plistScript];
    >
    > 6  char *garage = (char *) malloc([garage_
    > lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]);
    > 7  [garage_ getCharacters:(unichar *) garage];
    >
    > 8  plistArgs[0] = plistScript;
    > 9  plistArgs[1] = garage;
    > 10 plistArgs[2] = NULL;
    >
    > 12 OSStatus status = AuthorizationExecuteWithPrivileges(authRef_,
    > [shell UTF8String], 0, plistArgs, NULL);
    >
    > 13  if ((status == errAuthorizationCanceled) || (status !=
    > errAuthorizationSuccess)) {
    > 14    NSLog(@"Desktop Break Change: Authorization failed when
    > installing new configuration plists.");
    > 15    return NO;
    > 16 }
    >
    > 17  free(plistScript);
    > 18  free(garage);
    > 19 free(plistArgs);
    > 20}
    >
    >
    >
    >
    > Why delete messages? Unlimited storage is just a click away. Go
    > to http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html
  • On 10/24/07, deepak gopal <deengg...> wrote:
    > Hi
    >
    > The method performChange would run a script which would modify a plist.

    Try...

    - (BOOL)performChange  {
      NSString* shell = @"/bin/sh";
      const char* plistArgs[3];
      plistArgs[0] = [copyPlistScript_ UTF8String];
      plistArgs[1] = [garage_ fileSystemRepresentation];
      plistArgs[2] = NULL;

      OSStatus status = AuthorizationExecuteWithPrivileges(authRef_,
    [shell UTF8String], 0, &plistArgs, NULL);

      if ((status == errAuthorizationCanceled) || (status !=
    errAuthorizationSuccess)) {
        NSLog(@"Desktop Break Change: Authorization failed when installing
    new configuration plists.");
        return NO;
      }
    }

    ...written in gmail and from memory ... no idea if it compiles.

    -Shawn
  • No Shawn this doesn't work.

    ----- Original Message ----
    From: Shawn Erickson <shawnce...>
    To: deepak gopal <deepak_gopal_21...>
    Cc: cocoa dev <cocoa-dev...>
    Sent: Wednesday, 24 October, 2007 4:37:37 PM
    Subject: Re: A problematic combination of malloc and getCharacters.

    On 10/24/07, deepak gopal <deengg...> wrote:
    > Hi
    >
    > The method performChange would run a script which would modify a
    plist.

    Try...

    - (BOOL)performChange  {
      NSString* shell = @"/bin/sh";
      const char* plistArgs[3];
      plistArgs[0] = [copyPlistScript_ UTF8String];
      plistArgs[1] = [garage_ fileSystemRepresentation];
      plistArgs[2] = NULL;

      OSStatus status = AuthorizationExecuteWithPrivileges(authRef_,
    [shell UTF8String], 0, &plistArgs, NULL);

      if ((status == errAuthorizationCanceled) || (status !=
    errAuthorizationSuccess)) {
        NSLog(@"Desktop Break Change: Authorization failed when installing
    new configuration plists.");
        return NO;
      }
    }

    ...written in gmail and from memory ... no idea if it compiles.

    -Shawn

          Bring your gang together - do your thing. Go to http://in.promos.yahoo.com/groups
  • Hasn't it largely been established that it's a security hole to launch a
    shell with elevated priveleges?
    I believe an attacker can easily replace various unprotected .files to
    alias one command to another command, and suddenly transform your
    innocuous shell command into whatever they want.

    Shawn Erickson wrote:
    > On 10/24/07, deepak gopal <deengg...> wrote:
    >
    >> Hi
    >>
    >> The method performChange would run a script which would modify a plist.
    >>
    >
    >
    > Try...
    >
    > - (BOOL)performChange  {
    > NSString* shell = @"/bin/sh";
    > const char* plistArgs[3];
    > plistArgs[0] = [copyPlistScript_ UTF8String];
    > plistArgs[1] = [garage_ fileSystemRepresentation];
    > plistArgs[2] = NULL;
    >
    > OSStatus status = AuthorizationExecuteWithPrivileges(authRef_,
    > [shell UTF8String], 0, &plistArgs, NULL);
    >
    > if ((status == errAuthorizationCanceled) || (status !=
    > errAuthorizationSuccess)) {
    > NSLog(@"Desktop Break Change: Authorization failed when installing
    > new configuration plists.");
    > return NO;
    > }
    > }
    >
    > ...written in gmail and from memory ... no idea if it compiles.
    >
    > -Shawn
    >
  • On 10/24/07, deepak gopal <deengg...> wrote:
    >
    > No Shawn this doesn't work.

    Doesn't compile? If you would like further assistance we will need to
    know more about what exactly doesn't work.

    -Shawn
  • The warning says the plistArgs are of incompatible pointer type.

      OSStatus status =
        AuthorizationExecuteWithPrivileges(authRef_, [shell UTF8String],
                                            0, plistArgs, NULL);

    ----- Original Message ----
    From: Shawn Erickson <shawnce...>
    To: deepak gopal <deepak_gopal_21...>
    Cc: cocoa dev <cocoa-dev...>
    Sent: Wednesday, 24 October, 2007 4:54:28 PM
    Subject: Re: A problematic combination of malloc and getCharacters.

    On 10/24/07, deepak gopal <deengg...> wrote:
    >
    > No Shawn this doesn't work.

    Doesn't compile? If you would like further assistance we will need to
    know more about what exactly doesn't work.

    -Shawn

          DELETE button is history. Unlimited mail storage is just a click away. Go to https://edit.india.yahoo.com/config/eval_register
  • Hi

    I have made few changes and this is working and seems like there are no memory problems with this code.
    I am not using fileSystemRepresentation because then I will end up casting constants, so using getFileSystemRepresentation instead.

      // Allocating space for the args

      char **plistArgs = (char **) malloc(3 *sizeof(char*));

      NSString *shell = @"/bin/sh";



      char *plistScript = (char *) malloc([copyPlistScript_

        lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]);

      // this gives space for Null.

      [desktopCopyPlistScript_ getFileSystemRepresentation:plistScript

                                                maxLength:[copyPlistScript_

        lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]];



      char *garage = (char *) malloc([garage_

        lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]);

      [garage_ getFileSystemRepresentation:garage

                                maxLength:[garage_

        lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]];



      plistArgs[0] = plistScript;

      plistArgs[1] = garage;

      plistArgs[2] = NULL;



      // Update the plists within all 3 Desktop components

      OSStatus status =

        AuthorizationExecuteWithPrivileges(authRef_, [shell UTF8String],

                                            0, plistArgs, NULL);

      if ((status == errAuthorizationCanceled) ||

          (status != errAuthorizationSuccess)) {

        NSLog(@"Desktop Break Change: Authorization failed when installing new "

          @"configuration plists.");

        return NO;

      }



      // free the allocated memory

      free(plistScript);

      free(garage);

      free(plistArgs);

    ----- Original Message ----
    From: Aki Inoue <aki...>
    To: deepak gopal <deepak_gopal_21...>
    Cc: cocoa dev <cocoa-dev...>
    Sent: Wednesday, 24 October, 2007 4:15:33 PM
    Subject: Re: A problematic combination of malloc and getCharacters.

    I believe AuthorizationExecuteWithPrivileges() is expecting NULL-
    terminated, UTF-8, C-string as the args instead of non-terminated
    unichar array.

    You can use -UTF8String methods for that.

    Since the second arg to the function is defined to be a POSIX path
    representation, you should use -fileSystemRepresentation instead.

    Aki

    On 2007/10/24, at 15:58, deepak gopal wrote:

    > Hi
    >
    > The method performChange would run a script which would modify a
    > plist.
    >
    > When the control reaches line 12 I get this message "/: /: is a
    > directory" in the run log and when I check in the debugger I find
    > that plistScript and garage have "/" as the value. So I know where
    > the problem is but dont' know what's causing it or what the solution

    > is.
    >
    > There is no problem with the authorization or with the paths
    > copyPlistScript_ (/tmp/script) or garage_ (/tmp/garage)
    >
    > I assume that the memory allocation in line 4 and line 6 would give
    > the same result.
    >
    > Can someone guide me?
    >
    > 1 - (BOOL)performChange  {
    > 2  char **plistArgs = (char **) malloc(3 *sizeof(char*));
    > 3  NSString *shell = @"/bin/sh";
    >
    > 4  char *plistScript = (char *) malloc([copyPlistScript_
    > length]*sizeof(unichar));
    > 5  [copyPlistScript_ getCharacters:(unichar *) plistScript];
    >
    > 6  char *garage = (char *) malloc([garage_
    > lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]);
    > 7  [garage_ getCharacters:(unichar *) garage];
    >
    > 8  plistArgs[0] = plistScript;
    > 9  plistArgs[1] = garage;
    > 10 plistArgs[2] = NULL;
    >
    > 12 OSStatus status = AuthorizationExecuteWithPrivileges(authRef_,
    > [shell UTF8String], 0, plistArgs, NULL);
    >
    > 13  if ((status == errAuthorizationCanceled) || (status !=
    > errAuthorizationSuccess)) {
    > 14    NSLog(@"Desktop Break Change: Authorization failed when
    > installing new configuration plists.");
    > 15    return NO;
    > 16 }
    >
    > 17  free(plistScript);
    > 18  free(garage);
    > 19 free(plistArgs);
    > 20}
    >
    >
    >
    >
    > Why delete messages? Unlimited storage is just a click away. Go



          Get the freedom to save as many mails as you wish. To know how, go to http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html
  • I recommended -fileSystemRepresentation for the second argument of
    AuthorizationExecuteWithPrivileges().

    So,
    > AuthorizationExecuteWithPrivileges(authRef_, [shell UTF8String],
    > 0, plistArgs, NULL);
    should be
        AuthorizationExecuteWithPrivileges(authRef_, [shell
    fileSystemRepresentation], 0, plistArgs, NULL);

    Also, you're allocating insufficient space for the arguments.
    You're using the byte length for NSUnicodeStringEncoding where you're
    supposed to use the length for NSUTF8StringEncoding with decomposition
    in mind (which is usually much longer).

    You should be able to do:

    const char *plistArgs[3];

    plistArgs[0] = [copyPlistScript_ UTF8String];
    plistArgs[1] = [garage_ UTF8String];
    plistArgs[2] = NULL;

    Aki

    On 2007/10/25, at 11:56, deepak gopal wrote:

    > Hi
    >
    > I have made few changes and this is working and seems like there are
    > no memory problems with this code.
    > I am not using fileSystemRepresentation because then I will end up
    > casting constants, so using getFileSystemRepresentation instead.
    >
    > // Allocating space for the args
    > char **plistArgs = (char **) malloc(3 *sizeof(char*));
    > NSString *shell = @"/bin/sh";
    >
    > char *plistScript = (char *) malloc([copyPlistScript_
    > lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]);
    >
    > // this gives space for Null.
    > [desktopCopyPlistScript_ getFileSystemRepresentation:plistScript
    > maxLength:
    > [copyPlistScript_
    > lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]];
    >
    > char *garage = (char *) malloc([garage_
    > lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]);
    >
    > [garage_ getFileSystemRepresentation:garage
    > maxLength:[garage_
    > lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]];
    >
    > plistArgs[0] = plistScript;
    > plistArgs[1] = garage;
    > plistArgs[2] = NULL;
    >
    > // Update the plists within all 3 Desktop components
    > OSStatus status =
    > AuthorizationExecuteWithPrivileges(authRef_, [shell UTF8String],
    > 0, plistArgs, NULL);
    >
    > if ((status == errAuthorizationCanceled) ||
    > (status != errAuthorizationSuccess)) {
    > NSLog(@"Desktop Break Change: Authorization failed when
    > installing new "
    > @"configuration plists.");
    > return NO;
    > }
    >
    > // free the allocated memory
    > free(plistScript);
    > free(garage);
    > free(plistArgs);
    >
    >
    > ----- Original Message ----
    > From: Aki Inoue <aki...>
    > To: deepak gopal <deepak_gopal_21...>
    > Cc: cocoa dev <cocoa-dev...>
    > Sent: Wednesday, 24 October, 2007 4:15:33 PM
    > Subject: Re: A problematic combination of malloc and getCharacters.
    >
    > I believe AuthorizationExecuteWithPrivileges() is expecting NULL-
    > terminated, UTF-8, C-string as the args instead of non-terminated
    > unichar array.
    >
    > You can use -UTF8String methods for that.
    >
    > Since the second arg to the function is defined to be a POSIX path
    > representation, you should use -fileSystemRepresentation instead.
    >
    > Aki
    >
    > On 2007/10/24, at 15:58, deepak gopal wrote:
    >
    >> Hi
    >>
    >> The method performChange would run a script which would modify a
    >> plist.
    >>
    >> When the control reaches line 12 I get this message "/: /: is a
    >> directory" in the run log and when I check in the debugger I find
    >> that plistScript and garage have "/" as the value. So I know where
    >> the problem is but dont' know what's causing it or what the solution
    >> is.
    >>
    >> There is no problem with the authorization or with the paths
    >> copyPlistScript_ (/tmp/script) or garage_ (/tmp/garage)
    >>
    >> I assume that the memory allocation in line 4 and line 6 would give
    >> the same result.
    >>
    >> Can someone guide me?
    >>
    >> 1 - (BOOL)performChange  {
    >> 2  char **plistArgs = (char **) malloc(3 *sizeof(char*));
    >> 3  NSString *shell = @"/bin/sh";
    >>
    >> 4  char *plistScript = (char *) malloc([copyPlistScript_
    >> length]*sizeof(unichar));
    >> 5  [copyPlistScript_ getCharacters:(unichar *) plistScript];
    >>
    >> 6  char *garage = (char *) malloc([garage_
    >> lengthOfBytesUsingEncoding:NSUnicodeStringEncoding]);
    >> 7  [garage_ getCharacters:(unichar *) garage];
    >>
    >> 8  plistArgs[0] = plistScript;
    >> 9  plistArgs[1] = garage;
    >> 10 plistArgs[2] = NULL;
    >>
    >> 12 OSStatus status = AuthorizationExecuteWithPrivileges(authRef_,
    >> [shell UTF8String], 0, plistArgs, NULL);
    >>
    >> 13  if ((status == errAuthorizationCanceled) || (status !=
    >> errAuthorizationSuccess)) {
    >> 14    NSLog(@"Desktop Break Change: Authorization failed when
    >> installing new configuration plists.");
    >> 15    return NO;
    >> 16 }
    >>
    >> 17  free(plistScript);
    >> 18  free(garage);
    >> 19 free(plistArgs);
    >> 20}
    >>
    >>
    >>
    >>
    >> Why delete messages? Unlimited storage is just a click away. Go
    >> to http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html

    >
    >
    > Chat on a cool, new interface. No download required. Click here.
previous month october 2007 next month
MTWTFSS
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        
Go to today