MagickCore 6.9.13
Loading...
Searching...
No Matches
policy.c
1/*
2%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
3% %
4% %
5% PPPP OOO L IIIII CCCC Y Y %
6% P P O O L I C Y Y %
7% PPPP O O L I C Y %
8% P O O L I C Y %
9% P OOO LLLLL IIIII CCCC Y %
10% %
11% %
12% MagickCore Policy Methods %
13% %
14% Software Design %
15% Cristy %
16% July 1992 %
17% %
18% %
19% Copyright 1999 ImageMagick Studio LLC, a non-profit organization %
20% dedicated to making software imaging solutions freely available. %
21% %
22% You may not use this file except in compliance with the License. You may %
23% obtain a copy of the License at %
24% %
25% https://imagemagick.org/license/ %
26% %
27% Unless required by applicable law or agreed to in writing, software %
28% distributed under the License is distributed on an "AS IS" BASIS, %
29% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. %
30% See the License for the specific language governing permissions and %
31% limitations under the License. %
32% %
33%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
34%
35*/
36
37/*
38 Include declarations.
39*/
40#include "magick/studio.h"
41#include "magick/cache-private.h"
42#include "magick/client.h"
43#include "magick/configure.h"
44#include "magick/exception.h"
45#include "magick/exception-private.h"
46#include "magick/hashmap-private.h"
47#include "magick/locale_.h"
48#include "magick/magick-private.h"
49#include "magick/memory_.h"
50#include "magick/memory-private.h"
51#include "magick/monitor.h"
52#include "magick/monitor-private.h"
53#include "magick/option.h"
54#include "magick/policy.h"
55#include "magick/policy-private.h"
56#include "magick/resource_.h"
57#include "magick/semaphore.h"
58#include "magick/stream-private.h"
59#include "magick/string_.h"
60#include "magick/string-private.h"
61#include "magick/timer-private.h"
62#include "magick/token.h"
63#include "magick/utility.h"
64#include "magick/utility-private.h"
65#include "magick/xml-tree.h"
66#include "magick/xml-tree-private.h"
67#if defined(MAGICKCORE_XML_DELEGATE)
68# include <libxml/parser.h>
69# include <libxml/tree.h>
70#endif
71
72/*
73 Define declarations.
74*/
75#define PolicyFilename "policy.xml"
76
77/*
78 Typedef declarations.
79*/
80struct _PolicyInfo
81{
82 char
83 *path;
84
85 PolicyDomain
86 domain;
87
88 PolicyRights
89 rights;
90
91 char
92 *name,
93 *pattern,
94 *value;
95
96 MagickBooleanType
97 exempt,
98 stealth,
99 debug;
100
101 SemaphoreInfo
102 *semaphore;
103
104 size_t
105 signature;
106};
107
108typedef struct _PolicyMapInfo
109{
110 const PolicyDomain
111 domain;
112
113 const PolicyRights
114 rights;
115
116 const char
117 *name,
118 *pattern,
119 *value;
120} PolicyMapInfo;
121
122/*
123 Static declarations.
124*/
125static const PolicyMapInfo
126 PolicyMap[] =
127 {
128 { UndefinedPolicyDomain, UndefinedPolicyRights, (const char *) NULL,
129 (const char *) NULL, (const char *) NULL }
130 };
131
132static LinkedListInfo
133 *policy_cache = (LinkedListInfo *) NULL;
134
135static SemaphoreInfo
136 *policy_semaphore = (SemaphoreInfo *) NULL;
137
138/*
139 Forward declarations.
140*/
141static MagickBooleanType
142 IsPolicyCacheInstantiated(ExceptionInfo *),
143 LoadPolicyCache(LinkedListInfo *,const char *,const char *,const size_t,
144 ExceptionInfo *),
145 SetMagickSecurityPolicyValue(const PolicyDomain,const char *,const char *,
146 ExceptionInfo *);
147
148/*
149%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
150% %
151% %
152% %
153% A c q u i r e P o l i c y C a c h e %
154% %
155% %
156% %
157%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
158%
159% AcquirePolicyCache() caches one or more policy configurations which provides
160% a mapping between policy attributes and a policy name.
161%
162% The format of the AcquirePolicyCache method is:
163%
164% LinkedListInfo *AcquirePolicyCache(const char *filename,
165% ExceptionInfo *exception)
166%
167% A description of each parameter follows:
168%
169% o filename: the policy configuration file name.
170%
171% o exception: return any errors or warnings in this structure.
172%
173*/
174static LinkedListInfo *AcquirePolicyCache(const char *filename,
175 ExceptionInfo *exception)
176{
177 LinkedListInfo
178 *cache;
179
180 MagickStatusType
181 status;
182
183 ssize_t
184 i;
185
186 /*
187 Load external policy map.
188 */
189 cache=NewLinkedList(0);
190 if (cache == (LinkedListInfo *) NULL)
191 ThrowFatalException(ResourceLimitFatalError,"MemoryAllocationFailed");
192 status=MagickTrue;
193#if MAGICKCORE_ZERO_CONFIGURATION_SUPPORT
194 magick_unreferenced(filename);
195 status=LoadPolicyCache(cache,ZeroConfigurationPolicy,"[zero-configuration]",0,
196 exception);
197 if (status == MagickFalse)
198 CatchException(exception);
199#else
200 {
201 const StringInfo
202 *option;
203
204 LinkedListInfo
205 *options;
206
207 options=GetConfigureOptions(filename,exception);
208 option=(const StringInfo *) GetNextValueInLinkedList(options);
209 while (option != (const StringInfo *) NULL)
210 {
211 status&=LoadPolicyCache(cache,(const char *) GetStringInfoDatum(option),
212 GetStringInfoPath(option),0,exception);
213 if (status == MagickFalse)
214 CatchException(exception);
215 option=(const StringInfo *) GetNextValueInLinkedList(options);
216 }
217 options=DestroyConfigureOptions(options);
218 }
219#endif
220 /*
221 Load built-in policy map.
222 */
223 for (i=0; i < (ssize_t) (sizeof(PolicyMap)/sizeof(*PolicyMap)); i++)
224 {
225 const PolicyMapInfo
226 *p;
227
228 PolicyInfo
229 *policy_info;
230
231 p=PolicyMap+i;
232 policy_info=(PolicyInfo *) AcquireMagickMemory(sizeof(*policy_info));
233 if (policy_info == (PolicyInfo *) NULL)
234 {
235 (void) ThrowMagickException(exception,GetMagickModule(),
236 ResourceLimitError,"MemoryAllocationFailed","`%s'",
237 p->name == (char *) NULL ? "" : p->name);
238 CatchException(exception);
239 status=MagickFalse;
240 continue;
241 }
242 (void) memset(policy_info,0,sizeof(*policy_info));
243 policy_info->path=(char *) "[built-in]";
244 policy_info->domain=p->domain;
245 policy_info->rights=p->rights;
246 policy_info->name=(char *) p->name;
247 policy_info->pattern=(char *) p->pattern;
248 policy_info->value=(char *) p->value;
249 policy_info->exempt=MagickTrue;
250 policy_info->signature=MagickCoreSignature;
251 status&=AppendValueToLinkedList(cache,policy_info);
252 if (status == MagickFalse)
253 {
254 (void) ThrowMagickException(exception,GetMagickModule(),
255 ResourceLimitError,"MemoryAllocationFailed","`%s'",
256 p->name == (char *) NULL ? "" : p->name);
257 CatchException(exception);
258 }
259 }
260 if (status == MagickFalse)
261 CatchException(exception);
262 return(cache);
263}
264
265/*
266%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
267% %
268% %
269% %
270+ G e t P o l i c y I n f o %
271% %
272% %
273% %
274%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
275%
276% GetPolicyInfo() searches the policy list for the specified name and if found
277% returns attributes for that policy.
278%
279% The format of the GetPolicyInfo method is:
280%
281% PolicyInfo *GetPolicyInfo(const char *name,ExceptionInfo *exception)
282%
283% A description of each parameter follows:
284%
285% o name: the policy name.
286%
287% o exception: return any errors or warnings in this structure.
288%
289*/
290static PolicyInfo *GetPolicyInfo(const char *name,ExceptionInfo *exception)
291{
292 char
293 policyname[MagickPathExtent],
294 *q;
295
296 ElementInfo
297 *p;
298
299 PolicyDomain
300 domain;
301
302 PolicyInfo
303 *policy;
304
305 assert(exception != (ExceptionInfo *) NULL);
306 if (IsPolicyCacheInstantiated(exception) == MagickFalse)
307 return((PolicyInfo *) NULL);
308 /*
309 Strip names of whitespace.
310 */
311 *policyname='\0';
312 if (name != (const char *) NULL)
313 (void) CopyMagickString(policyname,name,MagickPathExtent);
314 for (q=policyname; *q != '\0'; q++)
315 {
316 if (isspace((int) ((unsigned char) *q)) == 0)
317 continue;
318 (void) CopyMagickString(q,q+1,MagickPathExtent);
319 q--;
320 }
321 /*
322 Strip domain from policy name (e.g. resource:map).
323 */
324 domain=UndefinedPolicyDomain;
325 for (q=policyname; *q != '\0'; q++)
326 {
327 if (*q != ':')
328 continue;
329 *q='\0';
330 domain=(PolicyDomain) ParseCommandOption(MagickPolicyDomainOptions,
331 MagickTrue,policyname);
332 (void) CopyMagickString(policyname,q+1,MagickPathExtent);
333 break;
334 }
335 /*
336 Search for policy tag.
337 */
338 policy=(PolicyInfo *) NULL;
339 LockSemaphoreInfo(policy_semaphore);
340 ResetLinkedListIterator(policy_cache);
341 p=GetHeadElementInLinkedList(policy_cache);
342 if ((name == (const char *) NULL) || (LocaleCompare(name,"*") == 0))
343 {
344 UnlockSemaphoreInfo(policy_semaphore);
345 if (p != (ElementInfo *) NULL)
346 policy=(PolicyInfo *) p->value;
347 return(policy);
348 }
349 while (p != (ElementInfo *) NULL)
350 {
351 policy=(PolicyInfo *) p->value;
352 if ((domain == UndefinedPolicyDomain) || (policy->domain == domain))
353 if (LocaleCompare(policyname,policy->name) == 0)
354 break;
355 p=p->next;
356 }
357 if (p == (ElementInfo *) NULL)
358 policy=(PolicyInfo *) NULL;
359 else
360 (void) SetHeadElementInLinkedList(policy_cache,p);
361 UnlockSemaphoreInfo(policy_semaphore);
362 return(policy);
363}
364
365/*
366%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
367% %
368% %
369% %
370% G e t P o l i c y I n f o L i s t %
371% %
372% %
373% %
374%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
375%
376% GetPolicyInfoList() returns any policies that match the specified pattern.
377%
378% The format of the GetPolicyInfoList function is:
379%
380% const PolicyInfo **GetPolicyInfoList(const char *pattern,
381% size_t *number_policies,ExceptionInfo *exception)
382%
383% A description of each parameter follows:
384%
385% o pattern: Specifies a pointer to a text string containing a pattern.
386%
387% o number_policies: returns the number of policies in the list.
388%
389% o exception: return any errors or warnings in this structure.
390%
391*/
392MagickExport const PolicyInfo **GetPolicyInfoList(const char *pattern,
393 size_t *number_policies,ExceptionInfo *exception)
394{
395 const PolicyInfo
396 **policies;
397
398 const PolicyInfo
399 *p;
400
401 ssize_t
402 i;
403
404 /*
405 Allocate policy list.
406 */
407 assert(pattern != (char *) NULL);
408 assert(number_policies != (size_t *) NULL);
409 if (IsEventLogging() != MagickFalse)
410 (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",pattern);
411 *number_policies=0;
412 p=GetPolicyInfo("*",exception);
413 if (p == (const PolicyInfo *) NULL)
414 return((const PolicyInfo **) NULL);
415 policies=(const PolicyInfo **) AcquireQuantumMemory((size_t)
416 GetNumberOfElementsInLinkedList(policy_cache)+1UL,sizeof(*policies));
417 if (policies == (const PolicyInfo **) NULL)
418 return((const PolicyInfo **) NULL);
419 /*
420 Generate policy list.
421 */
422 LockSemaphoreInfo(policy_semaphore);
423 ResetLinkedListIterator(policy_cache);
424 p=(const PolicyInfo *) GetNextValueInLinkedList(policy_cache);
425 for (i=0; p != (const PolicyInfo *) NULL; )
426 {
427 if ((p->stealth == MagickFalse) &&
428 (GlobExpression(p->name,pattern,MagickFalse) != MagickFalse))
429 policies[i++]=p;
430 p=(const PolicyInfo *) GetNextValueInLinkedList(policy_cache);
431 }
432 UnlockSemaphoreInfo(policy_semaphore);
433 policies[i]=(PolicyInfo *) NULL;
434 *number_policies=(size_t) i;
435 return(policies);
436}
437
438/*
439%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
440% %
441% %
442% %
443% G e t P o l i c y L i s t %
444% %
445% %
446% %
447%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
448%
449% GetPolicyList() returns any policies that match the specified pattern.
450%
451% The format of the GetPolicyList function is:
452%
453% char **GetPolicyList(const char *pattern,size_t *number_policies,
454% ExceptionInfo *exception)
455%
456% A description of each parameter follows:
457%
458% o pattern: a pointer to a text string containing a pattern.
459%
460% o number_policies: returns the number of policies in the list.
461%
462% o exception: return any errors or warnings in this structure.
463%
464*/
465
466static char *AcquirePolicyString(const char *source,const size_t pad)
467{
468 char
469 *destination;
470
471 size_t
472 length;
473
474 length=0;
475 if (source != (char *) NULL)
476 length+=strlen(source);
477 destination=(char *) NULL;
478 if (~length >= pad)
479 destination=(char *) AcquireMagickMemory((length+pad)*sizeof(*destination));
480 if (destination == (char *) NULL)
481 ThrowFatalException(ResourceLimitFatalError,"UnableToAcquireString");
482 if (source != (char *) NULL)
483 (void) memcpy(destination,source,length*sizeof(*destination));
484 destination[length]='\0';
485 return(destination);
486}
487
488MagickExport char **GetPolicyList(const char *pattern,size_t *number_policies,
489 ExceptionInfo *exception)
490{
491 char
492 **policies;
493
494 const PolicyInfo
495 *p;
496
497 ssize_t
498 i;
499
500 /*
501 Allocate policy list.
502 */
503 assert(pattern != (char *) NULL);
504 assert(number_policies != (size_t *) NULL);
505 if (IsEventLogging() != MagickFalse)
506 (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",pattern);
507 *number_policies=0;
508 p=GetPolicyInfo("*",exception);
509 if (p == (const PolicyInfo *) NULL)
510 return((char **) NULL);
511 policies=(char **) AcquireQuantumMemory((size_t)
512 GetNumberOfElementsInLinkedList(policy_cache)+1UL,sizeof(*policies));
513 if (policies == (char **) NULL)
514 return((char **) NULL);
515 /*
516 Generate policy list.
517 */
518 LockSemaphoreInfo(policy_semaphore);
519 ResetLinkedListIterator(policy_cache);
520 p=(const PolicyInfo *) GetNextValueInLinkedList(policy_cache);
521 for (i=0; p != (const PolicyInfo *) NULL; )
522 {
523 if ((p->stealth == MagickFalse) &&
524 (GlobExpression(p->name,pattern,MagickFalse) != MagickFalse))
525 policies[i++]=AcquirePolicyString(p->name,1);
526 p=(const PolicyInfo *) GetNextValueInLinkedList(policy_cache);
527 }
528 UnlockSemaphoreInfo(policy_semaphore);
529 policies[i]=(char *) NULL;
530 *number_policies=(size_t) i;
531 return(policies);
532}
533
534/*
535%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
536% %
537% %
538% %
539% G e t P o l i c y V a l u e %
540% %
541% %
542% %
543%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
544%
545% GetPolicyValue() returns the value associated with the named policy.
546%
547% The format of the GetPolicyValue method is:
548%
549% char *GetPolicyValue(const char *name)
550%
551% A description of each parameter follows:
552%
553% o policy_info: The policy info.
554%
555*/
556MagickExport char *GetPolicyValue(const char *name)
557{
558 const char
559 *value;
560
561 const PolicyInfo
562 *policy_info;
563
564 ExceptionInfo
565 *exception;
566
567 assert(name != (const char *) NULL);
568 if (IsEventLogging() != MagickFalse)
569 (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",name);
570 exception=AcquireExceptionInfo();
571 policy_info=GetPolicyInfo(name,exception);
572 exception=DestroyExceptionInfo(exception);
573 if (policy_info == (PolicyInfo *) NULL)
574 return((char *) NULL);
575 value=policy_info->value;
576 if ((value == (const char *) NULL) || (*value == '\0'))
577 return((char *) NULL);
578 return(AcquirePolicyString(value,1));
579}
580
581/*
582%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
583% %
584% %
585% %
586+ I s P o l i c y C a c h e I n s t a n t i a t e d %
587% %
588% %
589% %
590%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
591%
592% IsPolicyCacheInstantiated() determines if the policy list is instantiated.
593% If not, it instantiates the list and returns it.
594%
595% The format of the IsPolicyInstantiated method is:
596%
597% MagickBooleanType IsPolicyCacheInstantiated(ExceptionInfo *exception)
598%
599% A description of each parameter follows.
600%
601% o exception: return any errors or warnings in this structure.
602%
603*/
604static MagickBooleanType IsPolicyCacheInstantiated(ExceptionInfo *exception)
605{
606 if (policy_cache == (LinkedListInfo *) NULL)
607 {
608 GetMaxMemoryRequest(); /* avoid OMP deadlock */
609 if (policy_semaphore == (SemaphoreInfo *) NULL)
610 ActivateSemaphoreInfo(&policy_semaphore);
611 LockSemaphoreInfo(policy_semaphore);
612 if (policy_cache == (LinkedListInfo *) NULL)
613 policy_cache=AcquirePolicyCache(PolicyFilename,exception);
614 UnlockSemaphoreInfo(policy_semaphore);
615 }
616 return(policy_cache != (LinkedListInfo *) NULL ? MagickTrue : MagickFalse);
617}
618
619/*
620%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
621% %
622% %
623% %
624% I s R i g h t s A u t h o r i z e d %
625% %
626% %
627% %
628%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
629%
630% IsRightsAuthorized() returns MagickTrue if the policy authorizes the
631% requested rights for the specified domain.
632%
633% The format of the IsRightsAuthorized method is:
634%
635% MagickBooleanType IsRightsAuthorized(const PolicyDomain domain,
636% const PolicyRights rights,const char *pattern)
637%
638% A description of each parameter follows:
639%
640% o domain: the policy domain.
641%
642% o rights: the policy rights.
643%
644% o pattern: the coder, delegate, filter, or path pattern.
645%
646*/
647MagickExport MagickBooleanType IsRightsAuthorized(const PolicyDomain domain,
648 const PolicyRights rights,const char *pattern)
649{
650 const PolicyInfo
651 *policy_info;
652
653 ExceptionInfo
654 *exception;
655
656 MagickBooleanType
657 authorized;
658
659 PolicyInfo
660 *p;
661
662 if ((GetLogEventMask() & PolicyEvent) != 0)
663 (void) LogMagickEvent(PolicyEvent,GetMagickModule(),
664 "Domain: %s; rights=%s; pattern=\"%s\" ...",
665 CommandOptionToMnemonic(MagickPolicyDomainOptions,domain),
666 CommandOptionToMnemonic(MagickPolicyRightsOptions,rights),pattern);
667 exception=AcquireExceptionInfo();
668 policy_info=GetPolicyInfo("*",exception);
669 exception=DestroyExceptionInfo(exception);
670 if (policy_info == (PolicyInfo *) NULL)
671 return(MagickTrue);
672 authorized=MagickTrue;
673 LockSemaphoreInfo(policy_semaphore);
674 ResetLinkedListIterator(policy_cache);
675 p=(PolicyInfo *) GetNextValueInLinkedList(policy_cache);
676 while (p != (PolicyInfo *) NULL)
677 {
678 char
679 *real_pattern = (char *) pattern;
680
681 if (p->domain == domain)
682 {
683 if (p->domain == PathPolicyDomain)
684 {
685 real_pattern=realpath_utf8(pattern);
686 if (real_pattern == (char *) NULL)
687 real_pattern=AcquireString(pattern);
688 }
689 if (GlobExpression(real_pattern,p->pattern,MagickFalse) != MagickFalse)
690 {
691 if ((rights & ReadPolicyRights) != 0)
692 authorized=(p->rights & ReadPolicyRights) != 0 ? MagickTrue :
693 MagickFalse;
694 if ((rights & WritePolicyRights) != 0)
695 authorized=(p->rights & WritePolicyRights) != 0 ? MagickTrue :
696 MagickFalse;
697 if ((rights & ExecutePolicyRights) != 0)
698 authorized=(p->rights & ExecutePolicyRights) != 0 ? MagickTrue :
699 MagickFalse;
700 }
701 if (p->domain == PathPolicyDomain)
702 real_pattern=DestroyString(real_pattern);
703 }
704 p=(PolicyInfo *) GetNextValueInLinkedList(policy_cache);
705 }
706 UnlockSemaphoreInfo(policy_semaphore);
707 return(authorized);
708}
709
710/*
711%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
712% %
713% %
714% %
715% L i s t P o l i c y I n f o %
716% %
717% %
718% %
719%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
720%
721% ListPolicyInfo() lists policies to the specified file.
722%
723% The format of the ListPolicyInfo method is:
724%
725% MagickBooleanType ListPolicyInfo(FILE *file,ExceptionInfo *exception)
726%
727% A description of each parameter follows.
728%
729% o file: List policy names to this file handle.
730%
731% o exception: return any errors or warnings in this structure.
732%
733*/
734MagickExport MagickBooleanType ListPolicyInfo(FILE *file,
735 ExceptionInfo *exception)
736{
737 const char
738 *path,
739 *domain;
740
741 const PolicyInfo
742 **policy_info;
743
744 ssize_t
745 i;
746
747 size_t
748 number_policies;
749
750 /*
751 List name and attributes of each policy in the list.
752 */
753 if (file == (const FILE *) NULL)
754 file=stdout;
755 policy_info=GetPolicyInfoList("*",&number_policies,exception);
756 if (policy_info == (const PolicyInfo **) NULL)
757 return(MagickFalse);
758 path=(const char *) NULL;
759 for (i=0; i < (ssize_t) number_policies; i++)
760 {
761 if (policy_info[i]->stealth != MagickFalse)
762 continue;
763 if (((path == (const char *) NULL) ||
764 (LocaleCompare(path,policy_info[i]->path) != 0)) &&
765 (policy_info[i]->path != (char *) NULL))
766 (void) FormatLocaleFile(file,"\nPath: %s\n",policy_info[i]->path);
767 path=policy_info[i]->path;
768 domain=CommandOptionToMnemonic(MagickPolicyDomainOptions,
769 policy_info[i]->domain);
770 (void) FormatLocaleFile(file," Policy: %s\n",domain);
771 if ((policy_info[i]->domain == CachePolicyDomain) ||
772 (policy_info[i]->domain == ResourcePolicyDomain) ||
773 (policy_info[i]->domain == SystemPolicyDomain))
774 {
775 if (policy_info[i]->name != (char *) NULL)
776 (void) FormatLocaleFile(file," name: %s\n",policy_info[i]->name);
777 if (policy_info[i]->value != (char *) NULL)
778 (void) FormatLocaleFile(file," value: %s\n",policy_info[i]->value);
779 }
780 else
781 {
782 (void) FormatLocaleFile(file," rights: ");
783 if (policy_info[i]->rights == NoPolicyRights)
784 (void) FormatLocaleFile(file,"None ");
785 if ((policy_info[i]->rights & ReadPolicyRights) != 0)
786 (void) FormatLocaleFile(file,"Read ");
787 if ((policy_info[i]->rights & WritePolicyRights) != 0)
788 (void) FormatLocaleFile(file,"Write ");
789 if ((policy_info[i]->rights & ExecutePolicyRights) != 0)
790 (void) FormatLocaleFile(file,"Execute ");
791 (void) FormatLocaleFile(file,"\n");
792 if (policy_info[i]->pattern != (char *) NULL)
793 (void) FormatLocaleFile(file," pattern: %s\n",
794 policy_info[i]->pattern);
795 }
796 }
797 policy_info=(const PolicyInfo **) RelinquishMagickMemory((void *)
798 policy_info);
799 (void) fflush(file);
800 return(MagickTrue);
801}
802
803/*
804%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
805% %
806% %
807% %
808+ L o a d P o l i c y C a c h e %
809% %
810% %
811% %
812%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
813%
814% LoadPolicyCache() loads the policy configurations which provides a mapping
815% between policy attributes and a policy domain.
816%
817% The format of the LoadPolicyCache method is:
818%
819% MagickBooleanType LoadPolicyCache(LinkedListInfo *cache,const char *xml,
820% const char *filename,const size_t depth,ExceptionInfo *exception)
821%
822% A description of each parameter follows:
823%
824% o xml: The policy list in XML format.
825%
826% o filename: The policy list filename.
827%
828% o depth: depth of <include /> statements.
829%
830% o exception: return any errors or warnings in this structure.
831%
832*/
833static MagickBooleanType LoadPolicyCache(LinkedListInfo *cache,const char *xml,
834 const char *filename,const size_t depth,ExceptionInfo *exception)
835{
836 char
837 keyword[MagickPathExtent],
838 *token;
839
840 const char
841 *q;
842
843 MagickStatusType
844 status;
845
846 PolicyInfo
847 *policy_info;
848
849 size_t
850 extent;
851
852 /*
853 Load the policy map file.
854 */
855 (void) LogMagickEvent(ConfigureEvent,GetMagickModule(),
856 "Loading policy file \"%s\" ...",filename);
857 if (xml == (char *) NULL)
858 return(MagickFalse);
859 status=MagickTrue;
860 policy_info=(PolicyInfo *) NULL;
861 token=AcquirePolicyString(xml,MagickPathExtent);
862 extent=strlen(token)+MagickPathExtent;
863 for (q=(const char *) xml; *q != '\0'; )
864 {
865 /*
866 Interpret XML.
867 */
868 (void) GetNextToken(q,&q,extent,token);
869 if (*token == '\0')
870 break;
871 (void) CopyMagickString(keyword,token,MagickPathExtent);
872 if (LocaleNCompare(keyword,"<!DOCTYPE",9) == 0)
873 {
874 /*
875 Docdomain element.
876 */
877 while ((LocaleNCompare(q,"]>",2) != 0) && (*q != '\0'))
878 (void) GetNextToken(q,&q,extent,token);
879 continue;
880 }
881 if (LocaleNCompare(keyword,"<!--",4) == 0)
882 {
883 /*
884 Comment element.
885 */
886 while ((LocaleNCompare(q,"->",2) != 0) && (*q != '\0'))
887 (void) GetNextToken(q,&q,extent,token);
888 continue;
889 }
890 if (LocaleCompare(keyword,"<include") == 0)
891 {
892 /*
893 Include element.
894 */
895 while (((*token != '/') && (*(token+1) != '>')) && (*q != '\0'))
896 {
897 (void) CopyMagickString(keyword,token,MagickPathExtent);
898 (void) GetNextToken(q,&q,extent,token);
899 if (*token != '=')
900 continue;
901 (void) GetNextToken(q,&q,extent,token);
902 if (LocaleCompare(keyword,"file") == 0)
903 {
904 if (depth > MagickMaxRecursionDepth)
905 (void) ThrowMagickException(exception,GetMagickModule(),
906 ConfigureError,"IncludeElementNestedTooDeeply","`%s'",token);
907 else
908 {
909 char
910 path[MagickPathExtent],
911 *xml;
912
913 GetPathComponent(filename,HeadPath,path);
914 if (*path != '\0')
915 (void) ConcatenateMagickString(path,DirectorySeparator,
916 MagickPathExtent);
917 if (*token == *DirectorySeparator)
918 (void) CopyMagickString(path,token,MagickPathExtent);
919 else
920 (void) ConcatenateMagickString(path,token,MagickPathExtent);
921 xml=FileToXML(path,~0UL);
922 if (xml != (char *) NULL)
923 {
924 status&=LoadPolicyCache(cache,xml,path,depth+1,
925 exception);
926 xml=(char *) RelinquishMagickMemory(xml);
927 }
928 }
929 }
930 }
931 continue;
932 }
933 if (LocaleCompare(keyword,"<policy") == 0)
934 {
935 /*
936 Policy element.
937 */
938 policy_info=(PolicyInfo *) AcquireMagickMemory(sizeof(*policy_info));
939 if (policy_info == (PolicyInfo *) NULL)
940 ThrowFatalException(ResourceLimitFatalError,"MemoryAllocationFailed");
941 (void) memset(policy_info,0,sizeof(*policy_info));
942 policy_info->path=AcquirePolicyString(filename,1);
943 policy_info->exempt=MagickFalse;
944 policy_info->signature=MagickCoreSignature;
945 continue;
946 }
947 if (policy_info == (PolicyInfo *) NULL)
948 continue;
949 if ((LocaleCompare(keyword,"/>") == 0) ||
950 (LocaleCompare(keyword,"</policy>") == 0))
951 {
952 status=AppendValueToLinkedList(cache,policy_info);
953 if (status == MagickFalse)
954 (void) ThrowMagickException(exception,GetMagickModule(),
955 ResourceLimitError,"MemoryAllocationFailed","`%s'",
956 policy_info->name);
957 policy_info=(PolicyInfo *) NULL;
958 continue;
959 }
960 (void) GetNextToken(q,(const char **) NULL,extent,token);
961 if (*token != '=')
962 continue;
963 (void) GetNextToken(q,&q,extent,token);
964 (void) GetNextToken(q,&q,extent,token);
965 switch (*keyword)
966 {
967 case 'D':
968 case 'd':
969 {
970 if (LocaleCompare((char *) keyword,"domain") == 0)
971 {
972 policy_info->domain=(PolicyDomain) ParseCommandOption(
973 MagickPolicyDomainOptions,MagickTrue,token);
974 break;
975 }
976 break;
977 }
978 case 'N':
979 case 'n':
980 {
981 if (LocaleCompare((char *) keyword,"name") == 0)
982 {
983 policy_info->name=AcquirePolicyString(token,1);
984 break;
985 }
986 break;
987 }
988 case 'P':
989 case 'p':
990 {
991 if (LocaleCompare((char *) keyword,"pattern") == 0)
992 {
993 policy_info->pattern=AcquirePolicyString(token,1);
994 break;
995 }
996 break;
997 }
998 case 'R':
999 case 'r':
1000 {
1001 if (LocaleCompare((char *) keyword,"rights") == 0)
1002 {
1003 policy_info->rights=(PolicyRights) ParseCommandOption(
1004 MagickPolicyRightsOptions,MagickTrue,token);
1005 break;
1006 }
1007 break;
1008 }
1009 case 'S':
1010 case 's':
1011 {
1012 if (LocaleCompare((char *) keyword,"stealth") == 0)
1013 {
1014 policy_info->stealth=IsMagickTrue(token);
1015 break;
1016 }
1017 break;
1018 }
1019 case 'V':
1020 case 'v':
1021 {
1022 if (LocaleCompare((char *) keyword,"value") == 0)
1023 {
1024 policy_info->value=AcquirePolicyString(token,1);
1025 break;
1026 }
1027 break;
1028 }
1029 default:
1030 break;
1031 }
1032 }
1033 token=(char *) RelinquishMagickMemory(token);
1034 if (status == MagickFalse)
1035 CatchException(exception);
1036 return(status != 0 ? MagickTrue : MagickFalse);
1037}
1038
1039/*
1040%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1041% %
1042% %
1043% %
1044+ P o l i c y C o m p o n e n t G e n e s i s %
1045% %
1046% %
1047% %
1048%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1049%
1050% PolicyComponentGenesis() instantiates the policy component.
1051%
1052% The format of the PolicyComponentGenesis method is:
1053%
1054% MagickBooleanType PolicyComponentGenesis(void)
1055%
1056*/
1057MagickExport MagickBooleanType PolicyComponentGenesis(void)
1058{
1059 if (policy_semaphore == (SemaphoreInfo *) NULL)
1060 policy_semaphore=AllocateSemaphoreInfo();
1061 return(MagickTrue);
1062}
1063
1064/*
1065%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1066% %
1067% %
1068% %
1069+ P o l i c y C o m p o n e n t T e r m i n u s %
1070% %
1071% %
1072% %
1073%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1074%
1075% PolicyComponentTerminus() destroys the policy component.
1076%
1077% The format of the PolicyComponentTerminus method is:
1078%
1079% PolicyComponentTerminus(void)
1080%
1081*/
1082
1083static void *DestroyPolicyElement(void *policy_info)
1084{
1085 PolicyInfo
1086 *p;
1087
1088 p=(PolicyInfo *) policy_info;
1089 if (p->exempt == MagickFalse)
1090 {
1091 if (p->value != (char *) NULL)
1092 p->value=DestroyString(p->value);
1093 if (p->pattern != (char *) NULL)
1094 p->pattern=DestroyString(p->pattern);
1095 if (p->name != (char *) NULL)
1096 p->name=DestroyString(p->name);
1097 if (p->path != (char *) NULL)
1098 p->path=DestroyString(p->path);
1099 }
1100 p=(PolicyInfo *) RelinquishMagickMemory(p);
1101 return((void *) NULL);
1102}
1103
1104MagickExport void PolicyComponentTerminus(void)
1105{
1106 if (policy_semaphore == (SemaphoreInfo *) NULL)
1107 ActivateSemaphoreInfo(&policy_semaphore);
1108 LockSemaphoreInfo(policy_semaphore);
1109 if (policy_cache != (LinkedListInfo *) NULL)
1110 policy_cache=DestroyLinkedList(policy_cache,DestroyPolicyElement);
1111 UnlockSemaphoreInfo(policy_semaphore);
1112 DestroySemaphoreInfo(&policy_semaphore);
1113}
1114
1115/*
1116%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1117% %
1118% %
1119% %
1120% S e t M a g i c k S e c u r i t y P o l i c y %
1121% %
1122% %
1123% %
1124%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1125%
1126% SetMagickSecurityPolicy() sets or restricts the ImageMagick security policy.
1127% It returns MagickFalse if the policy the policy does not parse.
1128%
1129% The format of the SetMagickSecurityPolicy method is:
1130%
1131% MagickBooleanType SetMagickSecurityPolicy(const char *policy,
1132% ExceptionInfo *exception)
1133%
1134% A description of each parameter follows:
1135%
1136% o policy: the security policy in the XML format.
1137%
1138% o exception: return any errors or warnings in this structure.
1139%
1140*/
1141
1142static MagickBooleanType ValidateSecurityPolicy(const char *policy,
1143 const char *url,ExceptionInfo *exception)
1144{
1145#if defined(MAGICKCORE_XML_DELEGATE)
1146 xmlDocPtr
1147 document;
1148
1149 /*
1150 Parse security policy.
1151 */
1152 document=xmlReadMemory(policy,(int) strlen(policy),url,NULL,
1153 XML_PARSE_NOERROR | XML_PARSE_NOWARNING);
1154 if (document == (xmlDocPtr) NULL)
1155 {
1156 (void) ThrowMagickException(exception,GetMagickModule(),ConfigureError,
1157 "PolicyValidationException","'%s'",url);
1158 return(MagickFalse);
1159 }
1160 xmlFreeDoc(document);
1161#else
1162 (void) policy;
1163 (void) url;
1164 (void) exception;
1165#endif
1166 return(MagickTrue);
1167}
1168
1169MagickExport MagickBooleanType SetMagickSecurityPolicy(const char *policy,
1170 ExceptionInfo *exception)
1171{
1172 MagickBooleanType
1173 status;
1174
1175 LinkedListInfo
1176 *user_policies;
1177
1178 PolicyInfo
1179 *p;
1180
1181 /*
1182 Load user policies.
1183 */
1184 assert(exception != (ExceptionInfo *) NULL);
1185 if (policy == (const char *) NULL)
1186 return(MagickFalse);
1187 if (ValidateSecurityPolicy(policy,PolicyFilename,exception) == MagickFalse)
1188 return(MagickFalse);
1189 status=LoadPolicyCache(policy_cache,policy,"[user-policy]",0,exception);
1190 if (status == MagickFalse)
1191 return(status);
1192 /*
1193 Synchronize user policies.
1194 */
1195 user_policies=NewLinkedList(0);
1196 status=LoadPolicyCache(user_policies,policy,"[user-policy]",0,exception);
1197 if (status == MagickFalse)
1198 {
1199 user_policies=DestroyLinkedList(user_policies,DestroyPolicyElement);
1200 return(MagickFalse);
1201 }
1202 ResetLinkedListIterator(user_policies);
1203 p=(PolicyInfo *) GetNextValueInLinkedList(user_policies);
1204 while (p != (PolicyInfo *) NULL)
1205 {
1206 if ((p->name != (char *) NULL) && (p->value != (char *) NULL))
1207 (void) SetMagickSecurityPolicyValue(p->domain,p->name,p->value,exception);
1208 p=(PolicyInfo *) GetNextValueInLinkedList(user_policies);
1209 }
1210 user_policies=DestroyLinkedList(user_policies,DestroyPolicyElement);
1211 return(status);
1212}
1213
1214/*
1215%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1216% %
1217% %
1218% %
1219% S e t M a g i c k S e c u r i t y P o l i c y V a l u e %
1220% %
1221% %
1222% %
1223%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1224%
1225% SetMagickSecurityPolicyValue() sets a value associated with an ImageMagick
1226% security policy. For most policies, the value must be less than any value
1227% set by the security policy configuration file (i.e. policy.xml). It returns
1228% MagickFalse if the policy cannot be modified or if the policy does not parse.
1229%
1230% The format of the SetMagickSecurityPolicyValue method is:
1231%
1232% MagickBooleanType SetMagickSecurityPolicyValue(
1233% const PolicyDomain domain,const char *name,const char *value,
1234% ExceptionInfo *exception)
1235%
1236% A description of each parameter follows:
1237%
1238% o domain: the domain of the policy (e.g. system, resource).
1239%
1240% o name: the name of the policy.
1241%
1242% o value: the value to set the policy to.
1243%
1244% o exception: return any errors or warnings in this structure.
1245%
1246*/
1247static MagickBooleanType SetMagickSecurityPolicyValue(const PolicyDomain domain,
1248 const char *name,const char *value,ExceptionInfo *exception)
1249{
1250 magick_unreferenced(exception);
1251 assert(exception != (ExceptionInfo *) NULL);
1252 if ((name == (const char *) NULL) || (value == (const char *) NULL))
1253 return(MagickFalse);
1254 switch (domain)
1255 {
1256 case CachePolicyDomain:
1257 {
1258 if (LocaleCompare(name,"memory-map") == 0)
1259 {
1260 if (LocaleCompare(value,"anonymous") != 0)
1261 return(MagickFalse);
1262 ResetCacheAnonymousMemory();
1263 ResetStreamAnonymousMemory();
1264 return(MagickTrue);
1265 }
1266 break;
1267 }
1268 case ResourcePolicyDomain:
1269 {
1270 ssize_t
1271 type;
1272
1273 type=ParseCommandOption(MagickResourceOptions,MagickFalse,name);
1274 if (type >= 0)
1275 {
1276 MagickSizeType
1277 limit;
1278
1279 limit=MagickResourceInfinity;
1280 if (LocaleCompare("unlimited",value) != 0)
1281 limit=StringToMagickSizeType(value,100.0);
1282 if ((ResourceType) type == TimeResource)
1283 limit=(MagickSizeType) ParseMagickTimeToLive(value);
1284 return(SetMagickResourceLimit((ResourceType) type,limit));
1285 }
1286 break;
1287 }
1288 case SystemPolicyDomain:
1289 {
1290 if (LocaleCompare(name,"max-memory-request") == 0)
1291 {
1292 MagickSizeType
1293 limit;
1294
1295 limit=MagickResourceInfinity;
1296 if (LocaleCompare("unlimited",value) != 0)
1297 limit=StringToMagickSizeType(value,100.0);
1298 SetMaxMemoryRequest(limit);
1299 return(MagickTrue);
1300 }
1301 if (LocaleCompare(name,"memory-map") == 0)
1302 {
1303 if (LocaleCompare(value,"anonymous") != 0)
1304 return(MagickFalse);
1305 ResetVirtualAnonymousMemory();
1306 return(MagickTrue);
1307 }
1308 if (LocaleCompare(name,"precision") == 0)
1309 {
1310 int
1311 limit;
1312
1313 limit=StringToInteger(value);
1314 SetMagickPrecision(limit);
1315 return(MagickTrue);
1316 }
1317 break;
1318 }
1319 case CoderPolicyDomain:
1320 case DelegatePolicyDomain:
1321 case FilterPolicyDomain:
1322 case ModulePolicyDomain:
1323 case PathPolicyDomain:
1324 default:
1325 break;
1326 }
1327 return(MagickFalse);
1328}
_PolicyInfo
Definition policy.c:81
_PolicyMapInfo
Definition policy.c:109