sudo-rs 0.2.13

A memory safe implementation of sudo and su.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74

use std::io;

use crate::cutils::cerr;
use crate::log::dev_debug;
use crate::system::make_zeroed_sigaction;
use crate::system::signal::signal_name;

use super::{SignalNumber, consts::*};

struct State {
    sa: libc::sigaction,
    restore: bool,
}

pub(crate) struct SignalsState {
    sa_handlers: [State; Self::SAVED_SIGNALS.len()],
}

impl SignalsState {
    ///SIGKILL SIGSTOP are not included since forbidden
    const SAVED_SIGNALS: [SignalNumber; 14] = [
        SIGINT, SIGQUIT, SIGTSTP, SIGTERM, SIGHUP, SIGALRM, SIGPIPE, SIGUSR1, SIGUSR2, SIGCHLD,
        SIGCONT, SIGWINCH, SIGTTIN, SIGTTOU,
    ];

    pub(crate) fn save() -> io::Result<Self> {
        let mut state_array = std::array::from_fn(|_| State {
            sa: make_zeroed_sigaction(),
            restore: false,
        });

        for (idx, &signal) in Self::SAVED_SIGNALS.iter().enumerate() {
            let state = &mut state_array[idx];

            // safety: `signal` is a constant value and a valid signal
            // second parameter can be null
            // `state.sa` is a valid already initialized `sigaction`
            cerr(unsafe { libc::sigaction(signal, std::ptr::null(), &mut state.sa) })?;
        }

        Ok(Self {
            sa_handlers: state_array,
        })
    }

    pub(super) fn updated(&mut self, signal: SignalNumber) -> io::Result<()> {
        match Self::SAVED_SIGNALS
            .iter()
            .enumerate()
            .find(|&(_, &s)| s == signal)
        {
            None => Err(io::Error::new(io::ErrorKind::NotFound, "invalid signal")),
            Some((idx, _)) => {
                self.sa_handlers[idx].restore = true;
                Ok(())
            }
        }
    }

    pub(crate) fn restore(&mut self) -> io::Result<()> {
        for (idx, state) in self.sa_handlers.iter_mut().enumerate() {
            if state.restore {
                let signal = Self::SAVED_SIGNALS[idx];
                dev_debug!("restoring updated signal: {}", signal_name(signal));
                // safety: `signal` is a constant value and a valid signal
                // `sa` is a valid already initialized sigaction
                // Third parameter can be NULL
                cerr(unsafe { libc::sigaction(signal, &state.sa, std::ptr::null_mut()) })?;
                state.restore = false;
            }
        }
        Ok(())
    }
}