zpmod  b19981f
High-performance Zsh module for script optimization and filesystem helpers
Data Structures | Macros | Functions | Variables
compaudit_cache.c File Reference

Cached security verdicts for completion directories (initial slice). More...

#include "zpmod.mdh"
#include "zpmod.pro"
#include "zpmod_compaudit.h"
#include "zpmod_emoji.h"
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <time.h>
#include <unistd.h>
Include dependency graph for compaudit_cache.c:

Go to the source code of this file.

Data Structures

struct  zp_cc_entry
 
struct  zp_cc_vec
 

Macros

#define PATH_MAX   4096
 
#define ZP_COMPAUDIT_CACHE_SUBDIR   "zpmod"
 
#define ZP_COMPAUDIT_CACHE_FILE   "compaudit_v3.zcache"
 

Functions

static char * zp_cc_base_cache_dir (void)
 
static char * zp_cc_ensure_dir (char *nam)
 
static char * zp_cc_cache_file_path (char *nam)
 
static int parent_insecure_path (const char *path, uid_t self)
 
static void zp_cc_vec_init (struct zp_cc_vec *v)
 
static int zp_cc_vec_push (struct zp_cc_vec *v, struct zp_cc_entry *e)
 
static void zp_cc_vec_free (struct zp_cc_vec *v)
 
static void zp_cc_discover_exe_owner (void)
 
static int zp_cc_owner_allowed (uid_t uid, uid_t self)
 
static int zp_cc_is_insecure (struct stat *st, uid_t self)
 
static void zp_cc_collect_dirs (struct zp_cc_vec *out)
 
static int zp_cc_load_cache (const char *path, struct zp_cc_vec *out)
 
static int zp_cc_validate_cache (struct zp_cc_vec *cache)
 
static int zp_cc_incremental_update (char *nam, char *cache_path, struct zp_cc_vec *entries, int *out_insecure, int *out_secure)
 
static int zp_cc_rebuild (char *nam, const char *file_path, struct zp_cc_vec *targets, int *out_insecure, int *out_secure)
 
int zp_compaudit_cache_core (char *nam, int rebuild, int show, int json)
 

Variables

static uid_t zp_cached_exe_owner = (uid_t)-1
 

Detailed Description

Cached security verdicts for completion directories (initial slice).

Format (line oriented; header + entries): version:3
<path>\t<verdict>\t<mode_octal>\t<uid>\t<gid>\t<mtime>\t<ctime>\t<parent_insecure>\t<zwc_insecure>
verdict: 0 = secure, 1 = insecure (mirrors compaudit style verdict)

Rebuild conditions (current slice):

  • –rebuild flag
  • cache file missing
  • version mismatch
  • any directory metadata (mode/uid/gid/ctime/mtime) differs from cache

Definition in file compaudit_cache.c.

Macro Definition Documentation

◆ PATH_MAX

#define PATH_MAX   4096

Definition at line 39 of file compaudit_cache.c.

◆ ZP_COMPAUDIT_CACHE_FILE

#define ZP_COMPAUDIT_CACHE_FILE   "compaudit_v3.zcache"

Definition at line 43 of file compaudit_cache.c.

◆ ZP_COMPAUDIT_CACHE_SUBDIR

#define ZP_COMPAUDIT_CACHE_SUBDIR   "zpmod"

Definition at line 42 of file compaudit_cache.c.

Function Documentation

◆ parent_insecure_path()

static int parent_insecure_path ( const char *  path,
uid_t  self 
)
static

Definition at line 488 of file compaudit_cache.c.

References path, PATH_MAX, and zp_cc_is_insecure().

Referenced by zp_cc_incremental_update(), zp_cc_rebuild(), and zp_cc_validate_cache().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_base_cache_dir()

static char* zp_cc_base_cache_dir ( void  )
static

Definition at line 49 of file compaudit_cache.c.

References getsparam(), zalloc(), and ztrdup().

Referenced by zp_cc_ensure_dir().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_cache_file_path()

static char* zp_cc_cache_file_path ( char *  nam)
static

Definition at line 108 of file compaudit_cache.c.

References zalloc(), zp_cc_ensure_dir(), ZP_COMPAUDIT_CACHE_FILE, and zsfree().

Referenced by zp_compaudit_cache_core().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_collect_dirs()

static void zp_cc_collect_dirs ( struct zp_cc_vec out)
static

Definition at line 240 of file compaudit_cache.c.

References zp_cc_entry::ctime, getaparam(), zp_cc_entry::gid, zp_cc_entry::mode, zp_cc_entry::mtime, zp_cc_entry::path, zp_cc_entry::uid, zp_cc_entry::verdict, zalloc(), zp_cc_vec_push(), and zsfree().

Referenced by zp_compaudit_cache_core().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_discover_exe_owner()

static void zp_cc_discover_exe_owner ( void  )
static

Definition at line 193 of file compaudit_cache.c.

References zp_cached_exe_owner.

Referenced by zp_cc_is_insecure().

Here is the caller graph for this function:

◆ zp_cc_ensure_dir()

static char* zp_cc_ensure_dir ( char *  nam)
static

Definition at line 71 of file compaudit_cache.c.

References zalloc(), zp_cc_base_cache_dir(), ZP_COMPAUDIT_CACHE_SUBDIR, zp_icon(), zsfree(), and zwarnnam().

Referenced by zp_cc_cache_file_path().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_incremental_update()

static int zp_cc_incremental_update ( char *  nam,
char *  cache_path,
struct zp_cc_vec entries,
int *  out_insecure,
int *  out_secure 
)
static

Definition at line 366 of file compaudit_cache.c.

References zp_cc_entry::ctime, getaparam(), zp_cc_entry::gid, zp_cc_vec::items, zp_cc_entry::mode, zp_cc_entry::mtime, zp_cc_entry::parent_insecure, parent_insecure_path(), zp_cc_entry::path, PATH_MAX, zp_cc_vec::size, zp_cc_entry::uid, zp_cc_entry::verdict, zalloc(), zp_cc_is_insecure(), zp_cc_vec_push(), zp_icon(), zsfree(), zwarnnam(), and zp_cc_entry::zwc_insecure.

Referenced by zp_compaudit_cache_core().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_is_insecure()

static int zp_cc_is_insecure ( struct stat *  st,
uid_t  self 
)
static

Definition at line 216 of file compaudit_cache.c.

References zp_cc_discover_exe_owner(), and zp_cc_owner_allowed().

Referenced by parent_insecure_path(), zp_cc_incremental_update(), zp_cc_rebuild(), zp_cc_validate_cache(), and zp_compaudit_cache_core().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_load_cache()

static int zp_cc_load_cache ( const char *  path,
struct zp_cc_vec out 
)
static

Definition at line 271 of file compaudit_cache.c.

References zp_cc_entry::ctime, zp_cc_entry::gid, zp_cc_entry::mode, zp_cc_entry::mtime, zp_cc_entry::parent_insecure, zp_cc_entry::path, path, zp_cc_entry::uid, zp_cc_entry::verdict, zp_cc_vec_push(), zsfree(), ztrdup(), and zp_cc_entry::zwc_insecure.

Referenced by zp_compaudit_cache_core().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_owner_allowed()

static int zp_cc_owner_allowed ( uid_t  uid,
uid_t  self 
)
static

Definition at line 207 of file compaudit_cache.c.

References zp_cached_exe_owner.

Referenced by zp_cc_is_insecure().

Here is the caller graph for this function:

◆ zp_cc_rebuild()

static int zp_cc_rebuild ( char *  nam,
const char *  file_path,
struct zp_cc_vec targets,
int *  out_insecure,
int *  out_secure 
)
static

Definition at line 513 of file compaudit_cache.c.

References zp_cc_vec::items, parent_insecure_path(), zp_cc_entry::path, PATH_MAX, zp_cc_vec::size, zp_cc_is_insecure(), zp_icon(), and zwarnnam().

Referenced by zp_compaudit_cache_core().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_validate_cache()

static int zp_cc_validate_cache ( struct zp_cc_vec cache)
static

Definition at line 335 of file compaudit_cache.c.

References zp_cc_entry::ctime, zp_cc_entry::gid, zp_cc_vec::items, zp_cc_entry::mode, zp_cc_entry::mtime, parent_insecure_path(), zp_cc_entry::path, zp_cc_vec::size, zp_cc_entry::uid, zp_cc_entry::verdict, and zp_cc_is_insecure().

Referenced by zp_compaudit_cache_core().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_vec_free()

static void zp_cc_vec_free ( struct zp_cc_vec v)
static

Definition at line 163 of file compaudit_cache.c.

References zp_cc_vec::cap, zp_cc_vec::items, zp_cc_entry::path, zp_cc_vec::size, zfree(), and zsfree().

Referenced by zp_compaudit_cache_core().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_cc_vec_init()

static void zp_cc_vec_init ( struct zp_cc_vec v)
static

Definition at line 145 of file compaudit_cache.c.

References zp_cc_vec::cap, zp_cc_vec::items, and zp_cc_vec::size.

Referenced by zp_compaudit_cache_core().

Here is the caller graph for this function:

◆ zp_cc_vec_push()

static int zp_cc_vec_push ( struct zp_cc_vec v,
struct zp_cc_entry e 
)
static

Definition at line 150 of file compaudit_cache.c.

References zp_cc_vec::cap, zp_cc_vec::items, zp_cc_vec::size, and zrealloc().

Referenced by zp_cc_collect_dirs(), zp_cc_incremental_update(), and zp_cc_load_cache().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ zp_compaudit_cache_core()

int zp_compaudit_cache_core ( char *  nam,
int  rebuild,
int  show,
int  json 
)

Definition at line 584 of file compaudit_cache.c.

References zp_cc_vec::items, zp_cc_entry::parent_insecure, zp_cc_entry::path, zp_cc_vec::size, zp_cc_entry::verdict, zalloc(), zp_cc_cache_file_path(), zp_cc_collect_dirs(), zp_cc_incremental_update(), zp_cc_is_insecure(), zp_cc_load_cache(), zp_cc_rebuild(), zp_cc_validate_cache(), zp_cc_vec_free(), zp_cc_vec_init(), zp_icon(), zsfree(), and zp_cc_entry::zwc_insecure.

Referenced by bin_zpmod().

Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ zp_cached_exe_owner

uid_t zp_cached_exe_owner = (uid_t)-1
static

Definition at line 192 of file compaudit_cache.c.

Referenced by zp_cc_discover_exe_owner(), and zp_cc_owner_allowed().