From: Cristy Date: Sat, 25 Aug 2018 00:43:50 +0000 (-0400) Subject: Support "module" security policy X-Git-Tag: 7.0.8-11~45 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c809ff7b9a0298cb5288399dd1ae495e2712d4ef;p=imagemagick Support "module" security policy --- diff --git a/MagickCore/module.c b/MagickCore/module.c index 29cf57672..2baffed84 100644 --- a/MagickCore/module.c +++ b/MagickCore/module.c @@ -959,6 +959,14 @@ MagickExport MagickBooleanType InvokeDynamicImageFilter(const char *tag, if ((*images)->debug != MagickFalse) (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s", (*images)->filename); + rights=ReadPolicyRights; + if (IsRightsAuthorized(FilterPolicyDomain,rights,tag) == MagickFalse) + { + errno=EPERM; + (void) ThrowMagickException(exception,GetMagickModule(),PolicyError, + "NotAuthorized","`%s'",tag); + return(MagickFalse); + } #if !defined(MAGICKCORE_BUILD_MODULES) { MagickBooleanType @@ -969,14 +977,6 @@ MagickExport MagickBooleanType InvokeDynamicImageFilter(const char *tag, return(status); } #endif - rights=ReadPolicyRights; - if (IsRightsAuthorized(FilterPolicyDomain,rights,tag) == MagickFalse) - { - errno=EPERM; - (void) ThrowMagickException(exception,GetMagickModule(),PolicyError, - "NotAuthorized","`%s'",tag); - return(MagickFalse); - } TagToFilterModuleName(tag,name); status=GetMagickModulePath(name,MagickImageFilterModule,path,exception); if (status == MagickFalse) @@ -1234,6 +1234,9 @@ MagickPrivate MagickBooleanType OpenModule(const char *module, ModuleInfo *module_info; + PolicyRights + rights; + register const CoderInfo *p; @@ -1247,6 +1250,14 @@ MagickPrivate MagickBooleanType OpenModule(const char *module, module_info=(ModuleInfo *) GetModuleInfo(module,exception); if (module_info != (ModuleInfo *) NULL) return(MagickTrue); + rights=ReadPolicyRights; + if (IsRightsAuthorized(ModulePolicyDomain,rights,tag) == MagickFalse) + { + errno=EPERM; + (void) ThrowMagickException(exception,GetMagickModule(),PolicyError, + "NotAuthorized","`%s'",tag); + return(MagickFalse); + } (void) CopyMagickString(module_name,module,MagickPathExtent); p=GetCoderInfo(module,exception); if (p != (CoderInfo *) NULL) diff --git a/MagickCore/option.c b/MagickCore/option.c index c3c5c7fb9..78c90b42c 100644 --- a/MagickCore/option.c +++ b/MagickCore/option.c @@ -1834,6 +1834,7 @@ static const OptionInfo { "Coder", CoderPolicyDomain, UndefinedOptionFlag, MagickFalse }, { "Delegate", DelegatePolicyDomain, UndefinedOptionFlag, MagickFalse }, { "Filter", FilterPolicyDomain, UndefinedOptionFlag, MagickFalse }, + { "Module", ModulePolicyDomain, UndefinedOptionFlag, MagickFalse }, { "Path", PathPolicyDomain, UndefinedOptionFlag, MagickFalse }, { "Resource", ResourcePolicyDomain, UndefinedOptionFlag, MagickFalse }, { "System", SystemPolicyDomain, UndefinedOptionFlag, MagickFalse }, diff --git a/MagickCore/policy.c b/MagickCore/policy.c index 1c47c746f..b17ac4649 100644 --- a/MagickCore/policy.c +++ b/MagickCore/policy.c @@ -1254,6 +1254,7 @@ MagickExport MagickBooleanType SetMagickSecurityPolicyValue( case CoderPolicyDomain: case DelegatePolicyDomain: case FilterPolicyDomain: + case ModulePolicyDomain: case PathPolicyDomain: default: break; diff --git a/MagickCore/policy.h b/MagickCore/policy.h index c29af372b..363a0c3cb 100644 --- a/MagickCore/policy.h +++ b/MagickCore/policy.h @@ -34,7 +34,8 @@ typedef enum PathPolicyDomain, ResourcePolicyDomain, SystemPolicyDomain, - CachePolicyDomain + CachePolicyDomain, + ModulePolicyDomain } PolicyDomain; typedef enum diff --git a/config/policy.xml b/config/policy.xml index 0d854269d..49e600e1a 100644 --- a/config/policy.xml +++ b/config/policy.xml @@ -69,6 +69,7 @@ +