Security-59306.61.1.tar.gz

[apple/security.git] / OSX / libsecurity_codesigning / lib / singlediskrep.cpp

diff --git a/OSX/libsecurity_codesigning/lib/singlediskrep.cpp b/OSX/libsecurity_codesigning/lib/singlediskrep.cpp
index 84c5a78149243782ef6e53497ce3a67b66b6176a..c475d78c1554e020327093fbe2383f0109722562 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/singlediskrep.cpp
+++ b/OSX/libsecurity_codesigning/lib/singlediskrep.cpp
@@ -82,6 +82,14 @@ size_t SingleDiskRep::signingLimit()
        return fd().fileSize();
 }
 
+//
+// No executable segment in non-machO files.
+//
+size_t SingleDiskRep::execSegLimit(const Architecture *)
+{
+       return 0;
+}
+
 //
 // A lazily opened read-only file descriptor for the path.
 //
@@ -89,7 +97,6 @@ FileDesc &SingleDiskRep::fd()
 {
        if (!mFd)
                mFd.open(mPath, O_RDONLY);
-
        return mFd;
 }
 
@@ -101,6 +108,11 @@ void SingleDiskRep::flush()
        mFd.close();
 }
 
+//Check the magic darwinup xattr
+bool SingleDiskRep::appleInternalForcePlatform() const
+{
+       return mFd.hasExtendedAttribute("com.apple.root.installed");
+}
 
 //
 // The recommended identifier of a SingleDiskRep is, absent any better clue,
@@ -118,6 +130,11 @@ string SingleDiskRep::recommendedIdentifier(const SigningContext &)
 void SingleDiskRep::strictValidate(const CodeDirectory* cd, const ToleratedErrors& tolerated, SecCSFlags flags)
 {
        DiskRep::strictValidate(cd, tolerated, flags);
+
+       if (flags & kSecCSRestrictSidebandData)
+               if (fd().hasExtendedAttribute(XATTR_RESOURCEFORK_NAME) || fd().hasExtendedAttribute(XATTR_FINDERINFO_NAME))
+                       if (tolerated.find(errSecCSInvalidAssociatedFileData) == tolerated.end())
+                               MacOSError::throwMe(errSecCSInvalidAssociatedFileData);
        
        // code limit must cover (exactly) the entire file
        if (cd && cd->signingLimit() != signingLimit())