Mercurial > hg > vamp-plugin-load-checker

changeset 51:dd193244d97d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Remove newlines from error messages; try to do something sensible with security errors
author Chris Cannam
date Fri, 02 Nov 2018 14:39:51 +0000
parents 5f91094e5680
children 17fb9ff8e072
files checker/checkcode.h src/helper.cpp version.h
diffstat 3 files changed, 22 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/checker/checkcode.h	Thu Oct 11 15:55:17 2018 +0100
+++ b/checker/checkcode.h	Fri Nov 02 14:39:51 2018 +0000
@@ -53,25 +53,30 @@
      */
     FAIL_DEPENDENCY_MISSING = 3,
 
+    /** Plugin library loading was refused for some security-related
+     *  reason
+     */
+    FAIL_FORBIDDEN = 4,
+
     /** Plugin library cannot be loaded for some other reason
      */
-    FAIL_NOT_LOADABLE = 4,
+    FAIL_NOT_LOADABLE = 5,
 
     /** Plugin library can be loaded, but the expected plugin
      *  descriptor symbol is missing
      */
-    FAIL_DESCRIPTOR_MISSING = 5,
+    FAIL_DESCRIPTOR_MISSING = 6,
 
     /** Plugin library can be loaded and descriptor called, but no
      *  plugins are found in it
      */
-    FAIL_NO_PLUGINS = 6,
+    FAIL_NO_PLUGINS = 7,
 
     /** Failure but no meaningful error code provided, or failure
      *  read from an older helper version that did not support
      *  error codes
      */
-    FAIL_OTHER = 7
+    FAIL_OTHER = 999
 };
 
 #endif
--- a/src/helper.cpp	Thu Oct 11 15:55:17 2018 +0100
+++ b/src/helper.cpp	Fri Nov 02 14:39:51 2018 +0000
@@ -253,6 +253,12 @@
 #else
         if (!libraryExists(soname)) {
             code = PluginCheckCode::FAIL_LIBRARY_NOT_FOUND;
+        } else if (errno == EPERM) {
+            // This may be unreliable, but it seems to be set by
+            // something dlopen() calls in the case where a library
+            // can't be loaded for code-signing-related reasons on
+            // macOS
+            code = PluginCheckCode::FAIL_FORBIDDEN;
         }
 #endif
         return { code, message };
@@ -375,6 +381,12 @@
                 cout << "FAILURE|" << soname
                      << "|[" << int(result.code) << "]" << endl;
             } else {
+                for (size_t i = 0; i < result.message.size(); ++i) {
+                    if (result.message[i] == '\n' ||
+                        result.message[i] == '\r') {
+                        result.message[i] = ' ';
+                    }
+                }
                 cout << "FAILURE|" << soname
                      << "|" << result.message << " ["
                      << int(result.code) << "]" << endl;
--- a/version.h	Thu Oct 11 15:55:17 2018 +0100
+++ b/version.h	Fri Nov 02 14:39:51 2018 +0000
@@ -1,1 +1,1 @@
-#define CHECKER_COMPATIBILITY_VERSION "3"
+#define CHECKER_COMPATIBILITY_VERSION "4"