MagickCore 7.1.2-24
Convert, Edit, Or Compose Bitmap Images
Loading...
Searching...
No Matches
policy.c
1/*
2%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
3% %
4% %
5% PPPP OOO L IIIII CCCC Y Y %
6% P P O O L I C Y Y %
7% PPPP O O L I C Y %
8% P O O L I C Y %
9% P OOO LLLLL IIIII CCCC Y %
10% %
11% %
12% MagickCore Policy Methods %
13% %
14% Software Design %
15% Cristy %
16% July 1992 %
17% %
18% %
19% Copyright @ 1999 ImageMagick Studio LLC, a non-profit organization %
20% dedicated to making software imaging solutions freely available. %
21% %
22% You may not use this file except in compliance with the License. You may %
23% obtain a copy of the License at %
24% %
25% https://imagemagick.org/license/ %
26% %
27% Unless required by applicable law or agreed to in writing, software %
28% distributed under the License is distributed on an "AS IS" BASIS, %
29% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. %
30% See the License for the specific language governing permissions and %
31% limitations under the License. %
32% %
33%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
34%
35*/
36
37/*
38 Include declarations.
39*/
40#include "MagickCore/studio.h"
41#include "MagickCore/cache-private.h"
42#include "MagickCore/client.h"
43#include "MagickCore/configure.h"
44#include "MagickCore/configure-private.h"
45#include "MagickCore/exception.h"
46#include "MagickCore/exception-private.h"
47#include "MagickCore/linked-list-private.h"
48#include "MagickCore/magick-private.h"
49#include "MagickCore/memory_.h"
50#include "MagickCore/memory-private.h"
51#include "MagickCore/monitor.h"
52#include "MagickCore/monitor-private.h"
53#include "MagickCore/option.h"
54#include "MagickCore/policy.h"
55#include "MagickCore/policy-private.h"
56#include "MagickCore/resource_.h"
57#include "MagickCore/resource-private.h"
58#include "MagickCore/semaphore.h"
59#include "MagickCore/stream-private.h"
60#include "MagickCore/string_.h"
61#include "MagickCore/string-private.h"
62#include "MagickCore/token.h"
63#include "MagickCore/timer-private.h"
64#include "MagickCore/utility.h"
65#include "MagickCore/utility-private.h"
66#include "MagickCore/xml-tree.h"
67#include "MagickCore/xml-tree-private.h"
68#if defined(MAGICKCORE_XML_DELEGATE)
69# include <libxml/parser.h>
70# include <libxml/tree.h>
71#endif
72
73/*
74 Define declarations.
75*/
76#define PolicyFilename "policy.xml"
77
78/*
79 Typedef declarations.
80*/
81struct _PolicyInfo
82{
83 char
84 *path;
85
86 PolicyDomain
87 domain;
88
89 PolicyRights
90 rights;
91
92 char
93 *name,
94 *pattern,
95 *value;
96
97 MagickBooleanType
98 exempt,
99 stealth,
100 debug;
101
102 SemaphoreInfo
103 *semaphore;
104
105 size_t
106 signature;
107};
108
109typedef struct _PolicyMapInfo
110{
111 const PolicyDomain
112 domain;
113
114 const PolicyRights
115 rights;
116
117 const char
118 *name,
119 *pattern,
120 *value;
121} PolicyMapInfo;
122
123/*
124 Static declarations.
125*/
126static const PolicyMapInfo
127 PolicyMap[] =
128 {
129 { UndefinedPolicyDomain, UndefinedPolicyRights, (const char *) NULL,
130 (const char *) NULL, (const char *) NULL }
131 };
132
133static LinkedListInfo
134 *policy_cache = (LinkedListInfo *) NULL;
135
136static SemaphoreInfo
137 *policy_semaphore = (SemaphoreInfo *) NULL;
138
139/*
140 Forward declarations.
141*/
142static MagickBooleanType
143 IsPolicyCacheInstantiated(ExceptionInfo *),
144 LoadPolicyCache(LinkedListInfo *,const char *,const char *,const size_t,
145 ExceptionInfo *);
146
147/*
148%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
149% %
150% %
151% %
152% A c q u i r e P o l i c y C a c h e %
153% %
154% %
155% %
156%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
157%
158% AcquirePolicyCache() caches one or more policy configurations which provides
159% a mapping between policy attributes and a policy name.
160%
161% The format of the AcquirePolicyCache method is:
162%
163% LinkedListInfo *AcquirePolicyCache(const char *filename,
164% ExceptionInfo *exception)
165%
166% A description of each parameter follows:
167%
168% o filename: the policy configuration file name.
169%
170% o exception: return any errors or warnings in this structure.
171%
172*/
173static LinkedListInfo *AcquirePolicyCache(const char *filename,
174 ExceptionInfo *exception)
175{
176 LinkedListInfo
177 *cache;
178
179 MagickBooleanType
180 status;
181
182 ssize_t
183 i;
184
185 /*
186 Load external policy map.
187 */
188 cache=NewLinkedList(0);
189 status=MagickTrue;
190#if MAGICKCORE_ZERO_CONFIGURATION_SUPPORT
191 magick_unreferenced(filename);
192 status=LoadPolicyCache(cache,ZeroConfigurationPolicy,"[zero-configuration]",0,
193 exception);
194 if (status == MagickFalse)
195 CatchException(exception);
196#else
197 {
198 const StringInfo
199 *option;
200
201 LinkedListInfo
202 *options;
203
204 options=GetConfigureOptions(filename,exception);
205 option=(const StringInfo *) GetNextValueInLinkedList(options);
206 while (option != (const StringInfo *) NULL)
207 {
208 status=LoadPolicyCache(cache,(const char *) GetStringInfoDatum(option),
209 GetStringInfoPath(option),0,exception);
210 if (status == MagickFalse)
211 CatchException(exception);
212 option=(const StringInfo *) GetNextValueInLinkedList(options);
213 }
214 options=DestroyConfigureOptions(options);
215 }
216#endif
217 /*
218 Load built-in policy map.
219 */
220 for (i=0; i < (ssize_t) (sizeof(PolicyMap)/sizeof(*PolicyMap)); i++)
221 {
222 const PolicyMapInfo
223 *p;
224
225 PolicyInfo
226 *policy_info;
227
228 p=PolicyMap+i;
229 policy_info=(PolicyInfo *) AcquireMagickMemory(sizeof(*policy_info));
230 if (policy_info == (PolicyInfo *) NULL)
231 {
232 (void) ThrowMagickException(exception,GetMagickModule(),
233 ResourceLimitError,"MemoryAllocationFailed","`%s'",
234 p->name == (char *) NULL ? "" : p->name);
235 CatchException(exception);
236 continue;
237 }
238 (void) memset(policy_info,0,sizeof(*policy_info));
239 policy_info->path=(char *) "[built-in]";
240 policy_info->domain=p->domain;
241 policy_info->rights=p->rights;
242 policy_info->name=(char *) p->name;
243 policy_info->pattern=(char *) p->pattern;
244 policy_info->value=(char *) p->value;
245 policy_info->exempt=MagickTrue;
246 policy_info->signature=MagickCoreSignature;
247 status=AppendValueToLinkedList(cache,policy_info);
248 if (status == MagickFalse)
249 {
250 (void) ThrowMagickException(exception,GetMagickModule(),
251 ResourceLimitError,"MemoryAllocationFailed","`%s'",
252 p->name == (char *) NULL ? "" : p->name);
253 CatchException(exception);
254 }
255 }
256 return(cache);
257}
258
259/*
260%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
261% %
262% %
263% %
264+ G e t P o l i c y I n f o %
265% %
266% %
267% %
268%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
269%
270% GetPolicyInfo() searches the policy list for the specified name and if found
271% returns attributes for that policy.
272%
273% The format of the GetPolicyInfo method is:
274%
275% PolicyInfo *GetPolicyInfo(const char *name,ExceptionInfo *exception)
276%
277% A description of each parameter follows:
278%
279% o name: the policy name.
280%
281% o exception: return any errors or warnings in this structure.
282%
283*/
284static PolicyInfo *GetPolicyInfo(const char *name,ExceptionInfo *exception)
285{
286 char
287 policyname[MagickPathExtent],
288 *q;
289
290 ElementInfo
291 *p;
292
293 PolicyDomain
294 domain;
295
296 PolicyInfo
297 *policy;
298
299 assert(exception != (ExceptionInfo *) NULL);
300 if (IsPolicyCacheInstantiated(exception) == MagickFalse)
301 return((PolicyInfo *) NULL);
302 /*
303 Strip names of whitespace.
304 */
305 *policyname='\0';
306 if (name != (const char *) NULL)
307 (void) CopyMagickString(policyname,name,MagickPathExtent);
308 for (q=policyname; *q != '\0'; q++)
309 {
310 if (isspace((int) ((unsigned char) *q)) == 0)
311 continue;
312 (void) CopyMagickString(q,q+1,MagickPathExtent);
313 q--;
314 }
315 /*
316 Strip domain from policy name (e.g. resource:map).
317 */
318 domain=UndefinedPolicyDomain;
319 for (q=policyname; *q != '\0'; q++)
320 {
321 if (*q != ':')
322 continue;
323 *q='\0';
324 domain=(PolicyDomain) ParseCommandOption(MagickPolicyDomainOptions,
325 MagickTrue,policyname);
326 (void) CopyMagickString(policyname,q+1,MagickPathExtent);
327 break;
328 }
329 /*
330 Search for policy tag.
331 */
332 policy=(PolicyInfo *) NULL;
333 LockSemaphoreInfo(policy_semaphore);
334 ResetLinkedListIterator(policy_cache);
335 p=GetHeadElementInLinkedList(policy_cache);
336 if ((name == (const char *) NULL) || (LocaleCompare(name,"*") == 0))
337 {
338 UnlockSemaphoreInfo(policy_semaphore);
339 if (p != (ElementInfo *) NULL)
340 policy=(PolicyInfo *) p->value;
341 return(policy);
342 }
343 while (p != (ElementInfo *) NULL)
344 {
345 policy=(PolicyInfo *) p->value;
346 if ((domain == UndefinedPolicyDomain) || (policy->domain == domain))
347 if (LocaleCompare(policyname,policy->name) == 0)
348 break;
349 p=p->next;
350 }
351 if (p == (ElementInfo *) NULL)
352 policy=(PolicyInfo *) NULL;
353 else
354 (void) SetHeadElementInLinkedList(policy_cache,p);
355 UnlockSemaphoreInfo(policy_semaphore);
356 return(policy);
357}
358
359/*
360%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
361% %
362% %
363% %
364% G e t P o l i c y I n f o L i s t %
365% %
366% %
367% %
368%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
369%
370% GetPolicyInfoList() returns any policies that match the specified pattern.
371%
372% The format of the GetPolicyInfoList function is:
373%
374% const PolicyInfo **GetPolicyInfoList(const char *pattern,
375% size_t *number_policies,ExceptionInfo *exception)
376%
377% A description of each parameter follows:
378%
379% o pattern: Specifies a pointer to a text string containing a pattern.
380%
381% o number_policies: returns the number of policies in the list.
382%
383% o exception: return any errors or warnings in this structure.
384%
385*/
386MagickExport const PolicyInfo **GetPolicyInfoList(const char *pattern,
387 size_t *number_policies,ExceptionInfo *exception)
388{
389 const PolicyInfo
390 **policies;
391
392 ElementInfo
393 *p;
394
395 ssize_t
396 i;
397
398 assert(pattern != (char *) NULL);
399 assert(number_policies != (size_t *) NULL);
400 if (IsEventLogging() != MagickFalse)
401 (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",pattern);
402 *number_policies=0;
403 if (IsPolicyCacheInstantiated(exception) == MagickFalse)
404 return((const PolicyInfo **) NULL);
405 policies=(const PolicyInfo **) AcquireQuantumMemory((size_t)
406 GetNumberOfElementsInLinkedList(policy_cache)+1UL,sizeof(*policies));
407 if (policies == (const PolicyInfo **) NULL)
408 return((const PolicyInfo **) NULL);
409 LockSemaphoreInfo(policy_semaphore);
410 p=GetHeadElementInLinkedList(policy_cache);
411 for (i=0; p != (ElementInfo *) NULL; )
412 {
413 const PolicyInfo
414 *policy;
415
416 policy=(const PolicyInfo *) p->value;
417 if ((policy->stealth == MagickFalse) &&
418 (GlobExpression(policy->name,pattern,MagickFalse) != MagickFalse))
419 policies[i++]=policy;
420 p=p->next;
421 }
422 UnlockSemaphoreInfo(policy_semaphore);
423 if (i == 0)
424 policies=(const PolicyInfo **) RelinquishMagickMemory((void*) policies);
425 else
426 policies[i]=(PolicyInfo *) NULL;
427 *number_policies=(size_t) i;
428 return(policies);
429}
430
431/*
432%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
433% %
434% %
435% %
436% G e t P o l i c y L i s t %
437% %
438% %
439% %
440%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
441%
442% GetPolicyList() returns any policies that match the specified pattern.
443%
444% The format of the GetPolicyList function is:
445%
446% char **GetPolicyList(const char *pattern,size_t *number_policies,
447% ExceptionInfo *exception)
448%
449% A description of each parameter follows:
450%
451% o pattern: a pointer to a text string containing a pattern.
452%
453% o number_policies: returns the number of policies in the list.
454%
455% o exception: return any errors or warnings in this structure.
456%
457*/
458
459static char *AcquirePolicyString(const char *source,const size_t pad)
460{
461 char
462 *destination;
463
464 size_t
465 length;
466
467 length=0;
468 if (source != (char *) NULL)
469 length+=strlen(source);
470 destination=(char *) NULL;
471 /* AcquireMagickMemory needs to be used here to avoid an omp deadlock */
472 if (~length >= pad)
473 destination=(char *) AcquireMagickMemory((length+pad)*sizeof(*destination));
474 if (destination == (char *) NULL)
475 ThrowFatalException(ResourceLimitFatalError,"UnableToAcquireString");
476 if (source != (char *) NULL)
477 (void) memcpy(destination,source,length*sizeof(*destination));
478 destination[length]='\0';
479 return(destination);
480}
481
482MagickExport char **GetPolicyList(const char *pattern,size_t *number_policies,
483 ExceptionInfo *exception)
484{
485 char
486 **policies;
487
488 const ElementInfo
489 *p;
490
491 ssize_t
492 i;
493
494 assert(pattern != (char *) NULL);
495 assert(number_policies != (size_t *) NULL);
496 if (IsEventLogging() != MagickFalse)
497 (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",pattern);
498 *number_policies=0;
499 if (IsPolicyCacheInstantiated(exception) == MagickFalse)
500 return((char **) NULL);
501 policies=(char **) AcquireQuantumMemory((size_t)
502 GetNumberOfElementsInLinkedList(policy_cache)+1UL,sizeof(*policies));
503 if (policies == (char **) NULL)
504 return((char **) NULL);
505 LockSemaphoreInfo(policy_semaphore);
506 p=GetHeadElementInLinkedList(policy_cache);
507 for (i=0; p != (ElementInfo *) NULL; )
508 {
509 const PolicyInfo
510 *policy;
511
512 policy=(const PolicyInfo *) p->value;
513 if ((policy->stealth == MagickFalse) &&
514 (GlobExpression(policy->name,pattern,MagickFalse) != MagickFalse))
515 policies[i++]=AcquirePolicyString(policy->name,1);
516 p=p->next;
517 }
518 UnlockSemaphoreInfo(policy_semaphore);
519 if (i == 0)
520 policies=(char **) RelinquishMagickMemory(policies);
521 else
522 policies[i]=(char *) NULL;
523 *number_policies=(size_t) i;
524 return(policies);
525}
526
527/*
528%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
529% %
530% %
531% %
532% G e t P o l i c y V a l u e %
533% %
534% %
535% %
536%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
537%
538% GetPolicyValue() returns the value associated with the named policy.
539%
540% The format of the GetPolicyValue method is:
541%
542% char *GetPolicyValue(const char *name)
543%
544% A description of each parameter follows:
545%
546% o name: The name of the policy.
547%
548*/
549MagickExport char *GetPolicyValue(const char *name)
550{
551 const char
552 *value;
553
554 const PolicyInfo
555 *policy_info;
556
557 ExceptionInfo
558 *exception;
559
560 assert(name != (const char *) NULL);
561 if (IsEventLogging() != MagickFalse)
562 (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",name);
563 exception=AcquireExceptionInfo();
564 policy_info=GetPolicyInfo(name,exception);
565 exception=DestroyExceptionInfo(exception);
566 if (policy_info == (PolicyInfo *) NULL)
567 return((char *) NULL);
568 value=policy_info->value;
569 if ((value == (const char *) NULL) || (*value == '\0'))
570 return((char *) NULL);
571 return(AcquirePolicyString(value,1));
572}
573
574/*
575%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
576% %
577% %
578% %
579+ I s P o l i c y C a c h e I n s t a n t i a t e d %
580% %
581% %
582% %
583%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
584%
585% IsPolicyCacheInstantiated() determines if the policy list is instantiated.
586% If not, it instantiates the list and returns it.
587%
588% The format of the IsPolicyInstantiated method is:
589%
590% MagickBooleanType IsPolicyCacheInstantiated(ExceptionInfo *exception)
591%
592% A description of each parameter follows.
593%
594% o exception: return any errors or warnings in this structure.
595%
596*/
597static MagickBooleanType IsPolicyCacheInstantiated(ExceptionInfo *exception)
598{
599 if (policy_cache == (LinkedListInfo *) NULL)
600 {
601 (void) GetMaxMemoryRequest(); /* avoid OMP deadlock */
602 if (policy_semaphore == (SemaphoreInfo *) NULL)
603 ActivateSemaphoreInfo(&policy_semaphore);
604 LockSemaphoreInfo(policy_semaphore);
605 if (policy_cache == (LinkedListInfo *) NULL)
606 policy_cache=AcquirePolicyCache(PolicyFilename,exception);
607 UnlockSemaphoreInfo(policy_semaphore);
608 }
609 return(policy_cache != (LinkedListInfo *) NULL ? MagickTrue : MagickFalse);
610}
611
612/*
613%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
614% %
615% %
616% %
617% I s R i g h t s A u t h o r i z e d %
618% %
619% %
620% %
621%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
622%
623% IsRightsAuthorized() returns MagickTrue if the policy authorizes the
624% requested rights for the specified domain.
625%
626% Policy evaluation uses a “last match wins” model. Be careful when adding
627% new rules: any later policy can override earlier denies or allows. Place
628% broad deny rules first, followed by specific exceptions, and review
629% ordering to avoid accidental authorization.
630%
631% The format of the IsRightsAuthorized method is:
632%
633% MagickBooleanType IsRightsAuthorized(const PolicyDomain domain,
634% const PolicyRights rights,const char *pattern)
635%
636% A description of each parameter follows:
637%
638% o domain: the policy domain.
639%
640% o rights: the policy rights.
641%
642% o pattern: the pattern.
643%
644*/
645
646MagickPrivate MagickBooleanType IsRightsAuthorizedByName(
647 const PolicyDomain domain,const char *name,const PolicyRights rights,
648 const char *pattern)
649{
650 char
651 *canonical_directory = (char *) NULL,
652 *canonical_path = (char *) NULL,
653 *canonical_candidate = (char *) NULL,
654 directory[MagickPathExtent],
655 filename[MagickPathExtent];
656
657 ElementInfo
658 *p;
659
660 ExceptionInfo
661 *exception;
662
663 MagickBooleanType
664 matched_any = MagickFalse,
665 paths_provisioned = MagickFalse,
666 status;
667
668 PolicyRights
669 effective_rights = AllPolicyRights; /* rights authorized unless denied */
670
671 /*
672 Load policies.
673 */
674 if ((GetLogEventMask() & PolicyEvent) != 0)
675 (void) LogMagickEvent(PolicyEvent,GetMagickModule(),
676 "Domain: %s; name: %s; rights=%s; pattern=\"%s\"; ...",
677 CommandOptionToMnemonic(MagickPolicyDomainOptions,domain),
678 name == (const char *) NULL ? "undefined" : name,
679 CommandOptionToMnemonic(MagickPolicyRightsOptions,rights),
680 pattern == (const char *) NULL ? "undefined" : pattern);
681 exception=AcquireExceptionInfo();
682 status=IsPolicyCacheInstantiated(exception);
683 exception=DestroyExceptionInfo(exception);
684 if (status == MagickFalse)
685 {
686 if ((GetLogEventMask() & PolicyEvent) != 0)
687 (void) LogMagickEvent(PolicyEvent,GetMagickModule(),
688 " authorized: true (no security policies found)");
689 return(MagickTrue);
690 }
691 /*
692 Evaluate policies in order; last match wins.
693 */
694 LockSemaphoreInfo(policy_semaphore);
695 ResetLinkedListIterator(policy_cache);
696 p=GetHeadElementInLinkedList(policy_cache);
697 for ( ; p != (ElementInfo *) NULL; p=p->next)
698 {
699 const PolicyInfo
700 *policy = (PolicyInfo *) p->value;
701
702 MagickBooleanType
703 match = MagickFalse;
704
705 if (policy->domain != domain)
706 continue;
707 if ((name != (char *) NULL) && (LocaleCompare(name,policy->name) != 0))
708 continue;
709 match=GlobExpression(pattern,policy->pattern,MagickFalse);
710 if (policy->domain == PathPolicyDomain)
711 {
712 if (paths_provisioned == MagickFalse)
713 {
714 /*
715 Generate directory, basename, and canonical path.
716 */
717 paths_provisioned=MagickTrue;
718 GetPathComponent(pattern,HeadPath,directory);
719 GetPathComponent(pattern,TailPath,filename);
720 canonical_directory=realpath_utf8(directory);
721 if ((canonical_directory != (char *) NULL) && (*filename != '\0'))
722 {
723 size_t
724 length;
725
726 length=strlen(canonical_directory)+strlen(filename)+2;
727 canonical_candidate=(char *) AcquireCriticalMemory(length*
728 sizeof(*canonical_candidate));
729 if (canonical_candidate != (char *) NULL)
730 (void) FormatLocaleString(canonical_candidate,length,"%s%s%s",
731 canonical_directory,DirectorySeparator,filename);
732 }
733 canonical_path=realpath_utf8(pattern);
734 }
735 /*
736 Match against directory, basename, and canonical path.
737 */
738 if ((canonical_directory != (char *) NULL) && (match == MagickFalse))
739 match=GlobExpression(canonical_directory,policy->pattern,MagickFalse);
740 if ((canonical_candidate != (char *) NULL) && (match == MagickFalse))
741 match=GlobExpression(canonical_candidate,policy->pattern,MagickFalse);
742 if ((canonical_path != (char *) NULL) && (match == MagickFalse))
743 match=GlobExpression(canonical_path,policy->pattern,MagickFalse);
744 }
745 if (match == MagickFalse)
746 continue;
747 matched_any=MagickTrue;
748 effective_rights=policy->rights;
749 }
750 UnlockSemaphoreInfo(policy_semaphore);
751 if (canonical_directory != (char *) NULL)
752 canonical_directory=DestroyString(canonical_directory);
753 if (canonical_candidate != (char *) NULL)
754 canonical_candidate=DestroyString(canonical_candidate);
755 if (canonical_path != (char *) NULL)
756 canonical_path=DestroyString(canonical_path);
757 /*
758 Is rights authorized?
759 */
760 status=MagickTrue;
761 if (matched_any != MagickFalse)
762 {
763 if (((rights & ReadPolicyRights) != 0) &&
764 ((effective_rights & ReadPolicyRights) == 0))
765 status=MagickFalse;
766 if (((rights & WritePolicyRights) != 0) &&
767 ((effective_rights & WritePolicyRights) == 0))
768 status=MagickFalse;
769 if (((rights & ExecutePolicyRights) != 0) &&
770 ((effective_rights & ExecutePolicyRights) == 0))
771 status=MagickFalse;
772 }
773 if ((GetLogEventMask() & PolicyEvent) != 0)
774 (void) LogMagickEvent(PolicyEvent,GetMagickModule(),
775 " authorized: %s",status == MagickFalse ? "false" : "true");
776 return(status);
777}
778
779MagickExport MagickBooleanType IsRightsAuthorized(const PolicyDomain domain,
780 const PolicyRights rights,const char *pattern)
781{
782 return(IsRightsAuthorizedByName(domain,(const char *) NULL,rights,pattern));
783}
784
785/*
786%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
787% %
788% %
789% %
790% L i s t P o l i c y I n f o %
791% %
792% %
793% %
794%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
795%
796% ListPolicyInfo() lists policies to the specified file.
797%
798% The format of the ListPolicyInfo method is:
799%
800% MagickBooleanType ListPolicyInfo(FILE *file,ExceptionInfo *exception)
801%
802% A description of each parameter follows.
803%
804% o file: List policy names to this file handle.
805%
806% o exception: return any errors or warnings in this structure.
807%
808*/
809MagickExport MagickBooleanType ListPolicyInfo(FILE *file,
810 ExceptionInfo *exception)
811{
812 const char
813 *path,
814 *domain;
815
816 const PolicyInfo
817 **policy_info;
818
819 ssize_t
820 i;
821
822 size_t
823 number_policies;
824
825 /*
826 List name and attributes of each policy in the list.
827 */
828 if (file == (const FILE *) NULL)
829 file=stdout;
830 policy_info=GetPolicyInfoList("*",&number_policies,exception);
831 if (policy_info == (const PolicyInfo **) NULL)
832 return(MagickFalse);
833 path=(const char *) NULL;
834 for (i=0; i < (ssize_t) number_policies; i++)
835 {
836 if (policy_info[i]->stealth != MagickFalse)
837 continue;
838 if (((path == (const char *) NULL) ||
839 (LocaleCompare(path,policy_info[i]->path) != 0)) &&
840 (policy_info[i]->path != (char *) NULL))
841 (void) FormatLocaleFile(file,"\nPath: %s\n",policy_info[i]->path);
842 path=policy_info[i]->path;
843 domain=CommandOptionToMnemonic(MagickPolicyDomainOptions,
844 policy_info[i]->domain);
845 (void) FormatLocaleFile(file," Policy: %s\n",domain);
846 if ((policy_info[i]->domain == CachePolicyDomain) ||
847 (policy_info[i]->domain == ResourcePolicyDomain) ||
848 (policy_info[i]->domain == SystemPolicyDomain))
849 {
850 if (policy_info[i]->name != (char *) NULL)
851 (void) FormatLocaleFile(file," name: %s\n",policy_info[i]->name);
852 if (policy_info[i]->value != (char *) NULL)
853 (void) FormatLocaleFile(file," value: %s\n",policy_info[i]->value);
854 }
855 else
856 {
857 (void) FormatLocaleFile(file," rights: ");
858 if (policy_info[i]->rights == NoPolicyRights)
859 (void) FormatLocaleFile(file,"None ");
860 if ((policy_info[i]->rights & ReadPolicyRights) != 0)
861 (void) FormatLocaleFile(file,"Read ");
862 if ((policy_info[i]->rights & WritePolicyRights) != 0)
863 (void) FormatLocaleFile(file,"Write ");
864 if ((policy_info[i]->rights & ExecutePolicyRights) != 0)
865 (void) FormatLocaleFile(file,"Execute ");
866 (void) FormatLocaleFile(file,"\n");
867 if (policy_info[i]->pattern != (char *) NULL)
868 (void) FormatLocaleFile(file," pattern: %s\n",
869 policy_info[i]->pattern);
870 }
871 }
872 policy_info=(const PolicyInfo **) RelinquishMagickMemory((void *)
873 policy_info);
874 (void) fflush(file);
875 return(MagickTrue);
876}
877
878/*
879%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
880% %
881% %
882% %
883+ L o a d P o l i c y C a c h e %
884% %
885% %
886% %
887%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
888%
889% LoadPolicyCache() loads the policy configurations which provides a mapping
890% between policy attributes and a policy domain.
891%
892% The format of the LoadPolicyCache method is:
893%
894% MagickBooleanType LoadPolicyCache(LinkedListInfo *cache,const char *xml,
895% const char *filename,const size_t depth,ExceptionInfo *exception)
896%
897% A description of each parameter follows:
898%
899% o xml: The policy list in XML format.
900%
901% o filename: The policy list filename.
902%
903% o depth: depth of <include /> statements.
904%
905% o exception: return any errors or warnings in this structure.
906%
907*/
908static MagickBooleanType LoadPolicyCache(LinkedListInfo *cache,
909 const char *policy,const char *filename,const size_t depth,
910 ExceptionInfo *exception)
911{
912 char
913 keyword[MagickPathExtent],
914 *token;
915
916 const char
917 *q;
918
919 MagickStatusType
920 status;
921
922 PolicyInfo
923 *policy_info;
924
925 size_t
926 extent;
927
928 /*
929 Load the policy map file.
930 */
931 (void) LogMagickEvent(ConfigureEvent,GetMagickModule(),
932 "Loading policy file \"%s\" ...",filename);
933 if (policy == (char *) NULL)
934 return(MagickFalse);
935 status=MagickTrue;
936 policy_info=(PolicyInfo *) NULL;
937 token=AcquirePolicyString(policy,MagickPathExtent);
938 extent=strlen(token)+MagickPathExtent;
939 for (q=policy; *q != '\0'; )
940 {
941 /*
942 Interpret XML.
943 */
944 (void) GetNextToken(q,&q,extent,token);
945 if (*token == '\0')
946 break;
947 (void) CopyMagickString(keyword,token,MagickPathExtent);
948 if (LocaleNCompare(keyword,"<!DOCTYPE",9) == 0)
949 {
950 /*
951 Docdomain element.
952 */
953 while ((LocaleNCompare(q,"]>",2) != 0) && (*q != '\0'))
954 (void) GetNextToken(q,&q,extent,token);
955 continue;
956 }
957 if (LocaleNCompare(keyword,"<!--",4) == 0)
958 {
959 /*
960 Comment element.
961 */
962 while ((LocaleNCompare(q,"->",2) != 0) && (*q != '\0'))
963 (void) GetNextToken(q,&q,extent,token);
964 continue;
965 }
966 if (LocaleCompare(keyword,"<include") == 0)
967 {
968 /*
969 Include element.
970 */
971 while (((*token != '/') && (*(token+1) != '>')) && (*q != '\0'))
972 {
973 (void) CopyMagickString(keyword,token,MagickPathExtent);
974 (void) GetNextToken(q,&q,extent,token);
975 if (*token != '=')
976 continue;
977 (void) GetNextToken(q,&q,extent,token);
978 if (LocaleCompare(keyword,"file") == 0)
979 {
980 if (depth > MagickMaxRecursionDepth)
981 (void) ThrowMagickException(exception,GetMagickModule(),
982 ConfigureError,"IncludeElementNestedTooDeeply","`%s'",token);
983 else
984 {
985 char
986 path[MagickPathExtent],
987 *file_xml;
988
989 GetPathComponent(filename,HeadPath,path);
990 if (*path != '\0')
991 (void) ConcatenateMagickString(path,DirectorySeparator,
992 MagickPathExtent);
993 if (*token == *DirectorySeparator)
994 (void) CopyMagickString(path,token,MagickPathExtent);
995 else
996 (void) ConcatenateMagickString(path,token,MagickPathExtent);
997 file_xml=FileToXML(path,~0UL);
998 if (file_xml != (char *) NULL)
999 {
1000 status&=(MagickStatusType) LoadPolicyCache(cache,file_xml,
1001 path,depth+1,exception);
1002 file_xml=DestroyString(file_xml);
1003 }
1004 }
1005 }
1006 }
1007 continue;
1008 }
1009 if (LocaleCompare(keyword,"<policy") == 0)
1010 {
1011 /*
1012 Policy element.
1013 */
1014 policy_info=(PolicyInfo *) AcquireCriticalMemory(sizeof(*policy_info));
1015 (void) memset(policy_info,0,sizeof(*policy_info));
1016 policy_info->path=AcquirePolicyString(filename,1);
1017 policy_info->exempt=MagickFalse;
1018 policy_info->signature=MagickCoreSignature;
1019 continue;
1020 }
1021 if (policy_info == (PolicyInfo *) NULL)
1022 continue;
1023 if ((LocaleCompare(keyword,"/>") == 0) ||
1024 (LocaleCompare(keyword,"</policy>") == 0))
1025 {
1026 status=AppendValueToLinkedList(cache,policy_info);
1027 if (status == MagickFalse)
1028 (void) ThrowMagickException(exception,GetMagickModule(),
1029 ResourceLimitError,"MemoryAllocationFailed","`%s'",
1030 policy_info->name);
1031 policy_info=(PolicyInfo *) NULL;
1032 continue;
1033 }
1034 (void) GetNextToken(q,(const char **) NULL,extent,token);
1035 if (*token != '=')
1036 continue;
1037 (void) GetNextToken(q,&q,extent,token);
1038 (void) GetNextToken(q,&q,extent,token);
1039 switch (*keyword)
1040 {
1041 case 'D':
1042 case 'd':
1043 {
1044 if (LocaleCompare((char *) keyword,"domain") == 0)
1045 {
1046 policy_info->domain=(PolicyDomain) ParseCommandOption(
1047 MagickPolicyDomainOptions,MagickTrue,token);
1048 break;
1049 }
1050 break;
1051 }
1052 case 'N':
1053 case 'n':
1054 {
1055 if (LocaleCompare((char *) keyword,"name") == 0)
1056 {
1057 policy_info->name=AcquirePolicyString(token,1);
1058 break;
1059 }
1060 break;
1061 }
1062 case 'P':
1063 case 'p':
1064 {
1065 if (LocaleCompare((char *) keyword,"pattern") == 0)
1066 {
1067 policy_info->pattern=AcquirePolicyString(token,1);
1068 break;
1069 }
1070 break;
1071 }
1072 case 'R':
1073 case 'r':
1074 {
1075 if (LocaleCompare((char *) keyword,"rights") == 0)
1076 {
1077 policy_info->rights=(PolicyRights) ParseCommandOption(
1078 MagickPolicyRightsOptions,MagickTrue,token);
1079 break;
1080 }
1081 break;
1082 }
1083 case 'S':
1084 case 's':
1085 {
1086 if (LocaleCompare((char *) keyword,"stealth") == 0)
1087 {
1088 policy_info->stealth=IsStringTrue(token);
1089 break;
1090 }
1091 break;
1092 }
1093 case 'V':
1094 case 'v':
1095 {
1096 if (LocaleCompare((char *) keyword,"value") == 0)
1097 {
1098 policy_info->value=AcquirePolicyString(token,1);
1099 break;
1100 }
1101 break;
1102 }
1103 default:
1104 break;
1105 }
1106 }
1107 token=(char *) RelinquishMagickMemory(token);
1108 return(status != 0 ? MagickTrue : MagickFalse);
1109}
1110
1111/*
1112%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1113% %
1114% %
1115% %
1116+ P o l i c y C o m p o n e n t G e n e s i s %
1117% %
1118% %
1119% %
1120%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1121%
1122% PolicyComponentGenesis() instantiates the policy component.
1123%
1124% The format of the PolicyComponentGenesis method is:
1125%
1126% MagickBooleanType PolicyComponentGenesis(void)
1127%
1128*/
1129MagickPrivate MagickBooleanType PolicyComponentGenesis(void)
1130{
1131 if (policy_semaphore == (SemaphoreInfo *) NULL)
1132 policy_semaphore=AcquireSemaphoreInfo();
1133 return(MagickTrue);
1134}
1135
1136/*
1137%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1138% %
1139% %
1140% %
1141+ P o l i c y C o m p o n e n t T e r m i n u s %
1142% %
1143% %
1144% %
1145%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1146%
1147% PolicyComponentTerminus() destroys the policy component.
1148%
1149% The format of the PolicyComponentTerminus method is:
1150%
1151% PolicyComponentTerminus(void)
1152%
1153*/
1154
1155static void *DestroyPolicyElement(void *policy_info)
1156{
1157 PolicyInfo
1158 *p;
1159
1160 p=(PolicyInfo *) policy_info;
1161 if (p->exempt == MagickFalse)
1162 {
1163 if (p->value != (char *) NULL)
1164 p->value=DestroyString(p->value);
1165 if (p->pattern != (char *) NULL)
1166 p->pattern=DestroyString(p->pattern);
1167 if (p->name != (char *) NULL)
1168 p->name=DestroyString(p->name);
1169 if (p->path != (char *) NULL)
1170 p->path=DestroyString(p->path);
1171 }
1172 p=(PolicyInfo *) RelinquishMagickMemory(p);
1173 return((void *) NULL);
1174}
1175
1176MagickPrivate void PolicyComponentTerminus(void)
1177{
1178 if (policy_semaphore == (SemaphoreInfo *) NULL)
1179 ActivateSemaphoreInfo(&policy_semaphore);
1180 LockSemaphoreInfo(policy_semaphore);
1181 if (policy_cache != (LinkedListInfo *) NULL)
1182 policy_cache=DestroyLinkedList(policy_cache,DestroyPolicyElement);
1183 UnlockSemaphoreInfo(policy_semaphore);
1184 RelinquishSemaphoreInfo(&policy_semaphore);
1185}
1186
1187/*
1188%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1189% %
1190% %
1191% %
1192% S e t M a g i c k S e c u r i t y P o l i c y %
1193% %
1194% %
1195% %
1196%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1197%
1198% SetMagickSecurityPolicy() sets or restricts the ImageMagick security policy.
1199% It returns MagickFalse if the policy the policy does not parse.
1200%
1201% The format of the SetMagickSecurityPolicy method is:
1202%
1203% MagickBooleanType SetMagickSecurityPolicy(const char *policy,
1204% ExceptionInfo *exception)
1205%
1206% A description of each parameter follows:
1207%
1208% o policy: the security policy in the XML format.
1209%
1210% o exception: return any errors or warnings in this structure.
1211%
1212*/
1213
1214static MagickBooleanType ValidateSecurityPolicy(const char *policy,
1215 const char *url,ExceptionInfo *exception)
1216{
1217#if defined(MAGICKCORE_XML_DELEGATE)
1218 xmlDocPtr
1219 document;
1220
1221 /*
1222 Parse security policy.
1223 */
1224 document=xmlReadMemory(policy,(int) strlen(policy),url,NULL,
1225 XML_PARSE_NOERROR | XML_PARSE_NOWARNING);
1226 if (document == (xmlDocPtr) NULL)
1227 {
1228 (void) ThrowMagickException(exception,GetMagickModule(),ConfigureError,
1229 "PolicyValidationException","'%s'",url);
1230 return(MagickFalse);
1231 }
1232 xmlFreeDoc(document);
1233#else
1234 (void) policy;
1235 (void) url;
1236 (void) exception;
1237#endif
1238 return(MagickTrue);
1239}
1240
1241MagickExport MagickBooleanType SetMagickSecurityPolicy(const char *policy,
1242 ExceptionInfo *exception)
1243{
1244 MagickBooleanType
1245 status;
1246
1247 LinkedListInfo
1248 *user_policies;
1249
1250 PolicyInfo
1251 *p;
1252
1253 /*
1254 Load user policies.
1255 */
1256 assert(exception != (ExceptionInfo *) NULL);
1257 if (policy == (const char *) NULL)
1258 return(MagickFalse);
1259 if (ValidateSecurityPolicy(policy,PolicyFilename,exception) == MagickFalse)
1260 return(MagickFalse);
1261 status=LoadPolicyCache(policy_cache,policy,"[user-policy]",0,exception);
1262 if (status == MagickFalse)
1263 return(status);
1264 /*
1265 Synchronize user policies.
1266 */
1267 user_policies=NewLinkedList(0);
1268 status=LoadPolicyCache(user_policies,policy,"[user-policy]",0,exception);
1269 if (status == MagickFalse)
1270 {
1271 user_policies=DestroyLinkedList(user_policies,DestroyPolicyElement);
1272 return(MagickFalse);
1273 }
1274 ResetLinkedListIterator(user_policies);
1275 p=(PolicyInfo *) GetNextValueInLinkedList(user_policies);
1276 while (p != (PolicyInfo *) NULL)
1277 {
1278 if ((p->name != (char *) NULL) && (p->value != (char *) NULL))
1279 (void) SetMagickSecurityPolicyValue(p->domain,p->name,p->value,exception);
1280 p=(PolicyInfo *) GetNextValueInLinkedList(user_policies);
1281 }
1282 user_policies=DestroyLinkedList(user_policies,DestroyPolicyElement);
1283 return(status);
1284}
1285
1286/*
1287%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1288% %
1289% %
1290% %
1291% S e t M a g i c k S e c u r i t y P o l i c y V a l u e %
1292% %
1293% %
1294% %
1295%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1296%
1297% SetMagickSecurityPolicyValue() sets a value associated with an ImageMagick
1298% security policy. For most policies, the value must be less than any value
1299% set by the security policy configuration file (i.e. policy.xml). It returns
1300% MagickFalse if the policy cannot be modified or if the policy does not parse.
1301%
1302% The format of the SetMagickSecurityPolicyValue method is:
1303%
1304% MagickBooleanType SetMagickSecurityPolicyValue(
1305% const PolicyDomain domain,const char *name,const char *value,
1306% ExceptionInfo *exception)
1307%
1308% A description of each parameter follows:
1309%
1310% o domain: the domain of the policy (e.g. system, resource).
1311%
1312% o name: the name of the policy.
1313%
1314% o value: the value to set the policy to.
1315%
1316% o exception: return any errors or warnings in this structure.
1317%
1318*/
1319MagickExport MagickBooleanType SetMagickSecurityPolicyValue(
1320 const PolicyDomain domain,const char *name,const char *value,
1321 ExceptionInfo *exception)
1322{
1323 magick_unreferenced(exception);
1324 assert(exception != (ExceptionInfo *) NULL);
1325 if ((name == (const char *) NULL) || (value == (const char *) NULL))
1326 return(MagickFalse);
1327 switch (domain)
1328 {
1329 case CachePolicyDomain:
1330 {
1331 if (LocaleCompare(name,"memory-map") == 0)
1332 {
1333 if (LocaleCompare(value,"anonymous") != 0)
1334 return(MagickFalse);
1335 ResetCacheAnonymousMemory();
1336 ResetStreamAnonymousMemory();
1337 return(MagickTrue);
1338 }
1339 break;
1340 }
1341 case ResourcePolicyDomain:
1342 {
1343 ssize_t
1344 type;
1345
1346 type=ParseCommandOption(MagickResourceOptions,MagickFalse,name);
1347 if (type >= 0)
1348 {
1349 MagickSizeType
1350 limit;
1351
1352 limit=MagickResourceInfinity;
1353 if (LocaleCompare("unlimited",value) != 0)
1354 limit=StringToMagickSizeType(value,100.0);
1355 if ((ResourceType) type == TimeResource)
1356 limit=(MagickSizeType) ParseMagickTimeToLive(value);
1357 return(SetMagickResourceLimit((ResourceType) type,limit));
1358 }
1359 break;
1360 }
1361 case SystemPolicyDomain:
1362 {
1363 if (LocaleCompare(name,"max-memory-request") == 0)
1364 {
1365 MagickSizeType
1366 limit;
1367
1368 limit=MagickResourceInfinity;
1369 if (LocaleCompare("unlimited",value) != 0)
1370 limit=StringToMagickSizeType(value,100.0);
1371 SetMaxMemoryRequest(limit);
1372 return(MagickTrue);
1373 }
1374 if (LocaleCompare(name,"max-profile-size") == 0)
1375 {
1376 MagickSizeType
1377 limit;
1378
1379 limit=MagickResourceInfinity;
1380 if (LocaleCompare("unlimited",value) != 0)
1381 limit=StringToMagickSizeType(value,100.0);
1382 SetMaxProfileSize(limit);
1383 return(MagickTrue);
1384 }
1385 if (LocaleCompare(name,"memory-map") == 0)
1386 {
1387 if (LocaleCompare(value,"anonymous") != 0)
1388 return(MagickFalse);
1389 ResetVirtualAnonymousMemory();
1390 return(MagickTrue);
1391 }
1392 if (LocaleCompare(name,"precision") == 0)
1393 {
1394 int
1395 limit;
1396
1397 limit=StringToInteger(value);
1398 SetMagickPrecision(limit);
1399 return(MagickTrue);
1400 }
1401 break;
1402 }
1403 case CoderPolicyDomain:
1404 case DelegatePolicyDomain:
1405 case FilterPolicyDomain:
1406 case ModulePolicyDomain:
1407 case PathPolicyDomain:
1408 default:
1409 break;
1410 }
1411 return(MagickFalse);
1412}
_PolicyInfo
Definition policy.c:82
_PolicyMapInfo
Definition policy.c:110