• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Check decoding of chown/chown32/lchown/lchown32/fchown/fchown32 syscalls.
3  *
4  * Copyright (c) 2016 Dmitry V. Levin <ldv@altlinux.org>
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. The name of the author may not be used to endorse or promote products
16  *    derived from this software without specific prior written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28  */
29 
30 #include <fcntl.h>
31 #include <stdio.h>
32 #include <unistd.h>
33 
34 #ifdef UGID_TYPE_IS_SHORT
35 # define UGID_TYPE	short
36 # define GETEUID	syscall(__NR_geteuid)
37 # define GETEGID	syscall(__NR_getegid)
38 # define CHECK_OVERFLOWUID(arg)	check_overflowuid(arg)
39 # define CHECK_OVERFLOWGID(arg)	check_overflowgid(arg)
40 #else
41 # define UGID_TYPE	int
42 # define GETEUID	geteuid()
43 # define GETEGID	getegid()
44 # define CHECK_OVERFLOWUID(arg)
45 # define CHECK_OVERFLOWGID(arg)
46 #endif
47 
48 #define UNLINK_SAMPLE					\
49 	do {						\
50 		if (unlink(sample))			\
51 			perror_msg_and_fail("unlink");	\
52 	} while (0)
53 
54 #define CLOSE_SAMPLE					\
55 	do {						\
56 		if (close(fd))				\
57 			perror_msg_and_fail("close");	\
58 	} while (0)
59 
60 #ifdef ACCESS_BY_DESCRIPTOR
61 # define SYSCALL_ARG1 fd
62 # define FMT_ARG1 "%d"
63 # define EOK_CMD CLOSE_SAMPLE
64 # define CLEANUP_CMD UNLINK_SAMPLE
65 #else
66 # define SYSCALL_ARG1 sample
67 # define FMT_ARG1 "\"%s\""
68 # define EOK_CMD UNLINK_SAMPLE
69 # define CLEANUP_CMD CLOSE_SAMPLE
70 #endif
71 
72 static int
ugid2int(const unsigned UGID_TYPE id)73 ugid2int(const unsigned UGID_TYPE id)
74 {
75 	if ((unsigned UGID_TYPE) -1U == id)
76 		return -1;
77 	else
78 		return id;
79 }
80 
81 static void
print_int(const unsigned int num)82 print_int(const unsigned int num)
83 {
84 	if (num == -1U)
85 		printf(", -1");
86 	else
87 		printf(", %u", num);
88 }
89 
90 static int
num_matches_id(const unsigned int num,const unsigned int id)91 num_matches_id(const unsigned int num, const unsigned int id)
92 {
93 	return num == id || num == -1U;
94 }
95 
96 #define PAIR(val)	{ val, gid }, { uid, val }
97 
98 int
main(void)99 main(void)
100 {
101 	static const char sample[] = SYSCALL_NAME "_sample";
102 
103 	unsigned int uid = GETEUID;
104 	CHECK_OVERFLOWUID(uid);
105 	unsigned int gid = GETEGID;
106 	CHECK_OVERFLOWUID(gid);
107 
108 	const struct {
109 		const long uid, gid;
110 	} tests[] = {
111 		{ uid, gid },
112 		{ (unsigned long) 0xffffffff00000000ULL | uid, gid },
113 		{ uid, (unsigned long) 0xffffffff00000000ULL | gid },
114 		PAIR(-1U),
115 		PAIR(-1L),
116 		{ 0xffff0000U | uid, gid },
117 		{ uid, 0xffff0000U | gid },
118 		PAIR(0xffff),
119 		PAIR(0xc0deffffU),
120 		PAIR(0xfacefeedU),
121 		PAIR((long) 0xfacefeeddeadbeefULL)
122 	};
123 
124 	int fd = open(sample, O_RDONLY | O_CREAT, 0400);
125 	if (fd < 0)
126 		perror_msg_and_fail("open");
127 
128 	CLEANUP_CMD;
129 
130 	unsigned int i;
131 	long expected = 0;
132 
133 	for (i = 0; i < ARRAY_SIZE(tests); ++i) {
134 		const unsigned int unum = ugid2int(tests[i].uid);
135 		const unsigned int gnum = ugid2int(tests[i].gid);
136 
137 		if (num_matches_id(unum, uid) &&
138 		    num_matches_id(gnum, gid)) {
139 			if (expected)
140 				continue;
141 		} else {
142 			if (!expected) {
143 				expected = -1;
144 				EOK_CMD;
145 			}
146 		}
147 
148 		const long rc = syscall(SYSCALL_NR, SYSCALL_ARG1,
149 					tests[i].uid, tests[i].gid);
150 		const char *errstr = sprintrc(rc);
151 		printf("%s(" FMT_ARG1, SYSCALL_NAME, SYSCALL_ARG1);
152 		print_int(unum);
153 		print_int(gnum);
154 		printf(") = %s\n", errstr);
155 	}
156 
157 	puts("+++ exited with 0 +++");
158 	return 0;
159 }
160