[PATCH] Fix decoding of get[ug]id, gete[ug]id and setfs[ug]id return values
Марк Коренберг
socketpair at gmail.com
Wed Jan 19 22:16:49 UTC 2011
20 января 2011 г. 2:35 пользователь Dmitry V. Levin <ldv at altlinux.org>написал:
> On Tue, Jul 27, 2010 at 08:14:12PM +0600, Марк Коренберг wrote:
> > I have set up bad NFS server.
> > All user/group of files became 4294967294:4294967294.
> >
> > I have /bin/mount set-uid bit.
> >
> > So, when mount executes it will have euid=4294967294.
> > When I do strace mount .... I see geteuid32() = -1 ENOENT (No such file
> or
> > directory), But man says that this syscall never return error...
>
> Thanks for the report, and sorry for the long delay.
>
> > Please fix. This syscall return unsigned integer (uid_t). Please check
> other
> > syscalls returning uid_t
>
> This bug was not so easily fixable because strace had no notion of
> syscalls that are always successful.
>
> Here is a test case:
> $ cat tgid.c
> #include <unistd.h>
> #include <sys/fsuid.h>
> int main(void)
> {
> const gid_t gid = -18;
> setgid(gid);
> getegid();
> setfsgid(gid);
> return 0;
> }
> $ gcc -std=gnu99 -m32 -O2 -Wall tgid.c -o tgid32
> $ gcc -std=gnu99 -m64 -O2 -Wall tgid.c -o tgid64
> # strace32 -e trace=setgid,setgid32,setfsgid,setfsgid32,getegid,getegid32
> ./tgid32
> setgid32(4294967278) = 0
> getegid32() = -1 EXDEV (Invalid cross-device
> link)
> setfsgid32(4294967278) = -1 EXDEV (Invalid cross-device
> link)
> # strace64 -e trace=setgid,setgid32,setfsgid,setfsgid32,getegid,getegid32
> ./tgid32
> [ Process PID=5678 runs in 32 bit mode. ]
> setgid32(4294967278) = 0
> getegid32() = -1 EXDEV (Invalid cross-device
> link)
> setfsgid32(4294967278) = -1 EXDEV (Invalid cross-device
> link)
> # strace64 -e trace=setgid,setgid32,setfsgid,setfsgid32,getegid,getegid32
> ./tgid64
> setgid(4294967278) = 0
> getegid() = 4294967278
> setfsgid(4294967278) = -1 EXDEV (Invalid cross-device
> link)
>
> And here is a proposed fix:
>
> http://strace.git.sourceforge.net/git/gitweb.cgi?p=strace/strace;a=commitdiff;h=v4.5.20-61-g50a218d
>
>
> --
> ldv
>
Well, well :)
There are more syscalls that never fail. For example, getpid, getppid,
gettid, getpagesize
It should be checked, but maybe all syscalls returning pid_t ?
There are some VERY strange places in kernel. see getpriority / setpriority
syscall about return value and errno
Also, it is desirable to add flag MAY_FAIL to destinguish between syscalls
that may fail and syscalls for which we do not have information.
--
Segmentation fault
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20110120/16fff495/attachment.html>
More information about the Strace-devel
mailing list