Attachment #618702 for bug #599706




	    sb_nr == SB_NR_CHOWN       ||
	    sb_nr == SB_NR_CREAT       ||
	    sb_nr == SB_NR_CREAT64     ||
	    sb_nr == SB_NR_FCHMOD      ||
	    sb_nr == SB_NR_FCHMODAT    ||
	    sb_nr == SB_NR_FCHOWN      ||
	    sb_nr == SB_NR_FCHOWNAT    ||
	  /*sb_nr == SB_NR_FTRUNCATE   ||
	    sb_nr == SB_NR_FTRUNCATE64 ||*/

	return before_syscall(dirfd, sb_nr, ext_func, file, 0);
}

bool before_syscall_fd(int sb_nr, const char *func, int fd) {
#ifdef SANDBOX_PROC_SELF_FD
	/* We only know how to handle e.g. fchmod() and fchown() on
	 * linux, where it's possible to (eventually) get a path out
	 * of the given file descriptor. The "64" below accounts for
	 * the length of an integer string, and is probably
	 * overkill. */
	char path[sizeof("/proc/self/fd/") + 64];
	snprintf(path, sizeof("/proc/self/fd/") + 64, "/proc/self/fd/%i", fd);
	return before_syscall(AT_FDCWD, sb_nr, func, path, 0);
#else
	return true;
#endif
}



typedef struct {
	const char *name;
	size_t len;




#define  SB_SAFE_OPEN_CHAR(_path, _mode) \
         SB_SAFE_OPEN_CHAR_AT(AT_FDCWD, _path, _mode)

#define _SB_SAFE_FD(_nr, _name, _fd) \
        __SB_SAFE(before_syscall_fd(_nr, _name, fd))
#define  SB_SAFE_FD(_fd) \
         _SB_SAFE_FD(WRAPPER_NR, STRING_NAME, _fd)

bool is_sandbox_on(void);
bool before_syscall(int, int, const char *, const char *, int);
bool before_syscall_access(int, int, const char *, const char *, int);
bool before_syscall_open_int(int, int, const char *, const char *, int);
bool before_syscall_open_char(int, int, const char *, const char *, const char *);
bool before_syscall_fd(int, const char *, int);

void *get_dlsym(const char *symname, const char *symver);


Lines 7-14 Link Here

(-)a/libsandbox/symbols.h.in (+2 lines)
7	# before 'creat()' as 'creat()' uses 'open()' ...	7	# before 'creat()' as 'creat()' uses 'open()' ...
8		8
9	chmod	9	chmod
		10	fchmod
10	fchmodat	11	fchmodat
11	chown	12	chown
		13	fchown
12	fchownat	14	fchownat
13	open	15	open
14	__open_2	16	__open_2




			ret = 1;
		free(path);
		return ret;

	} else if (nr == SB_NR_FCHMOD) {
	  int fd = trace_arg(regs, 1);
	  mode_t mode = trace_arg(regs, 2);
	  __sb_debug("(%i, %o)", fd, mode);
	  return _SB_SAFE_FD(nr, name, fd);

	} else if (nr == SB_NR_FCHOWN) {
	  int fd = trace_arg(regs, 1);
	  uid_t uid = trace_arg(regs, 2);
	  gid_t gid = trace_arg(regs, 3);
	  __sb_debug("(%i, %i, %i)", fd, uid, gid);
	  return _SB_SAFE_FD(nr, name, fd);
	}

 done:

Line 0 Link Here

(-)a/libsandbox/wrapper-funcs/fchmod.c (+11 lines)
	1	/*
	2	* fchmod() wrapper.
	3	*
	4	* Copyright 1999-2018 Gentoo Foundation
	5	* Licensed under the GPL-2
	6	*/
	7
	8	#define WRAPPER_ARGS_PROTO int fd, mode_t mode
	9	#define WRAPPER_ARGS fd, mode
	10	#define WRAPPER_SAFE() SB_SAFE_FD(fd)
	11	#include "__wrapper_simple.c"

Line 0 Link Here

(-)a/libsandbox/wrapper-funcs/fchown.c (-1 / +11 lines)
0	-	1	/*
		2	* fchown() wrapper.
		3	*
		4	* Copyright 1999-2018 Gentoo Foundation
		5	* Licensed under the GPL-2
		6	*/
		7
		8	#define WRAPPER_ARGS_PROTO int fd, uid_t owner, gid_t group
		9	#define WRAPPER_ARGS fd, owner, group
		10	#define WRAPPER_SAFE() SB_SAFE_FD(fd)
		11	#include "__wrapper_simple.c"

Return to bug 599706

Lines 759-765 static int check_access(sbcontext_t sbcontext, int sb_nr, const char func, Link Here

(-)a/libsandbox/libsandbox.c (+19 lines)
759	sb_nr == SB_NR_CHOWN \|\|	759	sb_nr == SB_NR_CHOWN \|\|
760	sb_nr == SB_NR_CREAT \|\|	760	sb_nr == SB_NR_CREAT \|\|
761	sb_nr == SB_NR_CREAT64 \|\|	761	sb_nr == SB_NR_CREAT64 \|\|
		762	sb_nr == SB_NR_FCHMOD \|\|
762	sb_nr == SB_NR_FCHMODAT \|\|	763	sb_nr == SB_NR_FCHMODAT \|\|
		764	sb_nr == SB_NR_FCHOWN \|\|
763	sb_nr == SB_NR_FCHOWNAT \|\|	765	sb_nr == SB_NR_FCHOWNAT \|\|
764	/*sb_nr == SB_NR_FTRUNCATE \|\|	766	/*sb_nr == SB_NR_FTRUNCATE \|\|
765	sb_nr == SB_NR_FTRUNCATE64 \|\|*/	767	sb_nr == SB_NR_FTRUNCATE64 \|\|*/
Lines 1101-1106 bool before_syscall_open_char(int dirfd, int sb_nr, const char *func, const char Link Here
1101	return before_syscall(dirfd, sb_nr, ext_func, file, 0);	1103	return before_syscall(dirfd, sb_nr, ext_func, file, 0);
1102	}	1104	}
1103		1105
		1106	bool before_syscall_fd(int sb_nr, const char *func, int fd) {
		1107	#ifdef SANDBOX_PROC_SELF_FD
		1108	/* We only know how to handle e.g. fchmod() and fchown() on
		1109	* linux, where it's possible to (eventually) get a path out
		1110	* of the given file descriptor. The "64" below accounts for
		1111	* the length of an integer string, and is probably
		1112	* overkill. */
		1113	char path[sizeof("/proc/self/fd/") + 64];
		1114	snprintf(path, sizeof("/proc/self/fd/") + 64, "/proc/self/fd/%i", fd);
		1115	return before_syscall(AT_FDCWD, sb_nr, func, path, 0);
		1116	#else
		1117	return true;
		1118	#endif
		1119	}
		1120
		1121
		1122
1104	typedef struct {	1123	typedef struct {
1105	const char *name;	1124	const char *name;
1106	size_t len;	1125	size_t len;

Lines 46-56 Link Here

(-)a/libsandbox/libsandbox.h (+6 lines)
46	#define SB_SAFE_OPEN_CHAR(_path, _mode) \	46	#define SB_SAFE_OPEN_CHAR(_path, _mode) \
47	SB_SAFE_OPEN_CHAR_AT(AT_FDCWD, _path, _mode)	47	SB_SAFE_OPEN_CHAR_AT(AT_FDCWD, _path, _mode)
48		48
		49	#define _SB_SAFE_FD(_nr, _name, _fd) \
		50	__SB_SAFE(before_syscall_fd(_nr, _name, fd))
		51	#define SB_SAFE_FD(_fd) \
		52	_SB_SAFE_FD(WRAPPER_NR, STRING_NAME, _fd)
		53
49	bool is_sandbox_on(void);	54	bool is_sandbox_on(void);
50	bool before_syscall(int, int, const char , const char , int);	55	bool before_syscall(int, int, const char , const char , int);
51	bool before_syscall_access(int, int, const char , const char , int);	56	bool before_syscall_access(int, int, const char , const char , int);
52	bool before_syscall_open_int(int, int, const char , const char , int);	57	bool before_syscall_open_int(int, int, const char , const char , int);
53	bool before_syscall_open_char(int, int, const char , const char , const char *);	58	bool before_syscall_open_char(int, int, const char , const char , const char *);
		59	bool before_syscall_fd(int, const char *, int);
54		60
55	void get_dlsym(const char symname, const char *symver);	61	void get_dlsym(const char symname, const char *symver);
56		62

Lines 430-435 static bool trace_check_syscall(const struct syscall_entry se, void regs) Link Here

(-)a/libsandbox/trace.c (+13 lines)
430	ret = 1;	430	ret = 1;
431	free(path);	431	free(path);
432	return ret;	432	return ret;
		433
		434	} else if (nr == SB_NR_FCHMOD) {
		435	int fd = trace_arg(regs, 1);
		436	mode_t mode = trace_arg(regs, 2);
		437	__sb_debug("(%i, %o)", fd, mode);
		438	return _SB_SAFE_FD(nr, name, fd);
		439
		440	} else if (nr == SB_NR_FCHOWN) {
		441	int fd = trace_arg(regs, 1);
		442	uid_t uid = trace_arg(regs, 2);
		443	gid_t gid = trace_arg(regs, 3);
		444	__sb_debug("(%i, %i, %i)", fd, uid, gid);
		445	return _SB_SAFE_FD(nr, name, fd);
433	}	446	}
434		447
435	done:	448	done: