Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 516938 Details for
Bug 599706
sys-apps/sandbox: fchown()/fchmod() can modify fd even when opened O_RDONLY
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
0001-tests-add-test-case-for-fchown-fchmod-with-O_RDONLY-.patch
0001-tests-add-test-case-for-fchown-fchmod-with-O_RDONLY-.patch (text/plain), 3.76 KB, created by
Michael Orlitzky
on 2018-01-28 03:44:02 UTC
(
hide
)
Description:
0001-tests-add-test-case-for-fchown-fchmod-with-O_RDONLY-.patch
Filename:
MIME Type:
Creator:
Michael Orlitzky
Created:
2018-01-28 03:44:02 UTC
Size:
3.76 KB
patch
obsolete
>From d3a2d86d313133b9429eb21f45a36e8d39de73b6 Mon Sep 17 00:00:00 2001 >From: Michael Orlitzky <mjo@gentoo.org> >Date: Sat, 27 Jan 2018 20:05:02 -0500 >Subject: [PATCH 1/3] tests: add test case for fchown/fchmod with O_RDONLY > (Gentoo bug 599706). > >--- > tests/Makefile.am | 2 ++ > tests/fchmod-0.c | 27 +++++++++++++++++++++++++++ > tests/fchmod-1.sh | 14 ++++++++++++++ > tests/fchmod.at | 1 + > tests/fchown-0.c | 27 +++++++++++++++++++++++++++ > tests/fchown-1.sh | 14 ++++++++++++++ > tests/fchown.at | 1 + > 7 files changed, 86 insertions(+) > create mode 100644 tests/fchmod-0.c > create mode 100755 tests/fchmod-1.sh > create mode 100644 tests/fchmod.at > create mode 100644 tests/fchown-0.c > create mode 100755 tests/fchown-1.sh > create mode 100644 tests/fchown.at > >diff --git a/tests/Makefile.am b/tests/Makefile.am >index d98898f..33518a5 100644 >--- a/tests/Makefile.am >+++ b/tests/Makefile.am >@@ -20,7 +20,9 @@ check_PROGRAMS = \ > creat64-0 \ > execvp-0 \ > faccessat-0 \ >+ fchmod-0 \ > fchmodat-0 \ >+ fchown-0 \ > fchownat-0 \ > fopen-0 \ > fopen64-0 \ >diff --git a/tests/fchmod-0.c b/tests/fchmod-0.c >new file mode 100644 >index 0000000..33e551b >--- /dev/null >+++ b/tests/fchmod-0.c >@@ -0,0 +1,27 @@ >+/* >+ * https://bugs.gentoo.org/599706 >+ * >+ */ >+ >+#include "headers.h" >+ >+int main(int argc, char *argv[]) >+{ >+ if (argc < 2) >+ return -2; >+ >+ int mode = 0; >+ sscanf(argv[1], "%i", &mode); >+ /* The sandbox catches this: >+ * >+ * int fd = open(argv[2], O_RDWR); >+ * >+ * And it /should/ catch this: >+ * >+ * int fd = open(argv[2], O_RDONLY); >+ */ >+ int fd = open(argv[2], O_RDONLY); >+ int fchmod_result = fchmod(fd, (mode_t)mode); >+ close(fd); >+ return fchmod_result; >+} >diff --git a/tests/fchmod-1.sh b/tests/fchmod-1.sh >new file mode 100755 >index 0000000..db404ba >--- /dev/null >+++ b/tests/fchmod-1.sh >@@ -0,0 +1,14 @@ >+#!/bin/sh >+# >+# https://bugs.gentoo.org/599706 >+# >+ >+addwrite $PWD >+ >+# The sandbox doesn't log anything when it returns a junk file >+# descriptor? It doesn't look like we can test the contents of >+# sandbox.log here... instead, we just have to count on fchmod >+# failing, which it does if you use O_RDWR, and it *should* if you use >+# O_RDONLY (because that won't stop the change of permissions). >+fchmod-0 $(stat --format='%#04a' ../..) ../.. && exit 1 >+exit 0 >diff --git a/tests/fchmod.at b/tests/fchmod.at >new file mode 100644 >index 0000000..081d7d2 >--- /dev/null >+++ b/tests/fchmod.at >@@ -0,0 +1 @@ >+SB_CHECK(1) >diff --git a/tests/fchown-0.c b/tests/fchown-0.c >new file mode 100644 >index 0000000..cfbce38 >--- /dev/null >+++ b/tests/fchown-0.c >@@ -0,0 +1,27 @@ >+/* >+ * https://bugs.gentoo.org/599706 >+ * >+ */ >+ >+#include "headers.h" >+ >+int main(int argc, char *argv[]) >+{ >+ if (argc < 3) >+ return -2; >+ >+ uid_t uid = atoi(argv[1]); >+ gid_t gid = atoi(argv[2]); >+ /* The sandbox catches this: >+ * >+ * int fd = open(argv[3], O_RDWR); >+ * >+ * And it /should/ catch this: >+ * >+ * int fd = open(argv[3], O_RDONLY); >+ */ >+ int fd = open(argv[3], O_RDONLY); >+ int fchown_result = fchown(fd, uid, gid); >+ close(fd); >+ return fchown_result; >+} >diff --git a/tests/fchown-1.sh b/tests/fchown-1.sh >new file mode 100755 >index 0000000..1b4a173 >--- /dev/null >+++ b/tests/fchown-1.sh >@@ -0,0 +1,14 @@ >+#!/bin/sh >+# >+# https://bugs.gentoo.org/599706 >+# >+ >+addwrite $PWD >+ >+# The sandbox doesn't log anything when it returns a junk file >+# descriptor? It doesn't look like we can test the contents of >+# sandbox.log here... instead, we just have to count on fchown >+# failing, which it does if you use O_RDWR, and it *should* if you use >+# O_RDONLY (because that won't stop the change of ownership). >+fchown-0 ${SB_UID} ${SB_GID} ../.. && exit 1 >+exit 0 >diff --git a/tests/fchown.at b/tests/fchown.at >new file mode 100644 >index 0000000..081d7d2 >--- /dev/null >+++ b/tests/fchown.at >@@ -0,0 +1 @@ >+SB_CHECK(1) >-- >2.13.6 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=516938">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 599706
:
453296
|
516938
|
516940
|
516944
|
618702
|
618704
|
618706
|
864316
|
864317
