diff options
| author | Brian Fraser <fraserbn@gmail.com> | 2013-05-23 00:44:15 -0300 |
|---|---|---|
| committer | Tony Cook <tony@develop-help.com> | 2013-06-04 18:45:38 +1000 |
| commit | dfff4baff950c3688d6f16335fa1e1037bb84bd0 (patch) | |
| tree | 93d04ea7777f2ff99152da88b12a87004fdb8671 /perl.c | |
| parent | bcbe2b27bd9868685fb7b4a6158b08674d0387cd (diff) | |
| download | perl-dfff4baff950c3688d6f16335fa1e1037bb84bd0.tar.gz | |
Stop making assumptions about uids and gids.
The code dealt rather inconsistently with uids and gids. Some
places assumed that they could be safely stored in UVs, others
in IVs, others in ints; All of them should've been using the
macros from config.h instead. Similarly, code that created
SVs or pushed values into the stack was also making incorrect
assumptions -- As a point of reference, only pp_stat did the
right thing:
#if Uid_t_size > IVSIZE
mPUSHn(PL_statcache.st_uid);
#else
# if Uid_t_sign <= 0
mPUSHi(PL_statcache.st_uid);
# else
mPUSHu(PL_statcache.st_uid);
# endif
#endif
The other places were potential bugs, and some were even causing
warnings in some unusual OSs, like haiku or qnx.
This commit ammends the situation by introducing four new macros,
SvUID(), sv_setuid(), SvGID(), and sv_setgid(), and using them
where needed.
Diffstat (limited to 'perl.c')
| -rw-r--r-- | perl.c | 24 |
1 files changed, 12 insertions, 12 deletions
@@ -3812,10 +3812,10 @@ S_open_script(pTHX_ const char *scriptname, bool dosearch, bool *suidscript) STATIC void S_validate_suid(pTHX_ PerlIO *rsfp) { - const UV my_uid = PerlProc_getuid(); - const UV my_euid = PerlProc_geteuid(); - const UV my_gid = PerlProc_getgid(); - const UV my_egid = PerlProc_getegid(); + const Uid_t my_uid = PerlProc_getuid(); + const Uid_t my_euid = PerlProc_geteuid(); + const Gid_t my_gid = PerlProc_getgid(); + const Gid_t my_egid = PerlProc_getegid(); PERL_ARGS_ASSERT_VALIDATE_SUID; @@ -3872,10 +3872,10 @@ S_init_ids(pTHX) * do tainting. */ #if !NO_TAINT_SUPPORT dVAR; - const UV my_uid = PerlProc_getuid(); - const UV my_euid = PerlProc_geteuid(); - const UV my_gid = PerlProc_getgid(); - const UV my_egid = PerlProc_getegid(); + const Uid_t my_uid = PerlProc_getuid(); + const Uid_t my_euid = PerlProc_geteuid(); + const Gid_t my_gid = PerlProc_getgid(); + const Gid_t my_egid = PerlProc_getegid(); /* Should not happen: */ CHECK_MALLOC_TAINT(my_uid && (my_euid != my_uid || my_egid != my_gid)); @@ -3907,10 +3907,10 @@ Perl_doing_taint(int argc, char *argv[], char *envp[]) * have to add your own checks somewhere in here. The two most * known samples of 'implicitness' are Win32 and NetWare, neither * of which has much of concept of 'uids'. */ - int uid = PerlProc_getuid(); - int euid = PerlProc_geteuid(); - int gid = PerlProc_getgid(); - int egid = PerlProc_getegid(); + Uid_t uid = PerlProc_getuid(); + Uid_t euid = PerlProc_geteuid(); + Gid_t gid = PerlProc_getgid(); + Gid_t egid = PerlProc_getegid(); (void)envp; #ifdef VMS |