From 9cf3379a1409b95714a1d96bf75c0bc08104ed1f Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Mon, 15 Jul 2019 10:32:49 +0200 Subject: third_party: Update uid_wrapper to version 1.2.7 Signed-off-by: Andreas Schneider Reviewed-by: Ralph Boehme Autobuild-User(master): Andreas Schneider Autobuild-Date(master): Tue Jul 16 17:20:31 UTC 2019 on sn-devel-184 --- third_party/uid_wrapper/uid_wrapper.c | 115 ++++++++++++++++++++++------------ third_party/uid_wrapper/wscript | 2 +- 2 files changed, 76 insertions(+), 41 deletions(-) (limited to 'third_party') diff --git a/third_party/uid_wrapper/uid_wrapper.c b/third_party/uid_wrapper/uid_wrapper.c index 8f41ed92cb9..6e4a6da2f0d 100644 --- a/third_party/uid_wrapper/uid_wrapper.c +++ b/third_party/uid_wrapper/uid_wrapper.c @@ -34,6 +34,7 @@ #include #endif #include +#include #include @@ -87,6 +88,14 @@ #define PRINTF_ATTRIBUTE(a,b) #endif /* HAVE_FUNCTION_ATTRIBUTE_FORMAT */ +#ifndef FALL_THROUGH +# ifdef HAVE_FALLTHROUGH_ATTRIBUTE +# define FALL_THROUGH __attribute__ ((fallthrough)) +# else /* HAVE_FALLTHROUGH_ATTRIBUTE */ +# define FALL_THROUGH +# endif /* HAVE_FALLTHROUGH_ATTRIBUTE */ +#endif /* FALL_THROUGH */ + #define UWRAP_DLIST_ADD(list,item) do { \ if (!(list)) { \ (item)->prev = NULL; \ @@ -386,14 +395,30 @@ static void *uwrap_load_lib_handle(enum uwrap_lib lib) int i; #ifdef RTLD_DEEPBIND - flags |= RTLD_DEEPBIND; + const char *env_preload = getenv("LD_PRELOAD"); + const char *env_deepbind = getenv("UID_WRAPPER_DISABLE_DEEPBIND"); + bool enable_deepbind = true; + + /* Don't do a deepbind if we run with libasan */ + if (env_preload != NULL && strlen(env_preload) < 1024) { + const char *p = strstr(env_preload, "libasan.so"); + if (p != NULL) { + enable_deepbind = false; + } + } + + if (env_deepbind != NULL && strlen(env_deepbind) >= 1) { + enable_deepbind = false; + } + + if (enable_deepbind) { + flags |= RTLD_DEEPBIND; + } #endif switch (lib) { case UWRAP_LIBNSL: - /* FALL TROUGH */ case UWRAP_LIBSOCKET: - /* FALL TROUGH */ case UWRAP_LIBC: handle = uwrap.libc.handle; if (handle == NULL) { @@ -749,7 +774,7 @@ static int uwrap_pthread_create(pthread_t *thread, UWRAP_LOCK(uwrap_id); - args->id->groups = malloc(sizeof(gid_t) * src_id->ngroups); + args->id->groups = calloc(src_id->ngroups, sizeof(gid_t)); if (args->id->groups == NULL) { UWRAP_UNLOCK(uwrap_id); SAFE_FREE(args->id); @@ -972,6 +997,31 @@ static void uwrap_thread_child(void) UWRAP_UNLOCK_ALL; } +static unsigned long uwrap_get_xid_from_env(const char *envname) +{ + unsigned long xid; + const char *env = NULL; + char *endp = NULL; + + env = getenv(envname); + if (env == NULL) { + return ULONG_MAX; + } + + if (env[0] == '\0') { + unsetenv(envname); + return ULONG_MAX; + } + + xid = strtoul(env, &endp, 10); + unsetenv(envname); + if (env == endp) { + return ULONG_MAX; + } + + return xid; +} + /* * This initializes uid_wrapper with the IDs exported to the environment. Those * are normally set after we forked and executed. @@ -980,53 +1030,38 @@ static void uwrap_init_env(struct uwrap_thread *id) { const char *env; int ngroups = 0; + unsigned long xid; - env = getenv("UID_WRAPPER_INITIAL_RUID"); - if (env != NULL && env[0] != '\0') { - UWRAP_LOG(UWRAP_LOG_DEBUG, "Initialize ruid with %s", env); - id->ruid = strtoul(env, (char **)NULL, 10); - unsetenv("UID_WRAPPER_INITIAL_RUID"); - } - - env = getenv("UID_WRAPPER_INITIAL_EUID"); - if (env != NULL && env[0] != '\0') { - UWRAP_LOG(UWRAP_LOG_DEBUG, "Initalize euid with %s", env); - id->euid = strtoul(env, (char **)NULL, 10); - unsetenv("UID_WRAPPER_INITIAL_EUID"); + /* UIDs */ + xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_RUID"); + if (xid != ULONG_MAX) { + id->ruid = (uid_t)xid; } - env = getenv("UID_WRAPPER_INITIAL_SUID"); - if (env != NULL && env[0] != '\0') { - UWRAP_LOG(UWRAP_LOG_DEBUG, "Initalize suid with %s", env); - id->suid = strtoul(env, (char **)NULL, 10); - unsetenv("UID_WRAPPER_INITIAL_SUID"); + xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_EUID"); + if (xid != ULONG_MAX) { + id->euid = (uid_t)xid; } - env = getenv("UID_WRAPPER_INITIAL_RGID"); - if (env != NULL && env[0] != '\0') { - UWRAP_LOG(UWRAP_LOG_DEBUG, "Initialize ruid with %s", env); - id->rgid = strtoul(env, (char **)NULL, 10); - unsetenv("UID_WRAPPER_INITIAL_RGID"); + xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_SUID"); + if (xid != ULONG_MAX) { + id->suid = (uid_t)xid; } - env = getenv("UID_WRAPPER_INITIAL_EGID"); - if (env != NULL && env[0] != '\0') { - UWRAP_LOG(UWRAP_LOG_DEBUG, "Initalize egid with %s", env); - id->egid = strtoul(env, (char **)NULL, 10); - unsetenv("UID_WRAPPER_INITIAL_EGID"); + /* GIDs */ + xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_RGID"); + if (xid != ULONG_MAX) { + id->rgid = (gid_t)xid; } - env = getenv("UID_WRAPPER_INITIAL_SGID"); - if (env != NULL && env[0] != '\0') { - UWRAP_LOG(UWRAP_LOG_DEBUG, "Initalize sgid with %s", env); - id->sgid = strtoul(env, (char **)NULL, 10); - unsetenv("UID_WRAPPER_INITIAL_SGID"); + xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_EGID"); + if (xid != ULONG_MAX) { + id->egid = (gid_t)xid; } - env = getenv("UID_WRAPPER_INITIAL_GROUPS_COUNT"); - if (env != NULL && env[0] != '\0') { - ngroups = strtol(env, (char **)NULL, 10); - unsetenv("UID_WRAPPER_INITIAL_GROUPS_COUNT"); + xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_SGID"); + if (xid != ULONG_MAX) { + id->sgid = (gid_t)xid; } env = getenv("UID_WRAPPER_INITIAL_GROUPS_COUNT"); diff --git a/third_party/uid_wrapper/wscript b/third_party/uid_wrapper/wscript index 61d8a189625..df302ab7e3f 100644 --- a/third_party/uid_wrapper/wscript +++ b/third_party/uid_wrapper/wscript @@ -3,7 +3,7 @@ from waflib import Options import os, sys -VERSION="1.2.4" +VERSION="1.2.7" def configure(conf): if conf.CHECK_UID_WRAPPER(): -- cgit v1.2.1