1 /*
2  * Check decoding of chown/chown32/lchown/lchown32/fchown/fchown32 syscalls.
3  *
4  * Copyright (c) 2016 Dmitry V. Levin <ldv@altlinux.org>
5  * Copyright (c) 2016-2017 The strace developers.
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. The name of the author may not be used to endorse or promote products
17  *    derived from this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #include <fcntl.h>
32 #include <stdio.h>
33 #include <unistd.h>
34 
35 #ifdef UGID_TYPE_IS_SHORT
36 # define UGID_TYPE	short
37 # define GETEUID	syscall(__NR_geteuid)
38 # define GETEGID	syscall(__NR_getegid)
39 # define CHECK_OVERFLOWUID(arg)	check_overflowuid(arg)
40 # define CHECK_OVERFLOWGID(arg)	check_overflowgid(arg)
41 #else
42 # define UGID_TYPE	int
43 # define GETEUID	geteuid()
44 # define GETEGID	getegid()
45 # define CHECK_OVERFLOWUID(arg)
46 # define CHECK_OVERFLOWGID(arg)
47 #endif
48 
49 #define UNLINK_SAMPLE					\
50 	do {						\
51 		if (unlink(sample))			\
52 			perror_msg_and_fail("unlink");	\
53 	} while (0)
54 
55 #define CLOSE_SAMPLE					\
56 	do {						\
57 		if (close(fd))				\
58 			perror_msg_and_fail("close");	\
59 	} while (0)
60 
61 #ifdef ACCESS_BY_DESCRIPTOR
62 # define SYSCALL_ARG1 fd
63 # define FMT_ARG1 "%d"
64 # define EOK_CMD CLOSE_SAMPLE
65 # define CLEANUP_CMD UNLINK_SAMPLE
66 #else
67 # define SYSCALL_ARG1 sample
68 # define FMT_ARG1 "\"%s\""
69 # define EOK_CMD UNLINK_SAMPLE
70 # define CLEANUP_CMD CLOSE_SAMPLE
71 #endif
72 
73 static int
ugid2int(const unsigned UGID_TYPE id)74 ugid2int(const unsigned UGID_TYPE id)
75 {
76 	if ((unsigned UGID_TYPE) -1U == id)
77 		return -1;
78 	else
79 		return id;
80 }
81 
82 static void
print_int(const unsigned int num)83 print_int(const unsigned int num)
84 {
85 	if (num == -1U)
86 		printf(", -1");
87 	else
88 		printf(", %u", num);
89 }
90 
91 static int
num_matches_id(const unsigned int num,const unsigned int id)92 num_matches_id(const unsigned int num, const unsigned int id)
93 {
94 	return num == id || num == -1U;
95 }
96 
97 #define PAIR(val)	{ val, gid }, { uid, val }
98 
99 int
main(void)100 main(void)
101 {
102 	static const char sample[] = SYSCALL_NAME "_sample";
103 
104 	unsigned int uid = GETEUID;
105 	CHECK_OVERFLOWUID(uid);
106 	unsigned int gid = GETEGID;
107 	CHECK_OVERFLOWUID(gid);
108 
109 	const struct {
110 		const long uid, gid;
111 	} tests[] = {
112 		{ uid, gid },
113 		{ (unsigned long) 0xffffffff00000000ULL | uid, gid },
114 		{ uid, (unsigned long) 0xffffffff00000000ULL | gid },
115 		PAIR(-1U),
116 		PAIR(-1L),
117 		{ 0xffff0000U | uid, gid },
118 		{ uid, 0xffff0000U | gid },
119 		PAIR(0xffff),
120 		PAIR(0xc0deffffU),
121 		PAIR(0xfacefeedU),
122 		PAIR((long) 0xfacefeeddeadbeefULL)
123 	};
124 
125 	int fd = open(sample, O_RDONLY | O_CREAT, 0400);
126 	if (fd < 0)
127 		perror_msg_and_fail("open");
128 
129 	CLEANUP_CMD;
130 
131 	unsigned int i;
132 	long expected = 0;
133 
134 	for (i = 0; i < ARRAY_SIZE(tests); ++i) {
135 		const unsigned int unum = ugid2int(tests[i].uid);
136 		const unsigned int gnum = ugid2int(tests[i].gid);
137 
138 		if (num_matches_id(unum, uid) &&
139 		    num_matches_id(gnum, gid)) {
140 			if (expected)
141 				continue;
142 		} else {
143 			if (!expected) {
144 				expected = -1;
145 				EOK_CMD;
146 			}
147 		}
148 
149 		const long rc = syscall(SYSCALL_NR, SYSCALL_ARG1,
150 					tests[i].uid, tests[i].gid);
151 		const char *errstr = sprintrc(rc);
152 		printf("%s(" FMT_ARG1, SYSCALL_NAME, SYSCALL_ARG1);
153 		print_int(unum);
154 		print_int(gnum);
155 		printf(") = %s\n", errstr);
156 	}
157 
158 	puts("+++ exited with 0 +++");
159 	return 0;
160 }
161