1*cf84ac9aSAndroid Build Coastguard Worker /*
2*cf84ac9aSAndroid Build Coastguard Worker * Check decoding of setresuid/setresgid/setresuid32/setresgid32 syscalls.
3*cf84ac9aSAndroid Build Coastguard Worker *
4*cf84ac9aSAndroid Build Coastguard Worker * Copyright (c) 2016 Dmitry V. Levin <[email protected]>
5*cf84ac9aSAndroid Build Coastguard Worker * All rights reserved.
6*cf84ac9aSAndroid Build Coastguard Worker *
7*cf84ac9aSAndroid Build Coastguard Worker * Redistribution and use in source and binary forms, with or without
8*cf84ac9aSAndroid Build Coastguard Worker * modification, are permitted provided that the following conditions
9*cf84ac9aSAndroid Build Coastguard Worker * are met:
10*cf84ac9aSAndroid Build Coastguard Worker * 1. Redistributions of source code must retain the above copyright
11*cf84ac9aSAndroid Build Coastguard Worker * notice, this list of conditions and the following disclaimer.
12*cf84ac9aSAndroid Build Coastguard Worker * 2. Redistributions in binary form must reproduce the above copyright
13*cf84ac9aSAndroid Build Coastguard Worker * notice, this list of conditions and the following disclaimer in the
14*cf84ac9aSAndroid Build Coastguard Worker * documentation and/or other materials provided with the distribution.
15*cf84ac9aSAndroid Build Coastguard Worker * 3. The name of the author may not be used to endorse or promote products
16*cf84ac9aSAndroid Build Coastguard Worker * derived from this software without specific prior written permission.
17*cf84ac9aSAndroid Build Coastguard Worker *
18*cf84ac9aSAndroid Build Coastguard Worker * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19*cf84ac9aSAndroid Build Coastguard Worker * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20*cf84ac9aSAndroid Build Coastguard Worker * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21*cf84ac9aSAndroid Build Coastguard Worker * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22*cf84ac9aSAndroid Build Coastguard Worker * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23*cf84ac9aSAndroid Build Coastguard Worker * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24*cf84ac9aSAndroid Build Coastguard Worker * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25*cf84ac9aSAndroid Build Coastguard Worker * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26*cf84ac9aSAndroid Build Coastguard Worker * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27*cf84ac9aSAndroid Build Coastguard Worker * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28*cf84ac9aSAndroid Build Coastguard Worker */
29*cf84ac9aSAndroid Build Coastguard Worker
30*cf84ac9aSAndroid Build Coastguard Worker #include <errno.h>
31*cf84ac9aSAndroid Build Coastguard Worker #include <stdio.h>
32*cf84ac9aSAndroid Build Coastguard Worker #include <unistd.h>
33*cf84ac9aSAndroid Build Coastguard Worker
34*cf84ac9aSAndroid Build Coastguard Worker static int
ugid2int(const unsigned UGID_TYPE ugid)35*cf84ac9aSAndroid Build Coastguard Worker ugid2int(const unsigned UGID_TYPE ugid)
36*cf84ac9aSAndroid Build Coastguard Worker {
37*cf84ac9aSAndroid Build Coastguard Worker if ((unsigned UGID_TYPE) -1U == ugid)
38*cf84ac9aSAndroid Build Coastguard Worker return -1;
39*cf84ac9aSAndroid Build Coastguard Worker else
40*cf84ac9aSAndroid Build Coastguard Worker return ugid;
41*cf84ac9aSAndroid Build Coastguard Worker }
42*cf84ac9aSAndroid Build Coastguard Worker
43*cf84ac9aSAndroid Build Coastguard Worker static void
print_int(const unsigned int num)44*cf84ac9aSAndroid Build Coastguard Worker print_int(const unsigned int num)
45*cf84ac9aSAndroid Build Coastguard Worker {
46*cf84ac9aSAndroid Build Coastguard Worker if (num == -1U)
47*cf84ac9aSAndroid Build Coastguard Worker printf("-1");
48*cf84ac9aSAndroid Build Coastguard Worker else
49*cf84ac9aSAndroid Build Coastguard Worker printf("%u", num);
50*cf84ac9aSAndroid Build Coastguard Worker }
51*cf84ac9aSAndroid Build Coastguard Worker
52*cf84ac9aSAndroid Build Coastguard Worker static int
num_matches_id(const unsigned int num,const unsigned int ugid)53*cf84ac9aSAndroid Build Coastguard Worker num_matches_id(const unsigned int num, const unsigned int ugid)
54*cf84ac9aSAndroid Build Coastguard Worker {
55*cf84ac9aSAndroid Build Coastguard Worker return num == ugid || num == -1U;
56*cf84ac9aSAndroid Build Coastguard Worker }
57*cf84ac9aSAndroid Build Coastguard Worker
58*cf84ac9aSAndroid Build Coastguard Worker #define TRIPLE(val) \
59*cf84ac9aSAndroid Build Coastguard Worker { val, ugid, ugid }, { ugid, val, ugid }, { ugid, ugid, val }
60*cf84ac9aSAndroid Build Coastguard Worker
61*cf84ac9aSAndroid Build Coastguard Worker int
main(void)62*cf84ac9aSAndroid Build Coastguard Worker main(void)
63*cf84ac9aSAndroid Build Coastguard Worker {
64*cf84ac9aSAndroid Build Coastguard Worker unsigned int ugid = GETUGID;
65*cf84ac9aSAndroid Build Coastguard Worker CHECK_OVERFLOWUGID(ugid);
66*cf84ac9aSAndroid Build Coastguard Worker
67*cf84ac9aSAndroid Build Coastguard Worker const struct {
68*cf84ac9aSAndroid Build Coastguard Worker const long r, e, s;
69*cf84ac9aSAndroid Build Coastguard Worker } tests[] = {
70*cf84ac9aSAndroid Build Coastguard Worker { ugid, ugid, ugid },
71*cf84ac9aSAndroid Build Coastguard Worker TRIPLE((unsigned long) 0xffffffff00000000ULL | ugid),
72*cf84ac9aSAndroid Build Coastguard Worker TRIPLE(-1U),
73*cf84ac9aSAndroid Build Coastguard Worker TRIPLE(-1L),
74*cf84ac9aSAndroid Build Coastguard Worker TRIPLE(0xffff0000U | ugid),
75*cf84ac9aSAndroid Build Coastguard Worker TRIPLE(0xffff),
76*cf84ac9aSAndroid Build Coastguard Worker TRIPLE(0xc0deffffU)
77*cf84ac9aSAndroid Build Coastguard Worker };
78*cf84ac9aSAndroid Build Coastguard Worker
79*cf84ac9aSAndroid Build Coastguard Worker unsigned int i;
80*cf84ac9aSAndroid Build Coastguard Worker
81*cf84ac9aSAndroid Build Coastguard Worker for (i = 0; i < ARRAY_SIZE(tests); ++i) {
82*cf84ac9aSAndroid Build Coastguard Worker const unsigned int rn = ugid2int(tests[i].r);
83*cf84ac9aSAndroid Build Coastguard Worker const unsigned int en = ugid2int(tests[i].e);
84*cf84ac9aSAndroid Build Coastguard Worker const unsigned int sn = ugid2int(tests[i].s);
85*cf84ac9aSAndroid Build Coastguard Worker
86*cf84ac9aSAndroid Build Coastguard Worker if (!num_matches_id(rn, ugid) ||
87*cf84ac9aSAndroid Build Coastguard Worker !num_matches_id(en, ugid) ||
88*cf84ac9aSAndroid Build Coastguard Worker !num_matches_id(sn, ugid))
89*cf84ac9aSAndroid Build Coastguard Worker continue;
90*cf84ac9aSAndroid Build Coastguard Worker
91*cf84ac9aSAndroid Build Coastguard Worker if (syscall(SYSCALL_NR, tests[i].r, tests[i].e, tests[i].s)) {
92*cf84ac9aSAndroid Build Coastguard Worker if (!i && ENOSYS == errno) {
93*cf84ac9aSAndroid Build Coastguard Worker printf("%s(%u, %u, %u) = -1 ENOSYS (%m)\n",
94*cf84ac9aSAndroid Build Coastguard Worker SYSCALL_NAME, ugid, ugid, ugid);
95*cf84ac9aSAndroid Build Coastguard Worker break;
96*cf84ac9aSAndroid Build Coastguard Worker }
97*cf84ac9aSAndroid Build Coastguard Worker perror_msg_and_fail("%s(%#lx, %#lx, %#lx)",
98*cf84ac9aSAndroid Build Coastguard Worker SYSCALL_NAME,
99*cf84ac9aSAndroid Build Coastguard Worker tests[i].r, tests[i].e, tests[i].s);
100*cf84ac9aSAndroid Build Coastguard Worker }
101*cf84ac9aSAndroid Build Coastguard Worker
102*cf84ac9aSAndroid Build Coastguard Worker printf("%s(", SYSCALL_NAME);
103*cf84ac9aSAndroid Build Coastguard Worker print_int(rn);
104*cf84ac9aSAndroid Build Coastguard Worker printf(", ");
105*cf84ac9aSAndroid Build Coastguard Worker print_int(en);
106*cf84ac9aSAndroid Build Coastguard Worker printf(", ");
107*cf84ac9aSAndroid Build Coastguard Worker print_int(sn);
108*cf84ac9aSAndroid Build Coastguard Worker printf(") = 0\n");
109*cf84ac9aSAndroid Build Coastguard Worker }
110*cf84ac9aSAndroid Build Coastguard Worker
111*cf84ac9aSAndroid Build Coastguard Worker puts("+++ exited with 0 +++");
112*cf84ac9aSAndroid Build Coastguard Worker return 0;
113*cf84ac9aSAndroid Build Coastguard Worker }
114