[SCM] UID Wrapper Repository - branch master updated

Andreas Schneider Tue, 01 Aug 2017 06:14:40 -0700

The branch, master has been updated
       via  1c793e1 uwrap: Improve parsing IDs from env variables
       via  7d12d4e uwrap: Fix integer overflowed argument
      from  111ac8e uwrap: Use calloc to allocate groups array


https://git.samba.org/?p=uid_wrapper.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 1c793e19f1cb8cb33defb171c9ae719ec8a820da
Author: Andreas Schneider <a...@samba.org>
Date:   Tue Aug 1 08:14:30 2017 +0200

    uwrap: Improve parsing IDs from env variables
    
    Signed-off-by: Andreas Schneider <a...@samba.org>
    Reviewed-by: Volker Lendecke <v...@samba.org>

commit 7d12d4eb01ee0d0d1bd3ee1d02f20d99009c4c73
Author: Andreas Schneider <a...@samba.org>
Date:   Tue Aug 1 08:11:28 2017 +0200

    uwrap: Fix integer overflowed argument
    
    The previous fix did not address the conversion from 64bit to 32bit.
    
    CID 165232
    
    Signed-off-by: Andreas Schneider <a...@samba.org>
    Reviewed-by: Volker Lendecke <v...@samba.org>

-----------------------------------------------------------------------

Summary of changes:
 src/uid_wrapper.c | 89 +++++++++++++++++++++++++++++++++++--------------------
 1 file changed, 57 insertions(+), 32 deletions(-)


Changeset truncated at 500 lines:

diff --git a/src/uid_wrapper.c b/src/uid_wrapper.c
index b3d12c5..9c4b0ee 100644
--- a/src/uid_wrapper.c
+++ b/src/uid_wrapper.c
@@ -34,6 +34,7 @@
 #include <syscall.h>
 #endif
 #include <dlfcn.h>
+#include <limits.h>
 
 #include <pthread.h>
 
@@ -972,6 +973,31 @@ static void uwrap_thread_child(void)
        UWRAP_UNLOCK_ALL;
 }
 
+static unsigned long uwrap_get_xid_from_env(const char *envname)
+{
+       unsigned long xid;
+       const char *env = NULL;
+       char *endp = NULL;
+
+       env = getenv(envname);
+       if (env == NULL) {
+               return ULONG_MAX;
+       }
+
+       if (env[0] == '\0') {
+               unsetenv("UID_WRAPPER_INITIAL_RUID");
+               return ULONG_MAX;
+       }
+
+       xid = strtoul(env, &endp, 10);
+       unsetenv("UID_WRAPPER_INITIAL_RUID");
+       if (env == endp) {
+               return ULONG_MAX;
+       }
+
+       return xid;
+}
+
 /*
  * This initializes uid_wrapper with the IDs exported to the environment. Those
  * are normally set after we forked and executed.
@@ -980,56 +1006,55 @@ static void uwrap_init_env(struct uwrap_thread *id)
 {
        const char *env;
        int ngroups = 0;
+       unsigned long xid;
 
-       env = getenv("UID_WRAPPER_INITIAL_RUID");
-       if (env != NULL && env[0] != '\0') {
-               UWRAP_LOG(UWRAP_LOG_DEBUG, "Initialize ruid with %s", env);
-               id->ruid = strtoul(env, (char **)NULL, 10);
-               unsetenv("UID_WRAPPER_INITIAL_RUID");
+       /* UIDs */
+       xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_RUID");
+       if (xid != ULONG_MAX) {
+               id->ruid = (uid_t)xid;
        }
 
-       env = getenv("UID_WRAPPER_INITIAL_EUID");
-       if (env != NULL && env[0] != '\0') {
-               UWRAP_LOG(UWRAP_LOG_DEBUG, "Initalize euid with %s", env);
-               id->euid = strtoul(env, (char **)NULL, 10);
-               unsetenv("UID_WRAPPER_INITIAL_EUID");
+       xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_EUID");
+       if (xid != ULONG_MAX) {
+               id->euid = (uid_t)xid;
        }
 
-       env = getenv("UID_WRAPPER_INITIAL_SUID");
-       if (env != NULL && env[0] != '\0') {
-               UWRAP_LOG(UWRAP_LOG_DEBUG, "Initalize suid with %s", env);
-               id->suid = strtoul(env, (char **)NULL, 10);
-               unsetenv("UID_WRAPPER_INITIAL_SUID");
+       xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_SUID");
+       if (xid != ULONG_MAX) {
+               id->suid = (uid_t)xid;
        }
 
-       env = getenv("UID_WRAPPER_INITIAL_RGID");
-       if (env != NULL && env[0] != '\0') {
-               UWRAP_LOG(UWRAP_LOG_DEBUG, "Initialize ruid with %s", env);
-               id->rgid = strtoul(env, (char **)NULL, 10);
-               unsetenv("UID_WRAPPER_INITIAL_RGID");
+       /* GIDs */
+       xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_RGID");
+       if (xid != ULONG_MAX) {
+               id->rgid = (gid_t)xid;
        }
 
-       env = getenv("UID_WRAPPER_INITIAL_EGID");
-       if (env != NULL && env[0] != '\0') {
-               UWRAP_LOG(UWRAP_LOG_DEBUG, "Initalize egid with %s", env);
-               id->egid = strtoul(env, (char **)NULL, 10);
-               unsetenv("UID_WRAPPER_INITIAL_EGID");
+       xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_EGID");
+       if (xid != ULONG_MAX) {
+               id->egid = (gid_t)xid;
        }
 
-       env = getenv("UID_WRAPPER_INITIAL_SGID");
-       if (env != NULL && env[0] != '\0') {
-               UWRAP_LOG(UWRAP_LOG_DEBUG, "Initalize sgid with %s", env);
-               id->sgid = strtoul(env, (char **)NULL, 10);
-               unsetenv("UID_WRAPPER_INITIAL_SGID");
+       xid = uwrap_get_xid_from_env("UID_WRAPPER_INITIAL_SGID");
+       if (xid != ULONG_MAX) {
+               id->sgid = (gid_t)xid;
        }
 
        env = getenv("UID_WRAPPER_INITIAL_GROUPS_COUNT");
        if (env != NULL && env[0] != '\0') {
-               ngroups = strtol(env, (char **)NULL, 10);
+               char *endp = NULL;
+               long n;
+
+               n = strtol(env, &endp, 10);
+               if (env == endp) {
+                       ngroups = 0;
+               } else if (n > 0 && n < GROUP_MAX_COUNT) {
+                       ngroups = (int)n;
+               }
                unsetenv("UID_WRAPPER_INITIAL_GROUPS_COUNT");
        }
 
-       if (ngroups > 0 && ngroups < GROUP_MAX_COUNT) {
+       if (ngroups > 0) {
                int i = 0;
 
                id->ngroups = 0;


-- 
UID Wrapper Repository

[SCM] UID Wrapper Repository - branch master updated

Reply via email to