[newlib-cygwin] Fix file type mode bit handling on object security.

Corinna Vinschen corinna@sourceware.org
Wed Nov 18 22:12:00 GMT 2015


https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=645913109673c36cebf19d407a6e3e3a4a6288db

commit 645913109673c36cebf19d407a6e3e3a4a6288db
Author: Corinna Vinschen <corinna@vinschen.de>
Date:   Thu Sep 3 19:29:55 2015 +0200

    Fix file type mode bit handling on object security.
    
    	* fhandler_tty.cc (fhandler_pty_slave::open): Add S_IFCHR flag
    	in call to create_object_sd_from_attribute.
    	(fhandler_pty_slave::fstat): Ditto in call to get_object_attribute.
    	(fhandler_pty_slave::fchmod): Add an orig_mode flag and ditto for
    	both calls.
    	(fhandler_pty_master::setup): Ditto in call to
    	create_object_sd_from_attribute.
    	* security.cc (get_object_attribute): Never add S_IFCHR to mode
    	here.  Let the caller decide.
    	(create_object_sd_from_attribute): Ditto.
    
    Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

Diff:
---
 winsup/cygwin/ChangeLog       | 13 +++++++++++++
 winsup/cygwin/fhandler_tty.cc | 16 ++++++++++------
 winsup/cygwin/security.cc     |  7 +------
 3 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 690d5bc..f4238de 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,18 @@
 2015-11-18  Corinna Vinschen  <corinna@vinschen.de>
 
+	* fhandler_tty.cc (fhandler_pty_slave::open): Add S_IFCHR flag
+	in call to create_object_sd_from_attribute.
+	(fhandler_pty_slave::fstat): Ditto in call to get_object_attribute.
+	(fhandler_pty_slave::fchmod): Add an orig_mode flag and ditto for
+	both calls.
+	(fhandler_pty_master::setup): Ditto in call to
+	create_object_sd_from_attribute.
+	* security.cc (get_object_attribute): Never add S_IFCHR to mode
+	here.  Let the caller decide.
+	(create_object_sd_from_attribute): Ditto.
+
+2015-11-18  Corinna Vinschen  <corinna@vinschen.de>
+
 	* security.h (authz_get_user_attribute): Declare bool.
 	* sec_helper.cc (authz_ctx::get_user_attribute): Make bool method.
 	Set S_IxOTH bits in returned attributes rather than S_IxUSR bits.
diff --git a/winsup/cygwin/fhandler_tty.cc b/winsup/cygwin/fhandler_tty.cc
index 93fb22b..ee37ed4 100644
--- a/winsup/cygwin/fhandler_tty.cc
+++ b/winsup/cygwin/fhandler_tty.cc
@@ -390,7 +390,8 @@ fhandler_pty_slave::open (int flags, mode_t)
     RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION);
     SECURITY_ATTRIBUTES sa = { sizeof (SECURITY_ATTRIBUTES), NULL, TRUE };
     if (!create_object_sd_from_attribute (myself->uid, myself->gid,
-					  S_IRUSR | S_IWUSR | S_IWGRP, sd))
+					  S_IFCHR | S_IRUSR | S_IWUSR | S_IWGRP,
+					  sd))
       sa.lpSecurityDescriptor = (PSECURITY_DESCRIPTOR) sd;
     acquire_output_mutex (INFINITE);
     inuse = get_ttyp ()->create_inuse (&sa);
@@ -1034,6 +1035,7 @@ fhandler_pty_slave::fstat (struct stat *st)
       if (input_available_event)
 	to_close = true;
     }
+  st->st_mode = S_IFCHR;
   if (!input_available_event
       || get_object_attribute (input_available_event, &st->st_uid, &st->st_gid,
 			       &st->st_mode))
@@ -1167,6 +1169,7 @@ fhandler_pty_slave::fchmod (mode_t mode)
   security_descriptor sd;
   uid_t uid;
   gid_t gid;
+  mode_t orig_mode = S_IFCHR;
 
   if (!input_available_event)
     {
@@ -1176,8 +1179,8 @@ fhandler_pty_slave::fchmod (mode_t mode)
     }
   sd.malloc (sizeof (SECURITY_DESCRIPTOR));
   RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION);
-  if (!get_object_attribute (input_available_event, &uid, &gid, NULL)
-      && !create_object_sd_from_attribute (uid, gid, mode, sd))
+  if (!get_object_attribute (input_available_event, &uid, &gid, &orig_mode)
+      && !create_object_sd_from_attribute (uid, gid, S_IFCHR | mode, sd))
     ret = fch_set_sd (sd, false);
 errout:
   if (to_close)
@@ -1190,10 +1193,10 @@ fhandler_pty_slave::fchown (uid_t uid, gid_t gid)
 {
   int ret = -1;
   bool to_close = false;
-  mode_t mode = 0;
+  security_descriptor sd;
   uid_t o_uid;
   gid_t o_gid;
-  security_descriptor sd;
+  mode_t mode = S_IFCHR;
 
   if (uid == ILLEGAL_UID && gid == ILLEGAL_GID)
     return 0;
@@ -1754,7 +1757,8 @@ fhandler_pty_master::setup ()
   sd.malloc (sizeof (SECURITY_DESCRIPTOR));
   RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION);
   if (!create_object_sd_from_attribute (myself->uid, myself->gid,
-					S_IRUSR | S_IWUSR | S_IWGRP, sd))
+					S_IFCHR | S_IRUSR | S_IWUSR | S_IWGRP,
+					sd))
     sa.lpSecurityDescriptor = (PSECURITY_DESCRIPTOR) sd;
 
   /* Carefully check that the input_available_event didn't already exist.
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index ac25d71..4e02bca 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -401,14 +401,9 @@ get_object_attribute (HANDLE handle, uid_t *uidret, gid_t *gidret,
 		      mode_t *attribute)
 {
   security_descriptor sd;
-  mode_t attr = S_IFCHR;
 
   if (get_object_sd (handle, sd))
     return -1;
-  if (attribute)
-    *attribute |= S_IFCHR;
-  else
-    attribute = &attr;
   return get_posix_access (sd, attribute, uidret, gidret, NULL, 0)
 	 >= 0 ? 0 : -1;
 }
@@ -417,7 +412,7 @@ int
 create_object_sd_from_attribute (uid_t uid, gid_t gid, mode_t attribute,
 				 security_descriptor &sd)
 {
-  return set_posix_access (S_IFCHR | attribute, uid, gid, NULL, 0, sd, false)
+  return set_posix_access (attribute, uid, gid, NULL, 0, sd, false)
   	 ? 0 : -1;
 }



More information about the Cygwin-cvs mailing list