libs/newlib-cygwin
libs
/
newlib-cygwin
mirror of git://sourceware.org/git/newlib-cygwin.git
4
0
Fork 0
Code Issues Projects Releases Wiki Activity

Cygwin: get_posix_access: Make mode_t parameter mandatory 

Avoid the mistake fixed in the preceeding commit by passing
the mode_t argument by reference.  This also affects a couple
other functions calling get_posix_access in turn.

Fixes: bc444e5aa4 ("Reapply POSIX ACL changes.")
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen 2023-02-09 21:55:18 +01:00
parent 9afd4c0558
commit 498fce80ef
8 changed files with 31 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
winsup/cygwin/fhandler/disk_file.cc
View File

@ -464,16 +464,16 @@ fhandler_base::fstat_helper (struct stat *buf)
else if (pc.issymlink ()) else if (pc.issymlink ())
{ {
buf->st_size = pc.get_symlink_length (); buf->st_size = pc.get_symlink_length ();
get_file_attribute (h, pc, buf->st_mode,
&buf->st_uid, &buf->st_gid);
/* symlinks are everything for everyone! */ /* symlinks are everything for everyone! */
buf->st_mode = S_IFLNK | S_IRWXU | S_IRWXG | S_IRWXO; buf->st_mode = S_IFLNK | S_IRWXU | S_IRWXG | S_IRWXO;
get_file_attribute (h, pc, NULL,
&buf->st_uid, &buf->st_gid);
goto done; goto done;
} }
else if (pc.issocket ()) else if (pc.issocket ())
buf->st_mode = S_IFSOCK; buf->st_mode = S_IFSOCK;
if (!get_file_attribute (h, pc, &buf->st_mode, &buf->st_uid, &buf->st_gid)) if (!get_file_attribute (h, pc, buf->st_mode, &buf->st_uid, &buf->st_gid))
{ {
/* If read-only attribute is set, modify ntsec return value */ /* If read-only attribute is set, modify ntsec return value */
if (::has_attribute (attributes, FILE_ATTRIBUTE_READONLY) if (::has_attribute (attributes, FILE_ATTRIBUTE_READONLY)
@ -769,7 +769,7 @@ fhandler_disk_file::fchmod (mode_t mode)
if (!get_file_sd (get_handle (), pc, sd, false)) if (!get_file_sd (get_handle (), pc, sd, false))
{ {
aclp = (aclent_t *) tp.c_get (); aclp = (aclent_t *) tp.c_get ();
if ((nentries = get_posix_access (sd, &attr, &uid, &gid, if ((nentries = get_posix_access (sd, attr, &uid, &gid,
aclp, MAX_ACL_ENTRIES, aclp, MAX_ACL_ENTRIES,
&standard_acl)) >= 0) &standard_acl)) >= 0)
{ {
@ -879,7 +879,7 @@ fhandler_disk_file::fchown (uid_t uid, gid_t gid)
goto out; goto out;
aclp = (aclent_t *) tp.c_get (); aclp = (aclent_t *) tp.c_get ();
if ((nentries = get_posix_access (sd, &attr, &old_uid, &old_gid, if ((nentries = get_posix_access (sd, attr, &old_uid, &old_gid,
aclp, MAX_ACL_ENTRIES)) < 0) aclp, MAX_ACL_ENTRIES)) < 0)
goto out; goto out;

2
winsup/cygwin/fhandler/mqueue.cc
View File

@ -251,7 +251,7 @@ fhandler_mqueue::mqinfo_open (int flags)
__seterrno_from_nt_status (status); __seterrno_from_nt_status (status);
return NULL; return NULL;
} }
if (get_file_attribute (get_handle (), pc, &mode, NULL, NULL)) if (get_file_attribute (get_handle (), pc, mode, NULL, NULL))
mode = STD_RBITS | STD_WBITS; mode = STD_RBITS | STD_WBITS;
return _mqinfo (fsi.EndOfFile.QuadPart, mode, flags, true); return _mqinfo (fsi.EndOfFile.QuadPart, mode, flags, true);

6
winsup/cygwin/fhandler/procsys.cc
View File

@ -86,7 +86,7 @@ fhandler_procsys::exists (struct stat *buf)
{ {
/* If requested, check permissions. */ /* If requested, check permissions. */
if (buf) if (buf)
get_object_attribute (h, &buf->st_uid, &buf->st_gid, &buf->st_mode); get_object_attribute (h, &buf->st_uid, &buf->st_gid, buf->st_mode);
NtClose (h); NtClose (h);
return virt_symlink; return virt_symlink;
} }
@ -99,7 +99,7 @@ fhandler_procsys::exists (struct stat *buf)
{ {
/* If requested, check permissions. */ /* If requested, check permissions. */
if (buf) if (buf)
get_object_attribute (h, &buf->st_uid, &buf->st_gid, &buf->st_mode); get_object_attribute (h, &buf->st_uid, &buf->st_gid, buf->st_mode);
NtClose (h); NtClose (h);
return virt_directory; return virt_directory;
} }
@ -164,7 +164,7 @@ fhandler_procsys::exists (struct stat *buf)
/* If requested, check permissions. If this is a parent handle from /* If requested, check permissions. If this is a parent handle from
the above desperate parent check, skip. */ the above desperate parent check, skip. */
if (buf && !desperate_parent_check) if (buf && !desperate_parent_check)
get_object_attribute (h, &buf->st_uid, &buf->st_gid, &buf->st_mode); get_object_attribute (h, &buf->st_uid, &buf->st_gid, buf->st_mode);
/* Check for the device type. */ /* Check for the device type. */
status = NtQueryVolumeInformationFile (h, &io, &ffdi, sizeof ffdi, status = NtQueryVolumeInformationFile (h, &io, &ffdi, sizeof ffdi,

12
winsup/cygwin/fhandler/pty.cc
View File

@ -1793,7 +1793,7 @@ fhandler_pty_slave::fstat (struct stat *st)
st->st_mode = S_IFCHR; st->st_mode = S_IFCHR;
if (!input_available_event if (!input_available_event
|| get_object_attribute (input_available_event, &st->st_uid, &st->st_gid, || get_object_attribute (input_available_event, &st->st_uid, &st->st_gid,
&st->st_mode)) st->st_mode))
{ {
/* If we can't access the ACL, or if the tty doesn't actually exist, /* If we can't access the ACL, or if the tty doesn't actually exist,
then fake uid and gid to strict, system-like values. */ then fake uid and gid to strict, system-like values. */
@ -1839,7 +1839,7 @@ fhandler_pty_slave::facl (int cmd, int nentries, aclent_t *aclbufp)
if (!input_available_event if (!input_available_event
|| get_object_sd (input_available_event, sd)) || get_object_sd (input_available_event, sd))
{ {
res = get_posix_access (NULL, &attr, NULL, NULL, aclbufp, nentries); res = get_posix_access (NULL, attr, NULL, NULL, aclbufp, nentries);
if (aclbufp && res == MIN_ACL_ENTRIES) if (aclbufp && res == MIN_ACL_ENTRIES)
{ {
aclbufp[0].a_perm = S_IROTH | S_IWOTH; aclbufp[0].a_perm = S_IROTH | S_IWOTH;
@ -1849,9 +1849,9 @@ fhandler_pty_slave::facl (int cmd, int nentries, aclent_t *aclbufp)
break; break;
} }
if (cmd == GETACL) if (cmd == GETACL)
res = get_posix_access (sd, &attr, NULL, NULL, aclbufp, nentries); res = get_posix_access (sd, attr, NULL, NULL, aclbufp, nentries);
else else
res = get_posix_access (sd, &attr, NULL, NULL, NULL, 0); res = get_posix_access (sd, attr, NULL, NULL, NULL, 0);
break; break;
default: default:
set_errno (EINVAL); set_errno (EINVAL);
@ -1935,7 +1935,7 @@ fhandler_pty_slave::fchmod (mode_t mode)
} }
sd.malloc (sizeof (SECURITY_DESCRIPTOR)); sd.malloc (sizeof (SECURITY_DESCRIPTOR));
RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION); RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION);
if (!get_object_attribute (input_available_event, &uid, &gid, &orig_mode) if (!get_object_attribute (input_available_event, &uid, &gid, orig_mode)
&& !create_object_sd_from_attribute (uid, gid, S_IFCHR | mode, sd)) && !create_object_sd_from_attribute (uid, gid, S_IFCHR | mode, sd))
ret = fch_set_sd (sd, false); ret = fch_set_sd (sd, false);
errout: errout:
@ -1964,7 +1964,7 @@ fhandler_pty_slave::fchown (uid_t uid, gid_t gid)
} }
sd.malloc (sizeof (SECURITY_DESCRIPTOR)); sd.malloc (sizeof (SECURITY_DESCRIPTOR));
RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION); RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION);
if (!get_object_attribute (input_available_event, &o_uid, &o_gid, &mode)) if (!get_object_attribute (input_available_event, &o_uid, &o_gid, mode))
{ {
if (uid == ILLEGAL_UID) if (uid == ILLEGAL_UID)
uid = o_uid; uid = o_uid;

2
winsup/cygwin/fhandler/registry.cc
View File

@ -552,7 +552,7 @@ fhandler_registry::fstat (struct stat *buf)
} }
uid_t uid; uid_t uid;
gid_t gid; gid_t gid;
if (get_reg_attribute (hKey, &buf->st_mode, &uid, &gid) == 0) if (get_reg_attribute (hKey, buf->st_mode, &uid, &gid) == 0)
{ {
buf->st_uid = uid; buf->st_uid = uid;
buf->st_gid = gid; buf->st_gid = gid;

8
winsup/cygwin/local_includes/security.h
View File

@ -411,17 +411,17 @@ legal_sid_type (SID_NAME_USE type)
class path_conv; class path_conv;
/* File manipulation */ /* File manipulation */
int get_file_attribute (HANDLE, path_conv &, mode_t *, int get_file_attribute (HANDLE, path_conv &, mode_t &,
uid_t *, gid_t *); uid_t *, gid_t *);
int set_created_file_access (HANDLE, path_conv &, mode_t); int set_created_file_access (HANDLE, path_conv &, mode_t);
int get_object_sd (HANDLE, security_descriptor &); int get_object_sd (HANDLE, security_descriptor &);
int get_object_attribute (HANDLE, uid_t *, gid_t *, mode_t *); int get_object_attribute (HANDLE, uid_t *, gid_t *, mode_t &);
int set_object_attribute (HANDLE, uid_t, gid_t, mode_t); int set_object_attribute (HANDLE, uid_t, gid_t, mode_t);
int create_object_sd_from_attribute (uid_t, gid_t, mode_t, int create_object_sd_from_attribute (uid_t, gid_t, mode_t,
security_descriptor &); security_descriptor &);
int set_object_sd (HANDLE, security_descriptor &, bool); int set_object_sd (HANDLE, security_descriptor &, bool);
int get_reg_attribute (HKEY hkey, mode_t *, uid_t *, gid_t *); int get_reg_attribute (HKEY hkey, mode_t &, uid_t *, gid_t *);
LONG get_file_sd (HANDLE fh, path_conv &, security_descriptor &, bool); LONG get_file_sd (HANDLE fh, path_conv &, security_descriptor &, bool);
LONG set_file_sd (HANDLE fh, path_conv &, security_descriptor &, bool); LONG set_file_sd (HANDLE fh, path_conv &, security_descriptor &, bool);
bool add_access_allowed_ace (PACL, DWORD, PSID, size_t &, DWORD); bool add_access_allowed_ace (PACL, DWORD, PSID, size_t &, DWORD);
@ -441,7 +441,7 @@ struct acl;
int searchace (struct acl *, int, int, uid_t id = ILLEGAL_UID); int searchace (struct acl *, int, int, uid_t id = ILLEGAL_UID);
PSECURITY_DESCRIPTOR set_posix_access (mode_t, uid_t, gid_t, struct acl *, int, PSECURITY_DESCRIPTOR set_posix_access (mode_t, uid_t, gid_t, struct acl *, int,
security_descriptor &, bool); security_descriptor &, bool);
int get_posix_access (PSECURITY_DESCRIPTOR, mode_t *, uid_t *, gid_t *, int get_posix_access (PSECURITY_DESCRIPTOR, mode_t &, uid_t *, gid_t *,
struct acl *, int, bool * = NULL); struct acl *, int, bool * = NULL);
int getacl (HANDLE, path_conv &, int, struct acl *); int getacl (HANDLE, path_conv &, int, struct acl *);
int setacl (HANDLE, path_conv &, int, struct acl *, bool &); int setacl (HANDLE, path_conv &, int, struct acl *, bool &);

19
winsup/cygwin/sec/acl.cc
View File

@ -577,7 +577,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
if (get_file_sd (handle, pc, sd, false)) if (get_file_sd (handle, pc, sd, false))
return -1; return -1;
if (get_posix_access (sd, &attr, &uid, &gid, NULL, 0) < 0) if (get_posix_access (sd, attr, &uid, &gid, NULL, 0) < 0)
return -1; return -1;
if (!set_posix_access (attr, uid, gid, aclbufp, nentries, if (!set_posix_access (attr, uid, gid, aclbufp, nentries,
sd_ret, pc.fs_is_samba ())) sd_ret, pc.fs_is_samba ()))
@ -644,7 +644,7 @@ getace (aclent_t &acl, int type, int id, DWORD win_ace_mask,
stock POSIX perms even if Administrators and SYSTEM is in the ACE. */ stock POSIX perms even if Administrators and SYSTEM is in the ACE. */
int int
get_posix_access (PSECURITY_DESCRIPTOR psd, get_posix_access (PSECURITY_DESCRIPTOR psd,
mode_t *attr_ret, uid_t *uid_ret, gid_t *gid_ret, mode_t &attr_ret, uid_t *uid_ret, gid_t *gid_ret,
aclent_t *aclbufp, int nentries, bool *std_acl) aclent_t *aclbufp, int nentries, bool *std_acl)
{ {
tmp_pathbuf tp; tmp_pathbuf tp;
@ -689,8 +689,7 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
unreadable. */ unreadable. */
if (!psd) if (!psd)
{ {
if (attr_ret) attr_ret &= S_IFMT;
*attr_ret &= S_IFMT;
if (uid_ret) if (uid_ret)
*uid_ret = ACL_UNDEFINED_ID; *uid_ret = ACL_UNDEFINED_ID;
if (gid_ret) if (gid_ret)
@ -732,11 +731,8 @@ get_posix_access (PSECURITY_DESCRIPTOR psd,
/* Set uidret, gidret, and initalize attributes. */ /* Set uidret, gidret, and initalize attributes. */
uid = owner_sid.get_uid (&cldap); uid = owner_sid.get_uid (&cldap);
gid = group_sid.get_gid (&cldap); gid = group_sid.get_gid (&cldap);
if (attr_ret) attr = attr_ret & S_IFMT;
{ just_created = attr_ret & S_JUSTCREATED;
attr = *attr_ret & S_IFMT;
just_created = *attr_ret & S_JUSTCREATED;
}
/* Remember the fact that owner and group are the same account. */ /* Remember the fact that owner and group are the same account. */
owner_eq_group = owner_sid == group_sid; owner_eq_group = owner_sid == group_sid;
@ -1174,8 +1170,7 @@ out:
*uid_ret = uid; *uid_ret = uid;
if (gid_ret) if (gid_ret)
*gid_ret = gid; *gid_ret = gid;
if (attr_ret) attr_ret = attr;
*attr_ret = attr;
if (aclbufp) if (aclbufp)
{ {
if (pos > nentries) if (pos > nentries)
@ -1201,7 +1196,7 @@ getacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp)
if (get_file_sd (handle, pc, sd, false)) if (get_file_sd (handle, pc, sd, false))
return -1; return -1;
int pos = get_posix_access (sd, &attr, NULL, NULL, aclbufp, nentries); int pos = get_posix_access (sd, attr, NULL, NULL, aclbufp, nentries);
syscall_printf ("%R = getacl(%S)", pos, pc.get_nt_native_path ()); syscall_printf ("%R = getacl(%S)", pos, pc.get_nt_native_path ());
return pos; return pos;
} }

8
winsup/cygwin/sec/base.cc
View File

@ -276,7 +276,7 @@ get_reg_sd (HANDLE handle, security_descriptor &sd_ret)
} }
int int
get_reg_attribute (HKEY hkey, mode_t *attribute, uid_t *uidret, get_reg_attribute (HKEY hkey, mode_t &attribute, uid_t *uidret,
gid_t *gidret) gid_t *gidret)
{ {
security_descriptor sd; security_descriptor sd;
@ -292,7 +292,7 @@ get_reg_attribute (HKEY hkey, mode_t *attribute, uid_t *uidret,
int int
get_file_attribute (HANDLE handle, path_conv &pc, get_file_attribute (HANDLE handle, path_conv &pc,
mode_t *attribute, uid_t *uidret, gid_t *gidret) mode_t &attribute, uid_t *uidret, gid_t *gidret)
{ {
if (pc.has_acls ()) if (pc.has_acls ())
{ {
@ -399,7 +399,7 @@ get_object_sd (HANDLE handle, security_descriptor &sd)
int int
get_object_attribute (HANDLE handle, uid_t *uidret, gid_t *gidret, get_object_attribute (HANDLE handle, uid_t *uidret, gid_t *gidret,
mode_t *attribute) mode_t &attribute)
{ {
security_descriptor sd; security_descriptor sd;
@ -462,7 +462,7 @@ set_created_file_access (HANDLE handle, path_conv &pc, mode_t attr)
attr |= S_IFDIR; attr |= S_IFDIR;
attr_rd = attr; attr_rd = attr;
aclp = (aclent_t *) tp.c_get (); aclp = (aclent_t *) tp.c_get ();
if ((nentries = get_posix_access (sd, &attr_rd, &uid, &gid, aclp, if ((nentries = get_posix_access (sd, attr_rd, &uid, &gid, aclp,
MAX_ACL_ENTRIES, &std_acl)) >= 0) MAX_ACL_ENTRIES, &std_acl)) >= 0)
{ {
if (S_ISLNK (attr)) if (S_ISLNK (attr))