[Pkg-shadow-devel] [PATCH] newuidmap, newgidmap: Correct the range size sanity check in get_map_ranges
Serge E. Hallyn
serge at hallyn.com
Tue Sep 10 22:43:23 UTC 2013
Quoting Eric W. Biederman (ebiederm at xmission.com):
> Serge Hallyn <serge.hallyn at ubuntu.com> writes:
>
> > Quoting Eric W. Biederman (ebiederm at xmission.com):
> >>
> >> The number of ranges should be the ceiling of the number of arguments divided
> >> by three.
> >>
> >> Without this fix newuidmap and newgidmap always report and error and fail,
> >> which is very much not what we want.
> >
> > Are you sure?
>
> Certain enough that I tracked it down to that line.
>
> > Without looking back at the code, I can say I've used
> > them quite a bit and never seen an error. When I originally looked
> > at the code the -2 + 2 did annoy me, but I assumed it was supposed to
> > remind you of something :)
>
> Yes but then you copied that test to a location where argc - 2 was
> already present. So it is certainly a correct transformation.
Oh, I see.
> > Can you give an example command line that fails for you?
>
> The command line I was using when this triggered was:
>
> newuidmap $child 0 $subuid 1000 $uid $uid 1
>
> Let me check my math to make certain the problem checks out.
> argc == 8 on entry into main.
>
> argc - 2 (newuidmap and $child) == 6
>
> Hmm.
>
> You know I must have made a typo, and was short an argument when I was
> testing that. Ugh.
>
> So perhaps things are not quite as bad as I made out. But the fix is
> definitely useful as otherwise we don't handle the case of being short
Right, sorry, so it is.
> an argument or two correctly. Which should hit the next test and
> complain about being short arguments and should not complain that range
> is incorrect.
>
> Eric
>
>
> >> Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
Acked-by: Serge Hallyn <serge.hallyn at canonical.com>
I'll push to git. Thanks, Eric.
> >> ---
> >> libmisc/idmapping.c | 2 +-
> >> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/libmisc/idmapping.c b/libmisc/idmapping.c
> >> index 81e85d5..714c29e 100644
> >> --- a/libmisc/idmapping.c
> >> +++ b/libmisc/idmapping.c
> >> @@ -47,7 +47,7 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
> >> return NULL;
> >> }
> >>
> >> - if (ranges != ((argc - 2) + 2) / 3) {
> >> + if (ranges != ((argc + 2) / 3)) {
> >> fprintf(stderr, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc);
> >> return NULL;
> >> }
> >> --
> >> 1.7.10.4
> >>
> >>
> >> _______________________________________________
> >> Pkg-shadow-devel mailing list
> >> Pkg-shadow-devel at lists.alioth.debian.org
> >> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-shadow-devel
More information about the Pkg-shadow-devel
mailing list