Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Make the geteuid() system call overloadable using xSetSystemCall() on the unix VFSes. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
6c2ddea65e1871b2fcb4991c5b3e6992 |
| User & Date: | drh 2015-11-24 15:06:28 |
Context
|
2015-11-24
| ||
| 15:12 | Fix a comment typo in the unix VFS. No changes to code. (check-in: 32e13879 user: drh tags: trunk) | |
| 15:06 | Make the geteuid() system call overloadable using xSetSystemCall() on the unix VFSes. (check-in: 6c2ddea6 user: drh tags: trunk) | |
| 03:50 | Add a test case for the fix of check-in [19d9f9ce691963310] (check-in: 19a9c07b user: drh tags: trunk) | |
Changes
Changes to src/os_unix.c.
320 320 ** The safest way to deal with the problem is to always use this wrapper 321 321 ** which always has the same well-defined interface. 322 322 */ 323 323 static int posixOpen(const char *zFile, int flags, int mode){ 324 324 return open(zFile, flags, mode); 325 325 } 326 326 327 -/* 328 -** On some systems, calls to fchown() will trigger a message in a security 329 -** log if they come from non-root processes. So avoid calling fchown() if 330 -** we are not running as root. 331 -*/ 332 -static int posixFchown(int fd, uid_t uid, gid_t gid){ 333 -#if OS_VXWORKS 334 - return 0; 335 -#else 336 - return geteuid() ? 0 : fchown(fd,uid,gid); 337 -#endif 338 -} 339 - 340 327 /* Forward reference */ 341 328 static int openDirectory(const char*, int*); 342 329 static int unixGetpagesize(void); 343 330 344 331 /* 345 332 ** Many system calls are accessed through pointer-to-functions so that 346 333 ** they may be overridden at runtime to facilitate fault injection during ................................................................................ 419 406 { "pwrite64", (sqlite3_syscall_ptr)pwrite64, 0 }, 420 407 #else 421 408 { "pwrite64", (sqlite3_syscall_ptr)0, 0 }, 422 409 #endif 423 410 #define osPwrite64 ((ssize_t(*)(int,const void*,size_t,off_t))\ 424 411 aSyscall[13].pCurrent) 425 412 426 - { "fchmod", (sqlite3_syscall_ptr)fchmod, 0 }, 413 + { "fchmod", (sqlite3_syscall_ptr)fchmod, 0 }, 427 414 #define osFchmod ((int(*)(int,mode_t))aSyscall[14].pCurrent) 428 415 429 416 #if defined(HAVE_POSIX_FALLOCATE) && HAVE_POSIX_FALLOCATE 430 417 { "fallocate", (sqlite3_syscall_ptr)posix_fallocate, 0 }, 431 418 #else 432 419 { "fallocate", (sqlite3_syscall_ptr)0, 0 }, 433 420 #endif ................................................................................ 441 428 442 429 { "mkdir", (sqlite3_syscall_ptr)mkdir, 0 }, 443 430 #define osMkdir ((int(*)(const char*,mode_t))aSyscall[18].pCurrent) 444 431 445 432 { "rmdir", (sqlite3_syscall_ptr)rmdir, 0 }, 446 433 #define osRmdir ((int(*)(const char*))aSyscall[19].pCurrent) 447 434 448 - { "fchown", (sqlite3_syscall_ptr)posixFchown, 0 }, 435 + { "fchown", (sqlite3_syscall_ptr)fchown, 0 }, 449 436 #define osFchown ((int(*)(int,uid_t,gid_t))aSyscall[20].pCurrent) 437 + 438 + { "geteuid", (sqlite3_syscall_ptr)geteuid, 0 }, 439 +#define osGeteuid ((uid_t(*)(void))aSyscall[21].pCurrent) 450 440 451 441 #if !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0 452 442 { "mmap", (sqlite3_syscall_ptr)mmap, 0 }, 453 -#define osMmap ((void*(*)(void*,size_t,int,int,int,off_t))aSyscall[21].pCurrent) 443 +#define osMmap ((void*(*)(void*,size_t,int,int,int,off_t))aSyscall[22].pCurrent) 454 444 455 445 { "munmap", (sqlite3_syscall_ptr)munmap, 0 }, 456 -#define osMunmap ((void*(*)(void*,size_t))aSyscall[22].pCurrent) 446 +#define osMunmap ((void*(*)(void*,size_t))aSyscall[23].pCurrent) 457 447 458 448 #if HAVE_MREMAP 459 449 { "mremap", (sqlite3_syscall_ptr)mremap, 0 }, 460 450 #else 461 451 { "mremap", (sqlite3_syscall_ptr)0, 0 }, 462 452 #endif 463 -#define osMremap ((void*(*)(void*,size_t,size_t,int,...))aSyscall[23].pCurrent) 453 +#define osMremap ((void*(*)(void*,size_t,size_t,int,...))aSyscall[24].pCurrent) 454 + 464 455 { "getpagesize", (sqlite3_syscall_ptr)unixGetpagesize, 0 }, 465 -#define osGetpagesize ((int(*)(void))aSyscall[24].pCurrent) 456 +#define osGetpagesize ((int(*)(void))aSyscall[25].pCurrent) 466 457 467 458 { "readlink", (sqlite3_syscall_ptr)readlink, 0 }, 468 -#define osReadlink ((ssize_t(*)(const char*,char*,size_t))aSyscall[25].pCurrent) 459 +#define osReadlink ((ssize_t(*)(const char*,char*,size_t))aSyscall[26].pCurrent) 469 460 470 461 #endif 471 462 472 463 }; /* End of the overrideable system calls */ 473 464 465 + 466 +/* 467 +** On some systems, calls to fchown() will trigger a message in a security 468 +** log if they come from non-root processes. So avoid calling fchown() if 469 +** we are not running as root. 470 +*/ 471 +static int robustFchown(int fd, uid_t uid, gid_t gid){ 472 +#if OS_VXWORKS 473 + return 0; 474 +#else 475 + return osGeteuid() ? 0 : osFchown(fd,uid,gid); 476 +#endif 477 +} 478 + 474 479 /* 475 480 ** This is the xSetSystemCall() method of sqlite3_vfs for all of the 476 481 ** "unix" VFSes. Return SQLITE_OK opon successfully updating the 477 482 ** system call pointer, or SQLITE_NOTFOUND if there is no configurable 478 483 ** system call named zName. 479 484 */ 480 485 static int unixSetSystemCall( ................................................................................ 4339 4344 goto shm_open_err; 4340 4345 } 4341 4346 4342 4347 /* If this process is running as root, make sure that the SHM file 4343 4348 ** is owned by the same user that owns the original database. Otherwise, 4344 4349 ** the original owner will not be able to connect. 4345 4350 */ 4346 - osFchown(pShmNode->h, sStat.st_uid, sStat.st_gid); 4351 + robustFchown(pShmNode->h, sStat.st_uid, sStat.st_gid); 4347 4352 4348 4353 /* Check to see if another process is holding the dead-man switch. 4349 4354 ** If not, truncate the file to zero length. 4350 4355 */ 4351 4356 rc = SQLITE_OK; 4352 4357 if( unixShmSystemLock(pDbFd, F_WRLCK, UNIX_SHM_DMS, 1)==SQLITE_OK ){ 4353 4358 if( robust_ftruncate(pShmNode->h, 0) ){ ................................................................................ 5823 5828 } 5824 5829 5825 5830 /* If this process is running as root and if creating a new rollback 5826 5831 ** journal or WAL file, set the ownership of the journal or WAL to be 5827 5832 ** the same as the original database. 5828 5833 */ 5829 5834 if( flags & (SQLITE_OPEN_WAL|SQLITE_OPEN_MAIN_JOURNAL) ){ 5830 - osFchown(fd, uid, gid); 5835 + robustFchown(fd, uid, gid); 5831 5836 } 5832 5837 } 5833 5838 assert( fd>=0 ); 5834 5839 if( pOutFlags ){ 5835 5840 *pOutFlags = flags; 5836 5841 } 5837 5842 ................................................................................ 7580 7585 UNIXVFS("unix-proxy", proxyIoFinder ), 7581 7586 #endif 7582 7587 }; 7583 7588 unsigned int i; /* Loop counter */ 7584 7589 7585 7590 /* Double-check that the aSyscall[] array has been constructed 7586 7591 ** correctly. See ticket [bb3a86e890c8e96ab] */ 7587 - assert( ArraySize(aSyscall)==26 ); 7592 + assert( ArraySize(aSyscall)==27 ); 7588 7593 7589 7594 /* Register all VFSes defined in the aVfs[] array */ 7590 7595 for(i=0; i<(sizeof(aVfs)/sizeof(sqlite3_vfs)); i++){ 7591 7596 sqlite3_vfs_register(&aVfs[i], i==0); 7592 7597 } 7593 7598 return SQLITE_OK; 7594 7599 }
Changes to test/syscall.test.
56 56 #------------------------------------------------------------------------- 57 57 # Tests for the xNextSystemCall method. 58 58 # 59 59 foreach s { 60 60 open close access getcwd stat fstat ftruncate 61 61 fcntl read pread write pwrite fchmod fallocate 62 62 pread64 pwrite64 unlink openDirectory mkdir rmdir 63 - statvfs fchown umask mmap munmap mremap 63 + statvfs fchown geteuid umask mmap munmap mremap 64 64 getpagesize readlink 65 65 } { 66 66 if {[test_syscall exists $s]} {lappend syscall_list $s} 67 67 } 68 68 do_test 3.1 { lsort [test_syscall list] } [lsort $syscall_list] 69 69 70 70 #-------------------------------------------------------------------------