/ Check-in [6c2ddea6]
Login
SQLite training in Houston TX on 2019-11-05 (details)
Part of the 2019 Tcl Conference

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Make the geteuid() system call overloadable using xSetSystemCall() on the unix VFSes.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 6c2ddea65e1871b2fcb4991c5b3e6992993db3ea
User & Date: drh 2015-11-24 15:06:28
Context
2015-11-24
15:12
Fix a comment typo in the unix VFS. No changes to code. check-in: 32e13879 user: drh tags: trunk
15:06
Make the geteuid() system call overloadable using xSetSystemCall() on the unix VFSes. check-in: 6c2ddea6 user: drh tags: trunk
03:50
Add a test case for the fix of check-in [19d9f9ce691963310] check-in: 19a9c07b user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/os_unix.c.

   320    320   ** The safest way to deal with the problem is to always use this wrapper
   321    321   ** which always has the same well-defined interface.
   322    322   */
   323    323   static int posixOpen(const char *zFile, int flags, int mode){
   324    324     return open(zFile, flags, mode);
   325    325   }
   326    326   
   327         -/*
   328         -** On some systems, calls to fchown() will trigger a message in a security
   329         -** log if they come from non-root processes.  So avoid calling fchown() if
   330         -** we are not running as root.
   331         -*/
   332         -static int posixFchown(int fd, uid_t uid, gid_t gid){
   333         -#if OS_VXWORKS
   334         -  return 0;
   335         -#else
   336         -  return geteuid() ? 0 : fchown(fd,uid,gid);
   337         -#endif
   338         -}
   339         -
   340    327   /* Forward reference */
   341    328   static int openDirectory(const char*, int*);
   342    329   static int unixGetpagesize(void);
   343    330   
   344    331   /*
   345    332   ** Many system calls are accessed through pointer-to-functions so that
   346    333   ** they may be overridden at runtime to facilitate fault injection during
................................................................................
   419    406     { "pwrite64",     (sqlite3_syscall_ptr)pwrite64,   0  },
   420    407   #else
   421    408     { "pwrite64",     (sqlite3_syscall_ptr)0,          0  },
   422    409   #endif
   423    410   #define osPwrite64  ((ssize_t(*)(int,const void*,size_t,off_t))\
   424    411                       aSyscall[13].pCurrent)
   425    412   
   426         -  { "fchmod",       (sqlite3_syscall_ptr)fchmod,     0  },
          413  +  { "fchmod",       (sqlite3_syscall_ptr)fchmod,          0  },
   427    414   #define osFchmod    ((int(*)(int,mode_t))aSyscall[14].pCurrent)
   428    415   
   429    416   #if defined(HAVE_POSIX_FALLOCATE) && HAVE_POSIX_FALLOCATE
   430    417     { "fallocate",    (sqlite3_syscall_ptr)posix_fallocate,  0 },
   431    418   #else
   432    419     { "fallocate",    (sqlite3_syscall_ptr)0,                0 },
   433    420   #endif
................................................................................
   441    428   
   442    429     { "mkdir",        (sqlite3_syscall_ptr)mkdir,           0 },
   443    430   #define osMkdir     ((int(*)(const char*,mode_t))aSyscall[18].pCurrent)
   444    431   
   445    432     { "rmdir",        (sqlite3_syscall_ptr)rmdir,           0 },
   446    433   #define osRmdir     ((int(*)(const char*))aSyscall[19].pCurrent)
   447    434   
   448         -  { "fchown",       (sqlite3_syscall_ptr)posixFchown,     0 },
          435  +  { "fchown",       (sqlite3_syscall_ptr)fchown,          0 },
   449    436   #define osFchown    ((int(*)(int,uid_t,gid_t))aSyscall[20].pCurrent)
          437  +
          438  +  { "geteuid",      (sqlite3_syscall_ptr)geteuid,         0 },
          439  +#define osGeteuid   ((uid_t(*)(void))aSyscall[21].pCurrent)
   450    440   
   451    441   #if !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0
   452    442     { "mmap",       (sqlite3_syscall_ptr)mmap,     0 },
   453         -#define osMmap ((void*(*)(void*,size_t,int,int,int,off_t))aSyscall[21].pCurrent)
          443  +#define osMmap ((void*(*)(void*,size_t,int,int,int,off_t))aSyscall[22].pCurrent)
   454    444   
   455    445     { "munmap",       (sqlite3_syscall_ptr)munmap,          0 },
   456         -#define osMunmap ((void*(*)(void*,size_t))aSyscall[22].pCurrent)
          446  +#define osMunmap ((void*(*)(void*,size_t))aSyscall[23].pCurrent)
   457    447   
   458    448   #if HAVE_MREMAP
   459    449     { "mremap",       (sqlite3_syscall_ptr)mremap,          0 },
   460    450   #else
   461    451     { "mremap",       (sqlite3_syscall_ptr)0,               0 },
   462    452   #endif
   463         -#define osMremap ((void*(*)(void*,size_t,size_t,int,...))aSyscall[23].pCurrent)
          453  +#define osMremap ((void*(*)(void*,size_t,size_t,int,...))aSyscall[24].pCurrent)
          454  +
   464    455     { "getpagesize",  (sqlite3_syscall_ptr)unixGetpagesize, 0 },
   465         -#define osGetpagesize ((int(*)(void))aSyscall[24].pCurrent)
          456  +#define osGetpagesize ((int(*)(void))aSyscall[25].pCurrent)
   466    457   
   467    458     { "readlink",     (sqlite3_syscall_ptr)readlink,        0 },
   468         -#define osReadlink ((ssize_t(*)(const char*,char*,size_t))aSyscall[25].pCurrent)
          459  +#define osReadlink ((ssize_t(*)(const char*,char*,size_t))aSyscall[26].pCurrent)
   469    460   
   470    461   #endif
   471    462   
   472    463   }; /* End of the overrideable system calls */
   473    464   
          465  +
          466  +/*
          467  +** On some systems, calls to fchown() will trigger a message in a security
          468  +** log if they come from non-root processes.  So avoid calling fchown() if
          469  +** we are not running as root.
          470  +*/
          471  +static int robustFchown(int fd, uid_t uid, gid_t gid){
          472  +#if OS_VXWORKS
          473  +  return 0;
          474  +#else
          475  +  return osGeteuid() ? 0 : osFchown(fd,uid,gid);
          476  +#endif
          477  +}
          478  +
   474    479   /*
   475    480   ** This is the xSetSystemCall() method of sqlite3_vfs for all of the
   476    481   ** "unix" VFSes.  Return SQLITE_OK opon successfully updating the
   477    482   ** system call pointer, or SQLITE_NOTFOUND if there is no configurable
   478    483   ** system call named zName.
   479    484   */
   480    485   static int unixSetSystemCall(
................................................................................
  4339   4344           goto shm_open_err;
  4340   4345         }
  4341   4346   
  4342   4347         /* If this process is running as root, make sure that the SHM file
  4343   4348         ** is owned by the same user that owns the original database.  Otherwise,
  4344   4349         ** the original owner will not be able to connect.
  4345   4350         */
  4346         -      osFchown(pShmNode->h, sStat.st_uid, sStat.st_gid);
         4351  +      robustFchown(pShmNode->h, sStat.st_uid, sStat.st_gid);
  4347   4352     
  4348   4353         /* Check to see if another process is holding the dead-man switch.
  4349   4354         ** If not, truncate the file to zero length. 
  4350   4355         */
  4351   4356         rc = SQLITE_OK;
  4352   4357         if( unixShmSystemLock(pDbFd, F_WRLCK, UNIX_SHM_DMS, 1)==SQLITE_OK ){
  4353   4358           if( robust_ftruncate(pShmNode->h, 0) ){
................................................................................
  5823   5828       }
  5824   5829   
  5825   5830       /* If this process is running as root and if creating a new rollback
  5826   5831       ** journal or WAL file, set the ownership of the journal or WAL to be
  5827   5832       ** the same as the original database.
  5828   5833       */
  5829   5834       if( flags & (SQLITE_OPEN_WAL|SQLITE_OPEN_MAIN_JOURNAL) ){
  5830         -      osFchown(fd, uid, gid);
         5835  +      robustFchown(fd, uid, gid);
  5831   5836       }
  5832   5837     }
  5833   5838     assert( fd>=0 );
  5834   5839     if( pOutFlags ){
  5835   5840       *pOutFlags = flags;
  5836   5841     }
  5837   5842   
................................................................................
  7580   7585       UNIXVFS("unix-proxy",    proxyIoFinder ),
  7581   7586   #endif
  7582   7587     };
  7583   7588     unsigned int i;          /* Loop counter */
  7584   7589   
  7585   7590     /* Double-check that the aSyscall[] array has been constructed
  7586   7591     ** correctly.  See ticket [bb3a86e890c8e96ab] */
  7587         -  assert( ArraySize(aSyscall)==26 );
         7592  +  assert( ArraySize(aSyscall)==27 );
  7588   7593   
  7589   7594     /* Register all VFSes defined in the aVfs[] array */
  7590   7595     for(i=0; i<(sizeof(aVfs)/sizeof(sqlite3_vfs)); i++){
  7591   7596       sqlite3_vfs_register(&aVfs[i], i==0);
  7592   7597     }
  7593   7598     return SQLITE_OK; 
  7594   7599   }

Changes to test/syscall.test.

    56     56   #-------------------------------------------------------------------------
    57     57   # Tests for the xNextSystemCall method.
    58     58   #
    59     59   foreach s {
    60     60       open close access getcwd stat fstat ftruncate
    61     61       fcntl read pread write pwrite fchmod fallocate
    62     62       pread64 pwrite64 unlink openDirectory mkdir rmdir 
    63         -    statvfs fchown umask mmap munmap mremap
           63  +    statvfs fchown geteuid umask mmap munmap mremap
    64     64       getpagesize readlink
    65     65   } {
    66     66     if {[test_syscall exists $s]} {lappend syscall_list $s}
    67     67   }
    68     68   do_test 3.1 { lsort [test_syscall list] } [lsort $syscall_list]
    69     69   
    70     70   #-------------------------------------------------------------------------