secure_getenv test should write errors to standard output

This way, they end up in the log file.  Also skip the test if no GID can
be found.
This commit is contained in:
Florian Weimer 2012-07-31 09:55:38 +02:00
parent bea9b19322
commit 2bc1387273
2 changed files with 34 additions and 27 deletions

View File

@ -1,3 +1,9 @@
2012-07-31 Florian Weimer <fweimer@redhat.com>
* stdlib/tst-secure-getenv.c: Use printf for error reporting.
Exit with zero in case no suitable GID is found, and write a
message to standard error.
2012-07-30 Roland McGrath <roland@hack.frob.com> 2012-07-30 Roland McGrath <roland@hack.frob.com>
* sysdeps/generic/sys/param.h (MAXSYMLINKS): Define to SYMLOOP_MAX * sysdeps/generic/sys/param.h (MAXSYMLINKS): Define to SYMLOOP_MAX

View File

@ -45,7 +45,7 @@ choose_gid (void)
int ret = getgroups (count, groups); int ret = getgroups (count, groups);
if (ret < 0) if (ret < 0)
{ {
perror ("getgroups"); printf ("getgroups: %m\n");
exit (1); exit (1);
} }
gid_t current = getgid (); gid_t current = getgid ();
@ -72,29 +72,29 @@ run_executable_sgid (gid_t target)
if (asprintf (&dirname, "%s/secure-getenv.%jd", if (asprintf (&dirname, "%s/secure-getenv.%jd",
test_dir, (intmax_t) getpid ()) < 0) test_dir, (intmax_t) getpid ()) < 0)
{ {
perror ("asprintf"); printf ("asprintf: %m\n");
goto err; goto err;
} }
if (mkdir (dirname, 0700) < 0) if (mkdir (dirname, 0700) < 0)
{ {
perror ("mkdir"); printf ("mkdir: %m\n");
goto err; goto err;
} }
if (asprintf (&execname, "%s/bin", dirname) < 0) if (asprintf (&execname, "%s/bin", dirname) < 0)
{ {
perror ("asprintf"); printf ("asprintf: %m\n");
goto err; goto err;
} }
infd = open ("/proc/self/exe", O_RDONLY); infd = open ("/proc/self/exe", O_RDONLY);
if (infd < 0) if (infd < 0)
{ {
perror ("open"); printf ("open (/proc/self/exe): %m\n");
goto err; goto err;
} }
outfd = open (execname, O_WRONLY | O_CREAT | O_EXCL, 0700); outfd = open (execname, O_WRONLY | O_CREAT | O_EXCL, 0700);
if (outfd < 0) if (outfd < 0)
{ {
perror ("open"); printf ("open (%s): %m\n", execname);
goto err; goto err;
} }
char buf[4096]; char buf[4096];
@ -103,7 +103,7 @@ run_executable_sgid (gid_t target)
ssize_t rdcount = read (infd, buf, sizeof (buf)); ssize_t rdcount = read (infd, buf, sizeof (buf));
if (rdcount < 0) if (rdcount < 0)
{ {
perror ("read"); printf ("read: %m\n");
goto err; goto err;
} }
if (rdcount == 0) if (rdcount == 0)
@ -117,7 +117,7 @@ run_executable_sgid (gid_t target)
errno = ENOSPC; errno = ENOSPC;
if (wrcount <= 0) if (wrcount <= 0)
{ {
perror ("write"); printf ("write: %m\n");
goto err; goto err;
} }
p += wrcount; p += wrcount;
@ -125,29 +125,29 @@ run_executable_sgid (gid_t target)
} }
if (fchown (outfd, getuid (), target) < 0) if (fchown (outfd, getuid (), target) < 0)
{ {
perror ("fchown"); printf ("fchown (%s): %m\n", execname);
goto err; goto err;
} }
if (fchmod (outfd, 02750) < 0) if (fchmod (outfd, 02750) < 0)
{ {
perror ("fchmod"); printf ("fchmod (%s): %m\n", execname);
goto err; goto err;
} }
if (close (outfd) < 0) if (close (outfd) < 0)
{ {
perror ("close"); printf ("close (outfd): %m\n");
goto err; goto err;
} }
if (close (infd) < 0) if (close (infd) < 0)
{ {
perror ("close"); printf ("close (infd): %m\n");
goto err; goto err;
} }
int kid = fork (); int kid = fork ();
if (kid < 0) if (kid < 0)
{ {
perror ("fork"); printf ("fork: %m\n");
goto err; goto err;
} }
if (kid == 0) if (kid == 0)
@ -155,19 +155,19 @@ run_executable_sgid (gid_t target)
/* Child process. */ /* Child process. */
char *args[] = { execname, MAGIC_ARGUMENT, NULL }; char *args[] = { execname, MAGIC_ARGUMENT, NULL };
execve (execname, args, environ); execve (execname, args, environ);
perror ("execve"); printf ("execve (%s): %m\n", execname);
_exit (1); _exit (1);
} }
int status; int status;
if (waitpid (kid, &status, 0) < 0) if (waitpid (kid, &status, 0) < 0)
{ {
perror ("waitpid"); printf ("waitpid: %m\n");
goto err; goto err;
} }
if (!WIFEXITED (status) || WEXITSTATUS (status) != MAGIC_STATUS) if (!WIFEXITED (status) || WEXITSTATUS (status) != MAGIC_STATUS)
{ {
fprintf (stderr, "Unexpected exit status %d from child process\n", printf ("Unexpected exit status %d from child process\n",
status); status);
goto err; goto err;
} }
ret = 0; ret = 0;
@ -195,27 +195,28 @@ do_test (void)
{ {
if (getenv ("PATH") == NULL) if (getenv ("PATH") == NULL)
{ {
fprintf (stderr, "PATH not set\n"); printf ("PATH not set\n");
exit (1); exit (1);
} }
if (secure_getenv ("PATH") == NULL) if (secure_getenv ("PATH") == NULL)
{ {
fprintf (stderr, "PATH not set according to secure_getenv\n"); printf ("PATH not set according to secure_getenv\n");
exit (1); exit (1);
} }
if (strcmp (getenv ("PATH"), secure_getenv ("PATH")) != 0) if (strcmp (getenv ("PATH"), secure_getenv ("PATH")) != 0)
{ {
fprintf (stderr, "PATH mismatch (%s, %s)\n", printf ("PATH mismatch (%s, %s)\n",
getenv ("PATH"), secure_getenv ("PATH")); getenv ("PATH"), secure_getenv ("PATH"));
exit (1); exit (1);
} }
gid_t target = choose_gid (); gid_t target = choose_gid ();
if (target == 0) if (target == 0)
{ {
fprintf (stderr, "Could not find a suitable GID user %jd\n", fprintf (stderr,
"Could not find a suitable GID for user %jd, skipping test\n",
(intmax_t) getuid ()); (intmax_t) getuid ());
exit (1); exit (0);
} }
return run_executable_sgid (target); return run_executable_sgid (target);
} }
@ -227,18 +228,18 @@ alternative_main (int argc, char **argv)
{ {
if (getgid () == getegid ()) if (getgid () == getegid ())
{ {
fprintf (stderr, "SGID failed: GID and EGID match (%jd)\n", printf ("SGID failed: GID and EGID match (%jd)\n",
(intmax_t) getgid ()); (intmax_t) getgid ());
exit (2); exit (2);
} }
if (getenv ("PATH") == NULL) if (getenv ("PATH") == NULL)
{ {
fprintf (stderr, "PATH variable not present\n"); printf ("PATH variable not present\n");
exit (3); exit (3);
} }
if (secure_getenv ("PATH") != NULL) if (secure_getenv ("PATH") != NULL)
{ {
fprintf (stderr, "PATH variable not filtered out\n"); printf ("PATH variable not filtered out\n");
exit (4); exit (4);
} }
exit (MAGIC_STATUS); exit (MAGIC_STATUS);