From 498fce80ef33d6ee11aed6f3bd8feda277bc4b30 Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Thu, 9 Feb 2023 21:55:18 +0100 Subject: [PATCH] Cygwin: get_posix_access: Make mode_t parameter mandatory Avoid the mistake fixed in the preceeding commit by passing the mode_t argument by reference. This also affects a couple other functions calling get_posix_access in turn. Fixes: bc444e5aa4ca ("Reapply POSIX ACL changes.") Signed-off-by: Corinna Vinschen --- winsup/cygwin/fhandler/disk_file.cc | 10 +++++----- winsup/cygwin/fhandler/mqueue.cc | 2 +- winsup/cygwin/fhandler/procsys.cc | 6 +++--- winsup/cygwin/fhandler/pty.cc | 12 ++++++------ winsup/cygwin/fhandler/registry.cc | 2 +- winsup/cygwin/local_includes/security.h | 8 ++++---- winsup/cygwin/sec/acl.cc | 19 +++++++------------ winsup/cygwin/sec/base.cc | 8 ++++---- 8 files changed, 31 insertions(+), 36 deletions(-) diff --git a/winsup/cygwin/fhandler/disk_file.cc b/winsup/cygwin/fhandler/disk_file.cc index 15dc24ffe..8528f7f8d 100644 --- a/winsup/cygwin/fhandler/disk_file.cc +++ b/winsup/cygwin/fhandler/disk_file.cc @@ -464,16 +464,16 @@ fhandler_base::fstat_helper (struct stat *buf) else if (pc.issymlink ()) { buf->st_size = pc.get_symlink_length (); + get_file_attribute (h, pc, buf->st_mode, + &buf->st_uid, &buf->st_gid); /* symlinks are everything for everyone! */ buf->st_mode = S_IFLNK | S_IRWXU | S_IRWXG | S_IRWXO; - get_file_attribute (h, pc, NULL, - &buf->st_uid, &buf->st_gid); goto done; } else if (pc.issocket ()) buf->st_mode = S_IFSOCK; - if (!get_file_attribute (h, pc, &buf->st_mode, &buf->st_uid, &buf->st_gid)) + if (!get_file_attribute (h, pc, buf->st_mode, &buf->st_uid, &buf->st_gid)) { /* If read-only attribute is set, modify ntsec return value */ if (::has_attribute (attributes, FILE_ATTRIBUTE_READONLY) @@ -769,7 +769,7 @@ fhandler_disk_file::fchmod (mode_t mode) if (!get_file_sd (get_handle (), pc, sd, false)) { aclp = (aclent_t *) tp.c_get (); - if ((nentries = get_posix_access (sd, &attr, &uid, &gid, + if ((nentries = get_posix_access (sd, attr, &uid, &gid, aclp, MAX_ACL_ENTRIES, &standard_acl)) >= 0) { @@ -879,7 +879,7 @@ fhandler_disk_file::fchown (uid_t uid, gid_t gid) goto out; aclp = (aclent_t *) tp.c_get (); - if ((nentries = get_posix_access (sd, &attr, &old_uid, &old_gid, + if ((nentries = get_posix_access (sd, attr, &old_uid, &old_gid, aclp, MAX_ACL_ENTRIES)) < 0) goto out; diff --git a/winsup/cygwin/fhandler/mqueue.cc b/winsup/cygwin/fhandler/mqueue.cc index 6b94bca85..2bf2cb0ea 100644 --- a/winsup/cygwin/fhandler/mqueue.cc +++ b/winsup/cygwin/fhandler/mqueue.cc @@ -251,7 +251,7 @@ fhandler_mqueue::mqinfo_open (int flags) __seterrno_from_nt_status (status); return NULL; } - if (get_file_attribute (get_handle (), pc, &mode, NULL, NULL)) + if (get_file_attribute (get_handle (), pc, mode, NULL, NULL)) mode = STD_RBITS | STD_WBITS; return _mqinfo (fsi.EndOfFile.QuadPart, mode, flags, true); diff --git a/winsup/cygwin/fhandler/procsys.cc b/winsup/cygwin/fhandler/procsys.cc index cd1d35984..4fa00481a 100644 --- a/winsup/cygwin/fhandler/procsys.cc +++ b/winsup/cygwin/fhandler/procsys.cc @@ -86,7 +86,7 @@ fhandler_procsys::exists (struct stat *buf) { /* If requested, check permissions. */ if (buf) - get_object_attribute (h, &buf->st_uid, &buf->st_gid, &buf->st_mode); + get_object_attribute (h, &buf->st_uid, &buf->st_gid, buf->st_mode); NtClose (h); return virt_symlink; } @@ -99,7 +99,7 @@ fhandler_procsys::exists (struct stat *buf) { /* If requested, check permissions. */ if (buf) - get_object_attribute (h, &buf->st_uid, &buf->st_gid, &buf->st_mode); + get_object_attribute (h, &buf->st_uid, &buf->st_gid, buf->st_mode); NtClose (h); return virt_directory; } @@ -164,7 +164,7 @@ fhandler_procsys::exists (struct stat *buf) /* If requested, check permissions. If this is a parent handle from the above desperate parent check, skip. */ if (buf && !desperate_parent_check) - get_object_attribute (h, &buf->st_uid, &buf->st_gid, &buf->st_mode); + get_object_attribute (h, &buf->st_uid, &buf->st_gid, buf->st_mode); /* Check for the device type. */ status = NtQueryVolumeInformationFile (h, &io, &ffdi, sizeof ffdi, diff --git a/winsup/cygwin/fhandler/pty.cc b/winsup/cygwin/fhandler/pty.cc index 718709580..0dac80a16 100644 --- a/winsup/cygwin/fhandler/pty.cc +++ b/winsup/cygwin/fhandler/pty.cc @@ -1793,7 +1793,7 @@ fhandler_pty_slave::fstat (struct stat *st) st->st_mode = S_IFCHR; if (!input_available_event || get_object_attribute (input_available_event, &st->st_uid, &st->st_gid, - &st->st_mode)) + st->st_mode)) { /* If we can't access the ACL, or if the tty doesn't actually exist, then fake uid and gid to strict, system-like values. */ @@ -1839,7 +1839,7 @@ fhandler_pty_slave::facl (int cmd, int nentries, aclent_t *aclbufp) if (!input_available_event || get_object_sd (input_available_event, sd)) { - res = get_posix_access (NULL, &attr, NULL, NULL, aclbufp, nentries); + res = get_posix_access (NULL, attr, NULL, NULL, aclbufp, nentries); if (aclbufp && res == MIN_ACL_ENTRIES) { aclbufp[0].a_perm = S_IROTH | S_IWOTH; @@ -1849,9 +1849,9 @@ fhandler_pty_slave::facl (int cmd, int nentries, aclent_t *aclbufp) break; } if (cmd == GETACL) - res = get_posix_access (sd, &attr, NULL, NULL, aclbufp, nentries); + res = get_posix_access (sd, attr, NULL, NULL, aclbufp, nentries); else - res = get_posix_access (sd, &attr, NULL, NULL, NULL, 0); + res = get_posix_access (sd, attr, NULL, NULL, NULL, 0); break; default: set_errno (EINVAL); @@ -1935,7 +1935,7 @@ fhandler_pty_slave::fchmod (mode_t mode) } sd.malloc (sizeof (SECURITY_DESCRIPTOR)); RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION); - if (!get_object_attribute (input_available_event, &uid, &gid, &orig_mode) + if (!get_object_attribute (input_available_event, &uid, &gid, orig_mode) && !create_object_sd_from_attribute (uid, gid, S_IFCHR | mode, sd)) ret = fch_set_sd (sd, false); errout: @@ -1964,7 +1964,7 @@ fhandler_pty_slave::fchown (uid_t uid, gid_t gid) } sd.malloc (sizeof (SECURITY_DESCRIPTOR)); RtlCreateSecurityDescriptor (sd, SECURITY_DESCRIPTOR_REVISION); - if (!get_object_attribute (input_available_event, &o_uid, &o_gid, &mode)) + if (!get_object_attribute (input_available_event, &o_uid, &o_gid, mode)) { if (uid == ILLEGAL_UID) uid = o_uid; diff --git a/winsup/cygwin/fhandler/registry.cc b/winsup/cygwin/fhandler/registry.cc index 2830c708a..ac413af9b 100644 --- a/winsup/cygwin/fhandler/registry.cc +++ b/winsup/cygwin/fhandler/registry.cc @@ -552,7 +552,7 @@ fhandler_registry::fstat (struct stat *buf) } uid_t uid; gid_t gid; - if (get_reg_attribute (hKey, &buf->st_mode, &uid, &gid) == 0) + if (get_reg_attribute (hKey, buf->st_mode, &uid, &gid) == 0) { buf->st_uid = uid; buf->st_gid = gid; diff --git a/winsup/cygwin/local_includes/security.h b/winsup/cygwin/local_includes/security.h index 41b4e275f..0316b753d 100644 --- a/winsup/cygwin/local_includes/security.h +++ b/winsup/cygwin/local_includes/security.h @@ -411,17 +411,17 @@ legal_sid_type (SID_NAME_USE type) class path_conv; /* File manipulation */ -int get_file_attribute (HANDLE, path_conv &, mode_t *, +int get_file_attribute (HANDLE, path_conv &, mode_t &, uid_t *, gid_t *); int set_created_file_access (HANDLE, path_conv &, mode_t); int get_object_sd (HANDLE, security_descriptor &); -int get_object_attribute (HANDLE, uid_t *, gid_t *, mode_t *); +int get_object_attribute (HANDLE, uid_t *, gid_t *, mode_t &); int set_object_attribute (HANDLE, uid_t, gid_t, mode_t); int create_object_sd_from_attribute (uid_t, gid_t, mode_t, security_descriptor &); int set_object_sd (HANDLE, security_descriptor &, bool); -int get_reg_attribute (HKEY hkey, mode_t *, uid_t *, gid_t *); +int get_reg_attribute (HKEY hkey, mode_t &, uid_t *, gid_t *); LONG get_file_sd (HANDLE fh, path_conv &, security_descriptor &, bool); LONG set_file_sd (HANDLE fh, path_conv &, security_descriptor &, bool); bool add_access_allowed_ace (PACL, DWORD, PSID, size_t &, DWORD); @@ -441,7 +441,7 @@ struct acl; int searchace (struct acl *, int, int, uid_t id = ILLEGAL_UID); PSECURITY_DESCRIPTOR set_posix_access (mode_t, uid_t, gid_t, struct acl *, int, security_descriptor &, bool); -int get_posix_access (PSECURITY_DESCRIPTOR, mode_t *, uid_t *, gid_t *, +int get_posix_access (PSECURITY_DESCRIPTOR, mode_t &, uid_t *, gid_t *, struct acl *, int, bool * = NULL); int getacl (HANDLE, path_conv &, int, struct acl *); int setacl (HANDLE, path_conv &, int, struct acl *, bool &); diff --git a/winsup/cygwin/sec/acl.cc b/winsup/cygwin/sec/acl.cc index 5c23e22b6..2fd08ad62 100644 --- a/winsup/cygwin/sec/acl.cc +++ b/winsup/cygwin/sec/acl.cc @@ -577,7 +577,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp, if (get_file_sd (handle, pc, sd, false)) return -1; - if (get_posix_access (sd, &attr, &uid, &gid, NULL, 0) < 0) + if (get_posix_access (sd, attr, &uid, &gid, NULL, 0) < 0) return -1; if (!set_posix_access (attr, uid, gid, aclbufp, nentries, sd_ret, pc.fs_is_samba ())) @@ -644,7 +644,7 @@ getace (aclent_t &acl, int type, int id, DWORD win_ace_mask, stock POSIX perms even if Administrators and SYSTEM is in the ACE. */ int get_posix_access (PSECURITY_DESCRIPTOR psd, - mode_t *attr_ret, uid_t *uid_ret, gid_t *gid_ret, + mode_t &attr_ret, uid_t *uid_ret, gid_t *gid_ret, aclent_t *aclbufp, int nentries, bool *std_acl) { tmp_pathbuf tp; @@ -689,8 +689,7 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, unreadable. */ if (!psd) { - if (attr_ret) - *attr_ret &= S_IFMT; + attr_ret &= S_IFMT; if (uid_ret) *uid_ret = ACL_UNDEFINED_ID; if (gid_ret) @@ -732,11 +731,8 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, /* Set uidret, gidret, and initalize attributes. */ uid = owner_sid.get_uid (&cldap); gid = group_sid.get_gid (&cldap); - if (attr_ret) - { - attr = *attr_ret & S_IFMT; - just_created = *attr_ret & S_JUSTCREATED; - } + attr = attr_ret & S_IFMT; + just_created = attr_ret & S_JUSTCREATED; /* Remember the fact that owner and group are the same account. */ owner_eq_group = owner_sid == group_sid; @@ -1174,8 +1170,7 @@ out: *uid_ret = uid; if (gid_ret) *gid_ret = gid; - if (attr_ret) - *attr_ret = attr; + attr_ret = attr; if (aclbufp) { if (pos > nentries) @@ -1201,7 +1196,7 @@ getacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp) if (get_file_sd (handle, pc, sd, false)) return -1; - int pos = get_posix_access (sd, &attr, NULL, NULL, aclbufp, nentries); + int pos = get_posix_access (sd, attr, NULL, NULL, aclbufp, nentries); syscall_printf ("%R = getacl(%S)", pos, pc.get_nt_native_path ()); return pos; } diff --git a/winsup/cygwin/sec/base.cc b/winsup/cygwin/sec/base.cc index e84bc2aee..8b04b40b4 100644 --- a/winsup/cygwin/sec/base.cc +++ b/winsup/cygwin/sec/base.cc @@ -276,7 +276,7 @@ get_reg_sd (HANDLE handle, security_descriptor &sd_ret) } int -get_reg_attribute (HKEY hkey, mode_t *attribute, uid_t *uidret, +get_reg_attribute (HKEY hkey, mode_t &attribute, uid_t *uidret, gid_t *gidret) { security_descriptor sd; @@ -292,7 +292,7 @@ get_reg_attribute (HKEY hkey, mode_t *attribute, uid_t *uidret, int get_file_attribute (HANDLE handle, path_conv &pc, - mode_t *attribute, uid_t *uidret, gid_t *gidret) + mode_t &attribute, uid_t *uidret, gid_t *gidret) { if (pc.has_acls ()) { @@ -399,7 +399,7 @@ get_object_sd (HANDLE handle, security_descriptor &sd) int get_object_attribute (HANDLE handle, uid_t *uidret, gid_t *gidret, - mode_t *attribute) + mode_t &attribute) { security_descriptor sd; @@ -462,7 +462,7 @@ set_created_file_access (HANDLE handle, path_conv &pc, mode_t attr) attr |= S_IFDIR; attr_rd = attr; aclp = (aclent_t *) tp.c_get (); - if ((nentries = get_posix_access (sd, &attr_rd, &uid, &gid, aclp, + if ((nentries = get_posix_access (sd, attr_rd, &uid, &gid, aclp, MAX_ACL_ENTRIES, &std_acl)) >= 0) { if (S_ISLNK (attr)) -- 2.43.5