Page MenuHomeFreeBSD
Differential D8657

capsicum_helpers: Squash errors from closed fds
ClosedPublic
Actions

Authored by cem on Nov 28 2016, 7:07 AM.
Tags
None
Referenced Files
Unknown Object (File)
Oct 27 2024, 4:54 AM
Unknown Object (File)
Oct 27 2024, 4:53 AM
Unknown Object (File)
Oct 27 2024, 4:53 AM
Unknown Object (File)
Oct 27 2024, 4:53 AM
Unknown Object (File)
Oct 27 2024, 4:38 AM
Unknown Object (File)
Oct 20 2024, 4:10 PM
Unknown Object (File)
Sep 24 2024, 4:52 AM
Unknown Object (File)
Sep 19 2024, 12:26 PM
View All 87 Files
Subscribers
None

Details

Reviewers
emaste
allanjude
oshogbo
Commits
rS309366: capsicum_helpers: Squash errors from closed fds
Summary

Squash EBADF from closed stdin, stdout, or stderr in caph_limit_stdio().
Any program used during special shell scripts may commonly be forked
from a parent process with closed standard stream. Do the common sense
thing for this common use.

Reported by: Iblis Lin <iblis AT hs.ntnu.edu.tw>

https://lists.freebsd.org/pipermail/freebsd-current/2016-November/063949.html

Test Plan

Tested with closed stdin:

$ truss basename $HOME <& -
...
cap_rights_limit(0x0,0x7fffffffe280)             ERR#9 'Bad file descriptor'
cap_rights_limit(0x1,0x7fffffffe280)             = 0 (0x0)
cap_ioctls_limit(0x1,0x7fffffffe270,0x2)         = 0 (0x0)
cap_fcntls_limit(0x1,0x8)                        = 0 (0x0)
cap_rights_limit(0x2,0x7fffffffe280)             = 0 (0x0)
cap_ioctls_limit(0x2,0x7fffffffe270,0x2)         = 0 (0x0)
cap_fcntls_limit(0x2,0x8)                        = 0 (0x0)
cap_enter()                                      = 0 (0x0)
fstat(1,{ mode=crw--w---- ,inode=124,size=0,blksize=4096 }) = 0 (0x0)
ioctl(1,TIOCGETA,0xffffe0c0)                     = 0 (0x0)
write(1,"cmeyer\n",7)                            = 7 (0x7)
...

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

cem updated this revision to Diff 22560.Nov 28 2016, 7:07 AM
cem retitled this revision from to capsicum_helpers: Squash errors from closed fds.
cem updated this object.
cem edited the test plan for this revision. (Show Details)
cem added reviewers: emaste, oshogbo, allanjude.
oshogbo edited edge metadata.Nov 28 2016, 7:22 AM

We have special flag to the caph_limit_stream() to ignore EBADF.

cem added a comment.Nov 28 2016, 7:31 AM
In D8657#179470, @oshogbo wrote:

We have special flag to the caph_limit_stream() to ignore EBADF.

Yes, but caph_limit_stdin and friends do not take a flag argument. They could be replaced with several caph_limit_stream() calls instead, I guess. The approaches are functionally equivalent; if you think the style would be better that way, it's fine with me.

cem updated this revision to Diff 22582.Nov 28 2016, 7:07 PM
cem edited edge metadata.

Use caph_limit_stream() to ignore EBADF rather than handling directly in
caph_limit_stdio().

oshogbo accepted this revision.Dec 1 2016, 12:25 PM
oshogbo edited edge metadata.
oshogbo added inline comments.
lib/libcapsicum/capsicum_helpers.h
98 ↗(On Diff #22582)

It's over 80.
Otherwise I agree with that change.

This revision is now accepted and ready to land.Dec 1 2016, 12:25 PM
Closed by commit rS309366: capsicum_helpers: Squash errors from closed fds (authored by cem). · Explain WhyDec 1 2016, 5:29 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
lib/
libcapsicum/
8 lines

Diff 22644

View Options

head/lib/libcapsicum/capsicum_helpers.h

Loading...