20 января 2011 г. 2:35 пользователь Dmitry V. Levin <ldv@altlinux.org> написал:
On Tue, Jul 27, 2010 at 08:14:12PM +0600, Марк Коренберг wrote:
> I have set up bad NFS server.
> All  user/group of files became 4294967294:4294967294.
>
> I have /bin/mount set-uid bit.
>
> So, when mount executes it will have euid=4294967294.
> When I do strace mount .... I see geteuid32() = -1 ENOENT (No such file or
> directory), But man says that this syscall never return error...

Thanks for the report, and sorry for the long delay.

> Please fix. This syscall return unsigned integer (uid_t). Please check other
> syscalls returning uid_t

This bug was not so easily fixable because strace had no notion of
syscalls that are always successful.

Here is a test case:
$ cat tgid.c
#include <unistd.h>
#include <sys/fsuid.h>
int main(void)
{
       const gid_t gid = -18;
       setgid(gid);
       getegid();
       setfsgid(gid);
       return 0;
}
$ gcc -std=gnu99 -m32 -O2 -Wall tgid.c -o tgid32
$ gcc -std=gnu99 -m64 -O2 -Wall tgid.c -o tgid64
# strace32 -e trace=setgid,setgid32,setfsgid,setfsgid32,getegid,getegid32 ./tgid32
setgid32(4294967278)                    = 0
getegid32()                             = -1 EXDEV (Invalid cross-device link)
setfsgid32(4294967278)                  = -1 EXDEV (Invalid cross-device link)
# strace64 -e trace=setgid,setgid32,setfsgid,setfsgid32,getegid,getegid32 ./tgid32
[ Process PID=5678 runs in 32 bit mode. ]
setgid32(4294967278)                    = 0
getegid32()                             = -1 EXDEV (Invalid cross-device link)
setfsgid32(4294967278)                  = -1 EXDEV (Invalid cross-device link)
# strace64 -e trace=setgid,setgid32,setfsgid,setfsgid32,getegid,getegid32 ./tgid64
setgid(4294967278)                      = 0
getegid()                               = 4294967278
setfsgid(4294967278)                    = -1 EXDEV (Invalid cross-device link)

And here is a proposed fix:
http://strace.git.sourceforge.net/git/gitweb.cgi?p=strace/strace;a=commitdiff;h=v4.5.20-61-g50a218d


--
ldv

Well, well :)

There are more syscalls that never fail. For example, getpid, getppid, gettid, getpagesize
It should be checked, but maybe all syscalls returning pid_t ?

There are some VERY strange places in kernel. see getpriority / setpriority syscall about return value and errno


Also, it is desirable to add flag MAY_FAIL to destinguish between syscalls that may fail and syscalls for which we do not have information.




--
Segmentation fault