GNU bug report logs -
#66531
[PATCH] ftw: Fix getuid-or-false, getgid-or-false macros.
Previous Next
Reported by: Tomas Volf <~@wolfsden.cz>
Date: Fri, 13 Oct 2023 16:19:02 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your bug report
#66531: [PATCH] ftw: Fix getuid-or-false, getgid-or-false macros.
which was filed against the guile package, has been closed.
The explanation is attached below, along with your original report.
If you require more details, please reply to 66531 <at> debbugs.gnu.org.
--
66531: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=66531
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
Tomas Volf <wolf <at> wolfsden.cz> skribis:
> Both macros were missing a quote for the procedure call, causing the
> actual return value to be compiled into the ftw.go, instead of the
> procedure call. Snippet from disassembly of ftw.go does confirm that:
>
> 55 (make-immediate 2 3990) ;; 997 at ice-9/ftw.scm:319:46
> 56 (make-long-immediate 1 120002) ;; 30000 at ice-9/ftw.scm:320:46
>
> That effectively prevented ftw from entering directories without access
> for others. Simple reproduction:
>
> scheme@(guile-user)> ,use (ice-9 ftw)
> scheme@(guile-user)> (mkdir "/tmp/xxxx")
> scheme@(guile-user)> (chmod "/tmp/xxxx" #o0700)
> scheme@(guile-user)> (ftw "/tmp/xxxx" (lambda (_ __ f) (pk f) #t))
>
> ;;; (directory-not-readable)
> $1 = #t
> scheme@(guile-user)> (system "ls -al /tmp/xxxx")
> total 0
> drwx------ 1 wolf wolf 0 Oct 11 22:54 .
> drwxrwxrwt 1 root root 888 Oct 11 22:54 ..
> $2 = 0
>
> The fix is to quote the procedure call, leading to the intended
> behavior.
>
> This fixes bug 55344.
>
> * module/ice-9/ftw.scm (getuid-or-false): Quote the (getuid).
> (getgid-or-false): Quote the (getgid).
Applied, thanks!
[Message part 3 (message/rfc822, inline)]
Both macros were missing a quote for the procedure call, causing the
actual return value to be compiled into the ftw.go, instead of the
procedure call. Snippet from disassembly of ftw.go does confirm that:
55 (make-immediate 2 3990) ;; 997 at ice-9/ftw.scm:319:46
56 (make-long-immediate 1 120002) ;; 30000 at ice-9/ftw.scm:320:46
That effectively prevented ftw from entering directories without access
for others. Simple reproduction:
scheme@(guile-user)> ,use (ice-9 ftw)
scheme@(guile-user)> (mkdir "/tmp/xxxx")
scheme@(guile-user)> (chmod "/tmp/xxxx" #o0700)
scheme@(guile-user)> (ftw "/tmp/xxxx" (lambda (_ __ f) (pk f) #t))
;;; (directory-not-readable)
$1 = #t
scheme@(guile-user)> (system "ls -al /tmp/xxxx")
total 0
drwx------ 1 wolf wolf 0 Oct 11 22:54 .
drwxrwxrwt 1 root root 888 Oct 11 22:54 ..
$2 = 0
The fix is to quote the procedure call, leading to the intended
behavior.
This fixes bug 55344.
* module/ice-9/ftw.scm (getuid-or-false): Quote the (getuid).
(getgid-or-false): Quote the (getgid).
---
module/ice-9/ftw.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/module/ice-9/ftw.scm b/module/ice-9/ftw.scm
index ac6aa6316..8496086a1 100644
--- a/module/ice-9/ftw.scm
+++ b/module/ice-9/ftw.scm
@@ -201,12 +201,12 @@
(define-macro (getuid-or-false)
(if (defined? 'getuid)
- (getuid)
+ '(getuid)
#f))
(define-macro (getgid-or-false)
(if (defined? 'getgid)
- (getgid)
+ '(getgid)
#f))
(define (directory-files dir)
--
2.41.0
This bug report was last modified 1 year and 207 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.