GNU bug report logs - #8292
COREUTILS-8.9: Potential bug in tests/cp/preserve-gid

Previous Next

Full log

View this message in rfc822 format

From: gmail <arbogast.cedric <at> gmail.com>
To: Jim Meyering <jim <at> meyering.net>
Cc: 8292 <at> debbugs.gnu.org
Subject: bug#8292: COREUTILS-8.9: Potential bug in tests/cp/preserve-gid
Date: Sun, 20 Mar 2011 23:38:59 +0100

Le 20/03/2011 19:58, Jim Meyering a écrit :
> gmail wrote:
>> This patch is a way to solve  this problem :
>>
>> --- tests/cp/preserve-gid.orig  2011-01-01 22:19:23.000000000 +0100
>> +++ tests/cp/preserve-gid.cea   2011-03-20 14:05:19.000000000 +0100
>> @@ -56,7 +56,8 @@
>>     f=$1; shift
>>     u=$1; shift
>>     g=$1; shift
>> -  t0 "$f" "$u" "$g" setuidgid -g "$nameless_gid1,$nameless_gid2" \
>> +  t0 "$f" "$u" "$g" env PATH="../../src:$PATH" \
>> +      setuidgid -g "$nameless_gid1,$nameless_gid2" \
> Thanks for the suggestion, but that doesn't work when using a umask of 077.
> In that case, the cp executable is not usable by $nameless_uid, period,
> regardless of directory permissions.
>
> Here is a proposed patch that should do the trick:
>
>  From 3ed2bb6975f08597ab5ea216378ef27561309135 Mon Sep 17 00:00:00 2001
> From: Jim Meyering<meyering <at> redhat.com>
> Date: Sun, 20 Mar 2011 08:56:06 +0100
> Subject: [PATCH] tests: fix a bug in the cp/preserve-gid test
>
> * tests/cp/preserve-gid: Ensure that every process under test uses
> the cp binary we've just built.  Before this fix, the UID-changing
> tests would end up using whatever cp happened to be available through
> $PATH when umask or build-dir permissions were restrictive.
> Analysis by arbogast.cedric <at> gmail.com in http://debbugs.gnu.org/8292.
> ---
>   tests/cp/preserve-gid |   27 +++++++++++++++++++--------
>   1 files changed, 19 insertions(+), 8 deletions(-)
>
> diff --git a/tests/cp/preserve-gid b/tests/cp/preserve-gid
> index ac6d221..552032a 100755
> --- a/tests/cp/preserve-gid
> +++ b/tests/cp/preserve-gid
> @@ -52,14 +52,6 @@ t0() {
>     fi
>   }
>
> -t1() {
> -  f=$1; shift
> -  u=$1; shift
> -  g=$1; shift
> -  t0 "$f" "$u" "$g" setuidgid -g "$nameless_gid1,$nameless_gid2" \
> -      "$nameless_uid" "$@"
> -}
> -
>   nameless_uid=`$PERL -le '
>     foreach my $i (1000..16*1024-1)
>       {
> @@ -105,6 +97,25 @@ t0 b1 "$nameless_uid" "$nameless_gid2" cp -p
>   t0 c0 0 "$nameless_gid1" cp -p
>   t0 c1 0 "$nameless_gid2" cp -p
>
> +# For the remaining tests, we need a cp binary that is accessible to a user
> +# with UID of $nameless_uid.  The build directory may not be accessible,
> +# so create a temporary directory and copy cp into it, ensure that
> +# $nameless_uid can access it and then make that directory the search path.
> +tmp_path=
> +cleanup_() { rm -rf "$tmp_path"; }
> +tmp_path=$(mktemp -d) || fail_ "failed to create temporary directory"
> +cp "$abs_path_dir_/cp" "$tmp_path"
> +chown -R $nameless_uid "$tmp_path"
> +
> +t1() {
> +  f=$1; shift
> +  u=$1; shift
> +  g=$1; shift
> +  t0 "$f" "$u" "$g" env \
> +      setuidgid -g "$nameless_gid1,$nameless_gid2" \
> +      "$nameless_uid" env PATH="$tmp_path" "$@"
> +}
> +
>   t1 a0 "$nameless_uid" "$nameless_gid1" cp
>   t1 b0 "$nameless_uid" "$nameless_gid1" cp
>   t1 b1 "$nameless_uid" "$nameless_gid1" cp
> --
> 1.7.4.1.499.g53f9

The patch is efficient, the test is successfull on my build.
Thanks for considering my mail, sorry for the work overhead due to my 
lack of precision and my first wrong analysis.

Request me if needed for further tests/works/etc. relating to 
core-utils, i could get availability for.

Regards, Cedric.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.