1 /* Capture output from a subprocess.
2 Copyright (C) 2017-2023 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
18
19 #include <support/subprocess.h>
20 #include <support/capture_subprocess.h>
21
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <stdlib.h>
25 #include <support/check.h>
26 #include <support/xunistd.h>
27 #include <support/xsocket.h>
28 #include <support/xspawn.h>
29 #include <support/support.h>
30 #include <support/test-driver.h>
31
32 static void
33 transfer (const char *what, struct pollfd *pfd, struct xmemstream *stream)
34 {
35 if (pfd->revents != 0)
36 {
37 char buf[1024];
38 ssize_t ret = TEMP_FAILURE_RETRY (read (pfd->fd, buf, sizeof (buf)));
39 if (ret < 0)
40 {
41 support_record_failure ();
42 printf ("error: reading from subprocess %s: %m\n", what);
43 pfd->events = 0;
44 pfd->revents = 0;
45 }
46 else if (ret == 0)
47 {
48 /* EOF reached. Stop listening. */
49 pfd->events = 0;
50 pfd->revents = 0;
51 }
52 else
53 /* Store the data just read. */
54 TEST_VERIFY (fwrite (buf, ret, 1, stream->out) == 1);
55 }
56 }
57
58 static void
59 support_capture_poll (struct support_capture_subprocess *result,
60 struct support_subprocess *proc)
61 {
62 struct pollfd fds[2] =
63 {
64 { .fd = proc->stdout_pipe[0], .events = POLLIN },
65 { .fd = proc->stderr_pipe[0], .events = POLLIN },
66 };
67
68 do
69 {
70 xpoll (fds, 2, -1);
71 transfer ("stdout", &fds[0], &result->out);
72 transfer ("stderr", &fds[1], &result->err);
73 }
74 while (fds[0].events != 0 || fds[1].events != 0);
75
76 xfclose_memstream (&result->out);
77 xfclose_memstream (&result->err);
78
79 result->status = support_process_wait (proc);
80 }
81
82 struct support_capture_subprocess
83 support_capture_subprocess (void (*callback) (void *), void *closure)
84 {
85 struct support_capture_subprocess result;
86 xopen_memstream (&result.out);
87 xopen_memstream (&result.err);
88
89 struct support_subprocess proc = support_subprocess (callback, closure);
90
91 support_capture_poll (&result, &proc);
92 return result;
93 }
94
95 struct support_capture_subprocess
96 support_capture_subprogram (const char *file, char *const argv[])
97 {
98 struct support_capture_subprocess result;
99 xopen_memstream (&result.out);
100 xopen_memstream (&result.err);
101
102 struct support_subprocess proc = support_subprogram (file, argv);
103
104 support_capture_poll (&result, &proc);
105 return result;
106 }
107
108 /* Copies the executable into a restricted directory, so that we can
109 safely make it SGID with the TARGET group ID. Then runs the
110 executable. */
111 static int
112 copy_and_spawn_sgid (char *child_id, gid_t gid)
113 {
114 char *dirname = xasprintf ("%s/tst-tunables-setuid.%jd",
115 test_dir, (intmax_t) getpid ());
116 char *execname = xasprintf ("%s/bin", dirname);
117 int infd = -1;
118 int outfd = -1;
119 int ret = 1, status = 1;
120
121 TEST_VERIFY (mkdir (dirname, 0700) == 0);
122 if (support_record_failure_is_failed ())
123 goto err;
124
125 infd = open ("/proc/self/exe", O_RDONLY);
126 if (infd < 0)
127 FAIL_UNSUPPORTED ("unsupported: Cannot read binary from procfs\n");
128
129 outfd = open (execname, O_WRONLY | O_CREAT | O_EXCL, 0700);
130 TEST_VERIFY (outfd >= 0);
131 if (support_record_failure_is_failed ())
132 goto err;
133
134 char buf[4096];
135 for (;;)
136 {
137 ssize_t rdcount = read (infd, buf, sizeof (buf));
138 TEST_VERIFY (rdcount >= 0);
139 if (support_record_failure_is_failed ())
140 goto err;
141 if (rdcount == 0)
142 break;
143 char *p = buf;
144 char *end = buf + rdcount;
145 while (p != end)
146 {
147 ssize_t wrcount = write (outfd, buf, end - p);
148 if (wrcount == 0)
149 errno = ENOSPC;
150 TEST_VERIFY (wrcount > 0);
151 if (support_record_failure_is_failed ())
152 goto err;
153 p += wrcount;
154 }
155 }
156
157 bool chowned = false;
158 TEST_VERIFY ((chowned = fchown (outfd, getuid (), gid) == 0)
159 || errno == EPERM);
160 if (support_record_failure_is_failed ())
161 goto err;
162 else if (!chowned)
163 {
164 ret = 77;
165 goto err;
166 }
167
168 TEST_VERIFY (fchmod (outfd, 02750) == 0);
169 if (support_record_failure_is_failed ())
170 goto err;
171 TEST_VERIFY (close (outfd) == 0);
172 if (support_record_failure_is_failed ())
173 goto err;
174 TEST_VERIFY (close (infd) == 0);
175 if (support_record_failure_is_failed ())
176 goto err;
177
178 /* We have the binary, now spawn the subprocess. Avoid using
179 support_subprogram because we only want the program exit status, not the
180 contents. */
181 ret = 0;
182 infd = outfd = -1;
183
184 char * const args[] = {execname, child_id, NULL};
185
186 status = support_subprogram_wait (args[0], args);
187
188 err:
189 if (outfd >= 0)
190 close (outfd);
191 if (infd >= 0)
192 close (infd);
193 if (execname != NULL)
194 {
195 unlink (execname);
196 free (execname);
197 }
198 if (dirname != NULL)
199 {
200 rmdir (dirname);
201 free (dirname);
202 }
203
204 if (ret == 77)
205 FAIL_UNSUPPORTED ("Failed to make sgid executable for test\n");
206 if (ret != 0)
207 FAIL_EXIT1 ("Failed to make sgid executable for test\n");
208
209 return status;
210 }
211
212 int
213 support_capture_subprogram_self_sgid (char *child_id)
214 {
215 gid_t target = 0;
216 const int count = 64;
217 gid_t groups[count];
218
219 /* Get a GID which is not our current GID, but is present in the
220 supplementary group list. */
221 int ret = getgroups (count, groups);
222 if (ret < 0)
223 FAIL_UNSUPPORTED("Could not get group list for user %jd\n",
224 (intmax_t) getuid ());
225
226 gid_t current = getgid ();
227 for (int i = 0; i < ret; ++i)
228 {
229 if (groups[i] != current)
230 {
231 target = groups[i];
232 break;
233 }
234 }
235
236 if (target == 0)
237 FAIL_UNSUPPORTED("Could not find a suitable GID for user %jd\n",
238 (intmax_t) getuid ());
239
240 return copy_and_spawn_sgid (child_id, target);
241 }
242
243 void
244 support_capture_subprocess_free (struct support_capture_subprocess *p)
245 {
246 free (p->out.buffer);
247 free (p->err.buffer);
248 }