[thirdparty/glibc.git] / support / support_capture_subprocess.c

/* Capture output from a subprocess.
   Copyright (C) 2017-2021 Free Software Foundation, Inc.
   This file is part of the GNU C Library.

   The GNU C Library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 2.1 of the License, or (at your option) any later version.

   The GNU C Library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with the GNU C Library; if not, see
   <https://www.gnu.org/licenses/>.  */

#include <support/subprocess.h>
#include <support/capture_subprocess.h>

#include <errno.h>
#include <fcntl.h>
#include <stdlib.h>
#include <support/check.h>
#include <support/xunistd.h>
#include <support/xsocket.h>
#include <support/xspawn.h>
#include <support/support.h>
#include <support/test-driver.h>

static void
transfer (const char *what, struct pollfd *pfd, struct xmemstream *stream)
{
  if (pfd->revents != 0)
    {
      char buf[1024];
      ssize_t ret = TEMP_FAILURE_RETRY (read (pfd->fd, buf, sizeof (buf)));
      if (ret < 0)
        {
          support_record_failure ();
          printf ("error: reading from subprocess %s: %m\n", what);
          pfd->events = 0;
          pfd->revents = 0;
        }
      else if (ret == 0)
        {
          /* EOF reached.  Stop listening.  */
          pfd->events = 0;
          pfd->revents = 0;
        }
      else
        /* Store the data just read.   */
        TEST_VERIFY (fwrite (buf, ret, 1, stream->out) == 1);
    }
}

static void
support_capture_poll (struct support_capture_subprocess *result,
		      struct support_subprocess *proc)
{
  struct pollfd fds[2] =
    {
      { .fd = proc->stdout_pipe[0], .events = POLLIN },
      { .fd = proc->stderr_pipe[0], .events = POLLIN },
    };

  do
    {
      xpoll (fds, 2, -1);
      transfer ("stdout", &fds[0], &result->out);
      transfer ("stderr", &fds[1], &result->err);
    }
  while (fds[0].events != 0 || fds[1].events != 0);

  xfclose_memstream (&result->out);
  xfclose_memstream (&result->err);

  result->status = support_process_wait (proc);
}

struct support_capture_subprocess
support_capture_subprocess (void (*callback) (void *), void *closure)
{
  struct support_capture_subprocess result;
  xopen_memstream (&result.out);
  xopen_memstream (&result.err);

  struct support_subprocess proc = support_subprocess (callback, closure);

  support_capture_poll (&result, &proc);
  return result;
}

struct support_capture_subprocess
support_capture_subprogram (const char *file, char *const argv[])
{
  struct support_capture_subprocess result;
  xopen_memstream (&result.out);
  xopen_memstream (&result.err);

  struct support_subprocess proc = support_subprogram (file, argv);

  support_capture_poll (&result, &proc);
  return result;
}

/* Copies the executable into a restricted directory, so that we can
   safely make it SGID with the TARGET group ID.  Then runs the
   executable.  */
static int
copy_and_spawn_sgid (char *child_id, gid_t gid)
{
  char *dirname = xasprintf ("%s/tst-tunables-setuid.%jd",
			     test_dir, (intmax_t) getpid ());
  char *execname = xasprintf ("%s/bin", dirname);
  int infd = -1;
  int outfd = -1;
  int ret = 1, status = 1;

  TEST_VERIFY (mkdir (dirname, 0700) == 0);
  if (support_record_failure_is_failed ())
    goto err;

  infd = open ("/proc/self/exe", O_RDONLY);
  if (infd < 0)
    FAIL_UNSUPPORTED ("unsupported: Cannot read binary from procfs\n");

  outfd = open (execname, O_WRONLY | O_CREAT | O_EXCL, 0700);
  TEST_VERIFY (outfd >= 0);
  if (support_record_failure_is_failed ())
    goto err;

  char buf[4096];
  for (;;)
    {
      ssize_t rdcount = read (infd, buf, sizeof (buf));
      TEST_VERIFY (rdcount >= 0);
      if (support_record_failure_is_failed ())
	goto err;
      if (rdcount == 0)
	break;
      char *p = buf;
      char *end = buf + rdcount;
      while (p != end)
	{
	  ssize_t wrcount = write (outfd, buf, end - p);
	  if (wrcount == 0)
	    errno = ENOSPC;
	  TEST_VERIFY (wrcount > 0);
	  if (support_record_failure_is_failed ())
	    goto err;
	  p += wrcount;
	}
    }
  TEST_VERIFY (fchown (outfd, getuid (), gid) == 0);
  if (support_record_failure_is_failed ())
    goto err;
  TEST_VERIFY (fchmod (outfd, 02750) == 0);
  if (support_record_failure_is_failed ())
    goto err;
  TEST_VERIFY (close (outfd) == 0);
  if (support_record_failure_is_failed ())
    goto err;
  TEST_VERIFY (close (infd) == 0);
  if (support_record_failure_is_failed ())
    goto err;

  /* We have the binary, now spawn the subprocess.  Avoid using
     support_subprogram because we only want the program exit status, not the
     contents.  */
  ret = 0;

  char * const args[] = {execname, child_id, NULL};

  status = support_subprogram_wait (args[0], args);

err:
  if (outfd >= 0)
    close (outfd);
  if (infd >= 0)
    close (infd);
  if (execname != NULL)
    {
      unlink (execname);
      free (execname);
    }
  if (dirname != NULL)
    {
      rmdir (dirname);
      free (dirname);
    }

  if (ret != 0)
    FAIL_EXIT1("Failed to make sgid executable for test\n");

  return status;
}

int
support_capture_subprogram_self_sgid (char *child_id)
{
  gid_t target = 0;
  const int count = 64;
  gid_t groups[count];

  /* Get a GID which is not our current GID, but is present in the
     supplementary group list.  */
  int ret = getgroups (count, groups);
  if (ret < 0)
    FAIL_UNSUPPORTED("Could not get group list for user %jd\n",
		     (intmax_t) getuid ());

  gid_t current = getgid ();
  for (int i = 0; i < ret; ++i)
    {
      if (groups[i] != current)
	{
	  target = groups[i];
	  break;
	}
    }

  if (target == 0)
    FAIL_UNSUPPORTED("Could not find a suitable GID for user %jd\n",
		     (intmax_t) getuid ());

  return copy_and_spawn_sgid (child_id, target);
}

void
support_capture_subprocess_free (struct support_capture_subprocess *p)
{
  free (p->out.buffer);
  free (p->err.buffer);
}
Commit	Line	Data
91b6eb11	1	/* Capture output from a subprocess.
2b778ceb	2	Copyright (C) 2017-2021 Free Software Foundation, Inc.
91b6eb11 FW	3	This file is part of the GNU C Library.
	4
	5	The GNU C Library is free software; you can redistribute it and/or
	6	modify it under the terms of the GNU Lesser General Public
	7	License as published by the Free Software Foundation; either
	8	version 2.1 of the License, or (at your option) any later version.
	9
	10	The GNU C Library is distributed in the hope that it will be useful,
	11	but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	Lesser General Public License for more details.
	14
	15	You should have received a copy of the GNU Lesser General Public
	16	License along with the GNU C Library; if not, see
5a82c748	17	<https://www.gnu.org/licenses/>. */
91b6eb11	18
0e169691	19	#include <support/subprocess.h>
91b6eb11 FW	20	#include <support/capture_subprocess.h>
	21
	22	#include <errno.h>
716a3bdc	23	#include <fcntl.h>
91b6eb11 FW	24	#include <stdlib.h>
	25	#include <support/check.h>
	26	#include <support/xunistd.h>
	27	#include <support/xsocket.h>
0e169691	28	#include <support/xspawn.h>
716a3bdc SP	29	#include <support/support.h>
716a3bdc SP	30	#include <support/test-driver.h>
91b6eb11 FW	31
	32	static void
	33	transfer (const char what, struct pollfd pfd, struct xmemstream *stream)
	34	{
	35	if (pfd->revents != 0)
	36	{
	37	char buf[1024];
	38	ssize_t ret = TEMP_FAILURE_RETRY (read (pfd->fd, buf, sizeof (buf)));
	39	if (ret < 0)
	40	{
	41	support_record_failure ();
95c68080	42	printf ("error: reading from subprocess %s: %m\n", what);
91b6eb11 FW	43	pfd->events = 0;
	44	pfd->revents = 0;
	45	}
	46	else if (ret == 0)
	47	{
	48	/* EOF reached. Stop listening. */
	49	pfd->events = 0;
	50	pfd->revents = 0;
	51	}
	52	else
	53	/* Store the data just read. */
	54	TEST_VERIFY (fwrite (buf, ret, 1, stream->out) == 1);
	55	}
	56	}
	57
0e169691 AZ	58	static void
	59	support_capture_poll (struct support_capture_subprocess *result,
	60	struct support_subprocess *proc)
91b6eb11	61	{
91b6eb11 FW	62	struct pollfd fds[2] =
91b6eb11 FW	63	{
0e169691 AZ	64	{ .fd = proc->stdout_pipe[0], .events = POLLIN },
0e169691 AZ	65	{ .fd = proc->stderr_pipe[0], .events = POLLIN },
91b6eb11 FW	66	};
	67
	68	do
	69	{
	70	xpoll (fds, 2, -1);
0e169691 AZ	71	transfer ("stdout", &fds[0], &result->out);
0e169691 AZ	72	transfer ("stderr", &fds[1], &result->err);
91b6eb11 FW	73	}
91b6eb11 FW	74	while (fds[0].events != 0 \|\| fds[1].events != 0);
91b6eb11	75
0e169691 AZ	76	xfclose_memstream (&result->out);
	77	xfclose_memstream (&result->err);
	78
	79	result->status = support_process_wait (proc);
	80	}
	81
	82	struct support_capture_subprocess
	83	support_capture_subprocess (void (callback) (void ), void *closure)
	84	{
	85	struct support_capture_subprocess result;
	86	xopen_memstream (&result.out);
	87	xopen_memstream (&result.err);
	88
	89	struct support_subprocess proc = support_subprocess (callback, closure);
	90
	91	support_capture_poll (&result, &proc);
	92	return result;
	93	}
	94
	95	struct support_capture_subprocess
	96	support_capture_subprogram (const char file, char const argv[])
	97	{
	98	struct support_capture_subprocess result;
	99	xopen_memstream (&result.out);
	100	xopen_memstream (&result.err);
	101
	102	struct support_subprocess proc = support_subprogram (file, argv);
	103
	104	support_capture_poll (&result, &proc);
91b6eb11 FW	105	return result;
	106	}
	107
716a3bdc SP	108	/* Copies the executable into a restricted directory, so that we can
	109	safely make it SGID with the TARGET group ID. Then runs the
	110	executable. */
	111	static int
	112	copy_and_spawn_sgid (char *child_id, gid_t gid)
	113	{
	114	char *dirname = xasprintf ("%s/tst-tunables-setuid.%jd",
	115	test_dir, (intmax_t) getpid ());
	116	char *execname = xasprintf ("%s/bin", dirname);
	117	int infd = -1;
	118	int outfd = -1;
	119	int ret = 1, status = 1;
	120
	121	TEST_VERIFY (mkdir (dirname, 0700) == 0);
	122	if (support_record_failure_is_failed ())
	123	goto err;
	124
	125	infd = open ("/proc/self/exe", O_RDONLY);
	126	if (infd < 0)
	127	FAIL_UNSUPPORTED ("unsupported: Cannot read binary from procfs\n");
	128
	129	outfd = open (execname, O_WRONLY \| O_CREAT \| O_EXCL, 0700);
	130	TEST_VERIFY (outfd >= 0);
	131	if (support_record_failure_is_failed ())
	132	goto err;
	133
	134	char buf[4096];
	135	for (;;)
	136	{
	137	ssize_t rdcount = read (infd, buf, sizeof (buf));
	138	TEST_VERIFY (rdcount >= 0);
	139	if (support_record_failure_is_failed ())
	140	goto err;
	141	if (rdcount == 0)
	142	break;
	143	char *p = buf;
	144	char *end = buf + rdcount;
	145	while (p != end)
	146	{
	147	ssize_t wrcount = write (outfd, buf, end - p);
	148	if (wrcount == 0)
	149	errno = ENOSPC;
	150	TEST_VERIFY (wrcount > 0);
	151	if (support_record_failure_is_failed ())
	152	goto err;
	153	p += wrcount;
	154	}
	155	}
	156	TEST_VERIFY (fchown (outfd, getuid (), gid) == 0);
	157	if (support_record_failure_is_failed ())
	158	goto err;
	159	TEST_VERIFY (fchmod (outfd, 02750) == 0);
	160	if (support_record_failure_is_failed ())
	161	goto err;
	162	TEST_VERIFY (close (outfd) == 0);
	163	if (support_record_failure_is_failed ())
	164	goto err;
	165	TEST_VERIFY (close (infd) == 0);
	166	if (support_record_failure_is_failed ())
	167	goto err;
	168
	169	/* We have the binary, now spawn the subprocess. Avoid using
	170	support_subprogram because we only want the program exit status, not the
	171	contents. */
172	ret = 0;
173
174	char * const args[] = {execname, child_id, NULL};
175
176	status = support_subprogram_wait (args[0], args);
177
178	err:
179	if (outfd >= 0)
180	close (outfd);
181	if (infd >= 0)
182	close (infd);
183	if (execname != NULL)
184	{
185	unlink (execname);
186	free (execname);
187	}
188	if (dirname != NULL)
189	{
190	rmdir (dirname);
191	free (dirname);
192	}
193
194	if (ret != 0)
195	FAIL_EXIT1("Failed to make sgid executable for test\n");
196
197	return status;
198	}
199
200	int
201	support_capture_subprogram_self_sgid (char *child_id)
202	{
203	gid_t target = 0;
204	const int count = 64;
205	gid_t groups[count];
206
207	/* Get a GID which is not our current GID, but is present in the
208	supplementary group list. */
209	int ret = getgroups (count, groups);
210	if (ret < 0)
211	FAIL_UNSUPPORTED("Could not get group list for user %jd\n",
212	(intmax_t) getuid ());
213
214	gid_t current = getgid ();
215	for (int i = 0; i < ret; ++i)
216	{
217	if (groups[i] != current)
218	{
219	target = groups[i];
220	break;
221	}
222	}
223
224	if (target == 0)
225	FAIL_UNSUPPORTED("Could not find a suitable GID for user %jd\n",
226	(intmax_t) getuid ());
227
228	return copy_and_spawn_sgid (child_id, target);
229	}
230
91b6eb11 FW	231	void
	232	support_capture_subprocess_free (struct support_capture_subprocess *p)
	233	{
	234	free (p->out.buffer);
	235	free (p->err.buffer);
	236	}