sysdeps/unix/grantpt.c

   1 /* Copyright (C) 1998, 2000, 2001, 2002, 2009 Free Software Foundation, Inc.
   2    This file is part of the GNU C Library.
   3    Contributed by Zack Weinberg <zack@rabi.phys.columbia.edu>, 1998.
   4
   5    The GNU C Library is free software; you can redistribute it and/or
   6    modify it under the terms of the GNU Lesser General Public
   7    License as published by the Free Software Foundation; either
   8    version 2.1 of the License, or (at your option) any later version.
   9
  10    The GNU C Library is distributed in the hope that it will be useful,
  11    but WITHOUT ANY WARRANTY; without even the implied warranty of
  12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13    Lesser General Public License for more details.
  14
  15    You should have received a copy of the GNU Lesser General Public
  16    License along with the GNU C Library; if not, write to the Free
  17    Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
  18    02111-1307 USA.  */
  19
  20 #include <assert.h>
  21 #include <errno.h>
  22 #include <fcntl.h>
  23 #include <grp.h>
  24 #include <limits.h>
  25 #include <stdlib.h>
  26 #include <string.h>
  27 #include <sys/resource.h>
  28 #include <sys/stat.h>
  29 #include <sys/types.h>
  30 #include <sys/wait.h>
  31 #include <unistd.h>
  32
  33 #include "pty-private.h"
  34
  35
  36 /* Return the result of ptsname_r in the buffer pointed to by PTS,
  37    which should be of length BUF_LEN.  If it is too long to fit in
  38    this buffer, a sufficiently long buffer is allocated using malloc,
  39    and returned in PTS.  0 is returned upon success, -1 otherwise.  */
  40 static int
  41 pts_name (int fd, char **pts, size_t buf_len)
  42 {
  43   int rv;
  44   char *buf = *pts;
  45
  46   for (;;)
  47     {
  48       char *new_buf;
  49
  50       if (buf_len)
  51         {
  52           rv = __ptsname_r (fd, buf, buf_len);
  53           if (rv != 0)
  54             {
  55               if (rv == ENOTTY)
  56                 /* ptsname_r returns with ENOTTY to indicate
  57                    a descriptor not referring to a pty master.
  58                    For this condition, grantpt must return EINVAL.  */
  59                 rv = EINVAL;
  60               errno = rv;       /* Not necessarily set by __ptsname_r.  */
  61               break;
  62             }
  63
  64           if (memchr (buf, '\0', buf_len))
  65             /* We succeeded and the returned name fit in the buffer.  */
  66             break;
  67
  68           /* Try again with a longer buffer.  */
  69           buf_len += buf_len;   /* Double it */
  70         }
  71       else
  72         /* No initial buffer; start out by mallocing one.  */
  73         buf_len = 128;          /* First time guess.  */
  74
  75       if (buf != *pts)
  76         /* We've already malloced another buffer at least once.  */
  77         new_buf = (char *) realloc (buf, buf_len);
  78       else
  79         new_buf = (char *) malloc (buf_len);
  80       if (! new_buf)
  81         {
  82           rv = -1;
  83           __set_errno (ENOMEM);
  84           break;
  85         }
  86       buf = new_buf;
  87     }
  88
  89   if (rv == 0)
  90     *pts = buf;         /* Return buffer to the user.  */
  91   else if (buf != *pts)
  92     free (buf);         /* Free what we malloced when returning an error.  */
  93
  94   return rv;
  95 }
  96
  97 /* Change the ownership and access permission of the slave pseudo
  98    terminal associated with the master pseudo terminal specified
  99    by FD.  */
 100 int
 101 grantpt (int fd)
 102 {
 103   int retval = -1;
 104 #ifdef PATH_MAX
 105   char _buf[PATH_MAX];
 106 #else
 107   char _buf[512];
 108 #endif
 109   char *buf = _buf;
 110
 111   if (__builtin_expect (pts_name (fd, &buf, sizeof (_buf)), 0))
 112     {
 113       int save_errno = errno;
 114
 115       /* Check, if the file descriptor is valid.  pts_name returns the
 116          wrong errno number, so we cannot use that.  */
 117       if (__libc_fcntl (fd, F_GETFD) == -1 && errno == EBADF)
 118         return -1;
 119
 120        /* If the filedescriptor is no TTY, grantpt has to set errno
 121           to EINVAL.  */
 122        if (save_errno == ENOTTY)
 123          __set_errno (EINVAL);
 124        else
 125          __set_errno (save_errno);
 126
 127        return -1;
 128     }
 129
 130   struct stat64 st;
 131   if (__xstat64 (_STAT_VER, buf, &st) < 0)
 132     goto cleanup;
 133
 134   /* Make sure that we own the device.  */
 135   uid_t uid = __getuid ();
 136   if (st.st_uid != uid)
 137     {
 138       if (__chown (buf, uid, st.st_gid) < 0)
 139         goto helper;
 140     }
 141
 142   static int tty_gid = -1;
 143   if (__builtin_expect (tty_gid == -1, 0))
 144     {
 145       char *grtmpbuf;
 146       struct group grbuf;
 147       size_t grbuflen = __sysconf (_SC_GETGR_R_SIZE_MAX);
 148       struct group *p;
 149
 150       /* Get the group ID of the special `tty' group.  */
 151       if (grbuflen == (size_t) -1L)
 152         /* `sysconf' does not support _SC_GETGR_R_SIZE_MAX.
 153            Try a moderate value.  */
 154         grbuflen = 1024;
 155       grtmpbuf = (char *) __alloca (grbuflen);
 156       __getgrnam_r (TTY_GROUP, &grbuf, grtmpbuf, grbuflen, &p);
 157       if (p != NULL)
 158         tty_gid = p->gr_gid;
 159     }
 160   gid_t gid = tty_gid == -1 ? __getgid () : tty_gid;
 161
 162   /* Make sure the group of the device is that special group.  */
 163   if (st.st_gid != gid)
 164     {
 165       if (__chown (buf, uid, gid) < 0)
 166         goto helper;
 167     }
 168
 169   /* Make sure the permission mode is set to readable and writable by
 170      the owner, and writable by the group.  */
 171   if ((st.st_mode & ACCESSPERMS) != (S_IRUSR|S_IWUSR|S_IWGRP))
 172     {
 173       if (__chmod (buf, S_IRUSR|S_IWUSR|S_IWGRP) < 0)
 174         goto helper;
 175     }
 176
 177   retval = 0;
 178   goto cleanup;
 179
 180   /* We have to use the helper program.  */
 181  helper:;
 182
 183   pid_t pid = __fork ();
 184   if (pid == -1)
 185     goto cleanup;
 186   else if (pid == 0)
 187     {
 188       /* Disable core dumps.  */
 189       struct rlimit rl = { 0, 0 };
 190       __setrlimit (RLIMIT_CORE, &rl);
 191
 192       /* We pass the master pseudo terminal as file descriptor PTY_FILENO.  */
 193       if (fd != PTY_FILENO)
 194         if (__dup2 (fd, PTY_FILENO) < 0)
 195           _exit (FAIL_EBADF);
 196
 197 #ifdef CLOSE_ALL_FDS
 198       CLOSE_ALL_FDS ();
 199 #endif
 200
 201       execle (_PATH_PT_CHOWN, basename (_PATH_PT_CHOWN), NULL, NULL);
 202       _exit (FAIL_EXEC);
 203     }
 204   else
 205     {
 206       int w;
 207
 208       if (__waitpid (pid, &w, 0) == -1)
 209         goto cleanup;
 210       if (!WIFEXITED (w))
 211         __set_errno (ENOEXEC);
 212       else
 213         switch (WEXITSTATUS (w))
 214           {
 215           case 0:
 216             retval = 0;
 217             break;
 218           case FAIL_EBADF:
 219             __set_errno (EBADF);
 220             break;
 221           case FAIL_EINVAL:
 222             __set_errno (EINVAL);
 223             break;
 224           case FAIL_EACCES:
 225             __set_errno (EACCES);
 226             break;
 227           case FAIL_EXEC:
 228             __set_errno (ENOEXEC);
 229             break;
 230           case FAIL_ENOMEM:
 231             __set_errno (ENOMEM);
 232             break;
 233
 234           default:
 235             assert(! "getpt: internal error: invalid exit code from pt_chown");
 236           }
 237     }
 238
 239  cleanup:
 240   if (buf != _buf)
 241     free (buf);
 242
 243   return retval;
 244 }