|
|
cc8a76 |
From 1add8a7d60e46806e0ef87994d3024245db0d84a Mon Sep 17 00:00:00 2001
|
|
|
cc8a76 |
From: David Rheinsberg <david.rheinsberg@gmail.com>
|
|
|
cc8a76 |
Date: Thu, 18 Mar 2021 11:10:02 +0100
|
|
|
cc8a76 |
Subject: [PATCH] launch/policy: fix incorrect assertion for at_console
|
|
|
cc8a76 |
|
|
|
cc8a76 |
We write at_console policies for ranges of uids. If one of those ranges
|
|
|
cc8a76 |
is 0, an overflow assertion will incorrectly fire. Fix this and simplify
|
|
|
cc8a76 |
the assertions for better readability.
|
|
|
cc8a76 |
|
|
|
cc8a76 |
Note that such empty ranges will happen if more than one user on the
|
|
|
cc8a76 |
system is considered `at_console` **and** those users have consecutive
|
|
|
cc8a76 |
UIDs. Another possibility for empty ranges is when uid 0 is considered
|
|
|
cc8a76 |
at_console.
|
|
|
cc8a76 |
|
|
|
cc8a76 |
In any case, the assertion will abort the application incorrectly. So
|
|
|
cc8a76 |
this is not a security issue, but merely an incorrect assertion.
|
|
|
cc8a76 |
|
|
|
cc8a76 |
Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
|
|
|
cc8a76 |
---
|
|
|
cc8a76 |
src/launch/policy.c | 5 ++++-
|
|
|
cc8a76 |
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
cc8a76 |
|
|
|
cc8a76 |
diff --git a/src/launch/policy.c b/src/launch/policy.c
|
|
|
cc8a76 |
index f91f11b..75eb0d3 100644
|
|
|
cc8a76 |
--- a/src/launch/policy.c
|
|
|
cc8a76 |
+++ b/src/launch/policy.c
|
|
|
cc8a76 |
@@ -934,7 +934,10 @@ static int policy_export_xmit(Policy *policy, CList *list1, CList *list2, sd_bus
|
|
|
cc8a76 |
static int policy_export_console(Policy *policy, sd_bus_message *m, PolicyEntries *entries, uint32_t uid_start, uint32_t n_uid) {
|
|
|
cc8a76 |
int r;
|
|
|
cc8a76 |
|
|
|
cc8a76 |
- c_assert(((uint32_t)-1) - n_uid + 1 >= uid_start);
|
|
|
cc8a76 |
+ /* check for overflow */
|
|
|
cc8a76 |
+ c_assert(uid_start + n_uid >= uid_start);
|
|
|
cc8a76 |
+ /* check for encoding into dbus `u` type */
|
|
|
cc8a76 |
+ c_assert(uid_start + n_uid <= (uint32_t)-1);
|
|
|
cc8a76 |
|
|
|
cc8a76 |
if (n_uid == 0)
|
|
|
cc8a76 |
return 0;
|