Don't die when is_privileged_executable fails

rocallahan · rocallahan · commit 6731b726983f · 2024-12-29T15:10:37.000+13:00
Resolves #3894
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -1068,6 +1068,8 @@ set(BASIC_TESTS
   fd_cleanup
   fd_tracking_across_threads
   fds_clean
+  fexecve
+  fexecve_memfd
   flock
   flock_ofd
   flock2
diff --git a/src/record_syscall.cc b/src/record_syscall.cc
@@ -5566,12 +5566,15 @@ static bool is_privileged_executable(RecordTask* t, const string& path) {
       return true;
     }
   } else {
-    ASSERT(t, errno == ENODATA || errno == ENOTSUP);
-    struct stat buf;
-    stat(path.c_str(), &buf);
-    if (buf.st_mode & (S_ISUID | S_ISGID)) {
-      return true;
+    if (errno == ENOENT) {
+      return false;
     }
+    ASSERT(t, errno == ENODATA || errno == ENOTSUP);
+  }
+  struct stat buf;
+  stat(path.c_str(), &buf);
+  if (buf.st_mode & (S_ISUID | S_ISGID)) {
+    return true;
   }
   return false;
 }
diff --git a/src/test/fexecve.c b/src/test/fexecve.c
@@ -0,0 +1,23 @@
+/* -*- Mode: C; tab-width: 8; c-basic-offset: 2; indent-tabs-mode: nil; -*- */
+
+#include "util.h"
+
+int main(int argc, char* argv[]) {
+  test_assert(argc == 1 || (argc == 2 && !strcmp("self", argv[1])));
+
+  if (argc != 2) {
+    int fd = open("/proc/self/exe", O_RDONLY);
+    test_assert(fd >= 0);
+    char* new_args[] = { argv[0], "self", NULL };
+    int ret = syscall(RR_execveat, fd, "", new_args, environ, AT_EMPTY_PATH);
+    if (ret < 0 && errno == ENOSYS) {
+      atomic_puts("execveat not supported, skipping test");
+      atomic_puts("EXIT-SUCCESS");
+      return 0;
+    }
+    test_assert("Not reached" && 0);
+  }
+
+  atomic_puts("EXIT-SUCCESS");
+  return 0;
+}
diff --git a/src/test/fexecve_memfd.c b/src/test/fexecve_memfd.c
@@ -0,0 +1,35 @@
+/* -*- Mode: C; tab-width: 8; c-basic-offset: 2; indent-tabs-mode: nil; -*- */
+
+#include "util.h"
+
+static void copy_file(int from_fd, int to_fd) {
+  char buf[4096];
+  ssize_t ret;
+
+  while ((ret = read(from_fd, buf, sizeof(buf))) > 0) {
+    test_assert(write(to_fd, buf, ret) == ret);
+  }
+  test_assert(ret == 0);
+}
+
+int main(int argc, char* argv[]) {
+  test_assert(argc == 1 || (argc == 2 && !strcmp("self", argv[1])));
+
+  if (argc != 2) {
+    int fd = open("/proc/self/exe", O_RDONLY);
+    test_assert(fd >= 0);
+    int memfd = syscall(RR_memfd_create, "test", 0);
+    copy_file(fd, memfd);
+    char* new_args[] = { argv[0], "self", NULL };
+    int ret = syscall(RR_execveat, memfd, "", new_args, environ, AT_EMPTY_PATH);
+    if (ret < 0 && errno == ENOSYS) {
+      atomic_puts("execveat not supported, skipping test");
+      atomic_puts("EXIT-SUCCESS");
+      return 0;
+    }
+    test_assert("Not reached" && 0);
+  }
+
+  atomic_puts("EXIT-SUCCESS");
+  return 0;
+}

Original file line number	Diff line number	Diff line change
`@@ -5566,12 +5566,15 @@ static bool is_privileged_executable(RecordTask* t, const string& path) {`
`5566`	`5566`	`return true;`
`5567`	`5567`	`}`
`5568`	`5568`	`} else {`
`5569`		`- ASSERT(t, errno == ENODATA \|\| errno == ENOTSUP);`
`5570`		`- struct stat buf;`
`5571`		`- stat(path.c_str(), &buf);`
`5572`		`- if (buf.st_mode & (S_ISUID \| S_ISGID)) {`
`5573`		`- return true;`
	`5569`	`+ if (errno == ENOENT) {`
	`5570`	`+ return false;`
`5574`	`5571`	`}`
	`5572`	`+ ASSERT(t, errno == ENODATA \|\| errno == ENOTSUP);`
	`5573`	`+ }`
	`5574`	`+ struct stat buf;`
	`5575`	`+ stat(path.c_str(), &buf);`
	`5576`	`+ if (buf.st_mode & (S_ISUID \| S_ISGID)) {`
	`5577`	`+ return true;`
`5575`	`5578`	`}`
`5576`	`5579`	`return false;`
`5577`	`5580`	`}`