[1/2] linux ttyname: return link if appropriate

Message ID	20160418195318.GB30476@ubuntumail
State	New, archived
Headers	Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk Sender: libc-alpha-owner@sourceware.org Date: Mon, 18 Apr 2016 19:53:18 +0000 From: Serge Hallyn <serge.hallyn@ubuntu.com> To: libc-alpha@sourceware.org, Serge Hallyn <serge.hallyn@ubuntu.com> Subject: [PATCH 1/2] linux ttyname: return link if appropriate Message-ID: <20160418195318.GB30476@ubuntumail> References: <20160415152929.GA7932@ubuntumail> <5711165D.5040902@redhat.com> <20160415164652.GE8450@ubuntumail> <57111F9C.8030902@redhat.com> <20160415174245.GA9610@ubuntumail> <20160415184746.GA10830@ubuntumail> <20160415195938.GP6588@vapier.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160415195938.GP6588@vapier.lan> User-Agent: Mutt/1.5.21 (2010-09-15)

Message ID

20160418195318.GB30476@ubuntumail

State

New, archived

Headers

Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
Sender: libc-alpha-owner@sourceware.org
Date: Mon, 18 Apr 2016 19:53:18 +0000
From: Serge Hallyn <serge.hallyn@ubuntu.com>
To: libc-alpha@sourceware.org, Serge Hallyn <serge.hallyn@ubuntu.com>
Subject: [PATCH 1/2] linux ttyname: return link if appropriate
Message-ID: <20160418195318.GB30476@ubuntumail>
References: <20160415152929.GA7932@ubuntumail> <5711165D.5040902@redhat.com>
	<20160415164652.GE8450@ubuntumail> <57111F9C.8030902@redhat.com>
	<20160415174245.GA9610@ubuntumail>
	<20160415184746.GA10830@ubuntumail>
	<20160415195938.GP6588@vapier.lan>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20160415195938.GP6588@vapier.lan>
User-Agent: Mutt/1.5.21 (2010-09-15)

Commit Message

Serge Hallyn April 18, 2016, 7:53 p.m. UTC

  The current ttyname does the wrong thing in two cases:

1. If the passed-in link (say /proc/self/fd/0) points to a
device, say /dev/pts/2, in a parent mount namespace, and a
/dev/pts/2 exists (in a different devpts) in the current
namespace, then it returns /dev/pts/2.  But /dev/pts/2 is
NOT the current tty, it is a different file and device.

2. If the passed-in link (say /proc/self/fd/0) points to
a device, say /dev/pts/2, in a parent mount namespace, and
/dev/pts/2 does not exist in the current namespace, it
returns success but an empty name.  As far as I can tell,
there is no reason for it to not return /proc/self/fd/0.
http://pubs.opengroup.org/onlinepubs/009695399/functions/ttyname.html
does not say anything about not returning a link.
---
 sysdeps/unix/sysv/linux/ttyname.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

Comments

Mike Frysinger April 18, 2016, 8:02 p.m. UTC | #1

On 18 Apr 2016 19:53, Serge Hallyn wrote:
> +	  strcpy (ttyname_buf, procname);
> +	  return ttyname_buf;

at this point you could just write:
  return strcpy (ttyname_buf, procname);
-mike

Serge Hallyn April 18, 2016, 8:23 p.m. UTC | #2

Quoting Mike Frysinger (vapier@gentoo.org):
> On 18 Apr 2016 19:53, Serge Hallyn wrote:
> > +	  strcpy (ttyname_buf, procname);
> > +	  return ttyname_buf;
> 
> at this point you could just write:
>   return strcpy (ttyname_buf, procname);

Yup.

I can send another patch (squashed), but I'm sort of waiting
for Florian's answer about security concerns.

diff mbox

Patch

diff --git a/sysdeps/unix/sysv/linux/ttyname.c b/sysdeps/unix/sysv/linux/ttyname.c
index 7a001b4..430fb48 100644
--- a/sysdeps/unix/sysv/linux/ttyname.c
+++ b/sysdeps/unix/sysv/linux/ttyname.c
@@ -33,6 +33,19 @@ 
 char *__ttyname;
 #endif
 
+/* Return true if this is a UNIX98 pty device, as defined in
+   linux/Documentation/devices.txt */
+static int
+is_pty (struct stat64 *sb)
+{
+#ifdef _STATBUF_ST_RDEV
+  int m = major (sb->st_rdev);
+  return (136 <= m && m <= 143);
+#else
+  return false;
+#endif
+}
+
 static char *getttyname (const char *dev, dev_t mydev,
 			 ino64_t myino, int save, int *dostat)
      internal_function;
@@ -170,12 +183,22 @@  ttyname (int fd)
 #ifdef _STATBUF_ST_RDEV
 	  && S_ISCHR (st1.st_mode)
 	  && st1.st_rdev == st.st_rdev
+	  && st1.st_dev == st.st_dev
 #else
 	  && st1.st_ino == st.st_ino
 	  && st1.st_dev == st.st_dev
 #endif
 	  )
 	return ttyname_buf;
+
+      /* If the link doesn't exist, then it points to a device in another
+	 namespace.  If it is a UNIX98 pty, then return the /proc/self
+	 fd, as it points to a name unreachable in our namespace */
+      if (is_pty (&st) && strlen (procname) < buflen - 1)
+        {
+	  strcpy (ttyname_buf, procname);
+	  return ttyname_buf;
+        }
     }
 
   if (__xstat64 (_STAT_VER, "/dev/pts", &st1) == 0 && S_ISDIR (st1.st_mode))