I was looking at a program that used PID & 0xffff as an arbitrary
identifier. Not directly related to this patch but it made me think
about what the limits are on process, user, and group IDs.
Here is what POSIX Issue 7 says in the documentation in <sys/types.h>
[1]:
The implementation shall support one or more programming environments in
which the widths of blksize_t, pid_t, size_t, ssize_t, and suseconds_t
are no greater than the width of type long.
I've committed these two patches adjusting idpriv-drop and
idpriv-droptemp which previously stored the result of getuid () and
getgid () in an 'int'. Not sure if this would cause issues on any of the
platforms these modules support.
For other modules where an ID is used as the result to printf it is
often casted to an int. Should I change those to intmax_t? I feel like
that would be the most portable way.
Collin
[1] https://pubs.opengroup.org/onlinepubs/9699919799.2018edition/
>From 01f20d6346ca1faad35af98e55c602b5584b094c Mon Sep 17 00:00:00 2001
From: Collin Funk <collin.fu...@gmail.com>
Date: Tue, 25 Jun 2024 21:34:51 -0700
Subject: [PATCH 1/2] idpriv-drop: Handle large user and group ids.
* lib/idpriv-drop.c (idpriv_drop): Use uid_t and gid_t instead of int.
---
ChangeLog | 5 +++++
lib/idpriv-drop.c | 4 ++--
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 359250daf2..f10e0edb43 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2024-06-25 Collin Funk <collin.fu...@gmail.com>
+
+ idpriv-drop: Handle large user and group ids.
+ * lib/idpriv-drop.c (idpriv_drop): Use uid_t and gid_t instead of int.
+
2024-06-25 Bruno Haible <br...@clisp.org>
c-vazsprintf-gnu: Add tests.
diff --git a/lib/idpriv-drop.c b/lib/idpriv-drop.c
index a14d3ba9a0..3bc0d6f98c 100644
--- a/lib/idpriv-drop.c
+++ b/lib/idpriv-drop.c
@@ -26,10 +26,10 @@ int
idpriv_drop (void)
{
#if HAVE_GETUID
- int uid = getuid ();
+ uid_t uid = getuid ();
#endif
#if HAVE_GETGID
- int gid = getgid ();
+ gid_t gid = getgid ();
#endif
/* Drop the gid privilege first, because in some cases the gid privilege
--
2.45.2
>From 9e301afb8826b2c0926779c1439643b7506df953 Mon Sep 17 00:00:00 2001
From: Collin Funk <collin.fu...@gmail.com>
Date: Tue, 25 Jun 2024 21:39:50 -0700
Subject: [PATCH 2/2] idpriv-droptemp: Handle large user and group ids.
* lib/idpriv-droptemp.c (saved_uid): Use uid_t instead of int.
(saved_gid): Use gid_t instead of int.
(idpriv_temp_drop): Use uid_t and gid_t instead of int.
(idpriv_temp_restore): Likewise.
---
ChangeLog | 6 ++++++
lib/idpriv-droptemp.c | 12 ++++++------
2 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index f10e0edb43..05bec51810 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
2024-06-25 Collin Funk <collin.fu...@gmail.com>
+ idpriv-droptemp: Handle large user and group ids.
+ * lib/idpriv-droptemp.c (saved_uid): Use uid_t instead of int.
+ (saved_gid): Use gid_t instead of int.
+ (idpriv_temp_drop): Use uid_t and gid_t instead of int.
+ (idpriv_temp_restore): Likewise.
+
idpriv-drop: Handle large user and group ids.
* lib/idpriv-drop.c (idpriv_drop): Use uid_t and gid_t instead of int.
diff --git a/lib/idpriv-droptemp.c b/lib/idpriv-droptemp.c
index eb882dea6d..15337cdd9e 100644
--- a/lib/idpriv-droptemp.c
+++ b/lib/idpriv-droptemp.c
@@ -25,18 +25,18 @@
/* The privileged uid and gid that the process had earlier. */
#if HAVE_GETUID
-static int saved_uid = -1;
+static uid_t saved_uid = -1;
#endif
#if HAVE_GETGID
-static int saved_gid = -1;
+static gid_t saved_gid = -1;
#endif
int
idpriv_temp_drop (void)
{
#if HAVE_GETEUID && HAVE_GETEGID && (HAVE_SETRESUID || HAVE_SETREUID) && (HAVE_SETRESGID || HAVE_SETREGID)
- int uid = getuid ();
- int gid = getgid ();
+ uid_t uid = getuid ();
+ gid_t gid = getgid ();
/* Find out about the privileged uid and gid at the first call. */
if (saved_uid == -1)
@@ -124,8 +124,8 @@ int
idpriv_temp_restore (void)
{
#if HAVE_GETEUID && HAVE_GETEGID && (HAVE_SETRESUID || HAVE_SETREUID) && (HAVE_SETRESGID || HAVE_SETREGID)
- int uid = getuid ();
- int gid = getgid ();
+ uid_t uid = getuid ();
+ gid_t gid = getgid ();
if (saved_uid == -1 || saved_gid == -1)
/* Caller error: idpriv_temp_drop was never invoked. */
--
2.45.2
