sysdeps/unix/grantpt.c

   1 /* Copyright (C) 1998-2015 Free Software Foundation, Inc.
   2    This file is part of the GNU C Library.
   3    Contributed by Zack Weinberg <zack@rabi.phys.columbia.edu>, 1998.
   4
   5    The GNU C Library is free software; you can redistribute it and/or
   6    modify it under the terms of the GNU Lesser General Public
   7    License as published by the Free Software Foundation; either
   8    version 2.1 of the License, or (at your option) any later version.
   9
  10    The GNU C Library is distributed in the hope that it will be useful,
  11    but WITHOUT ANY WARRANTY; without even the implied warranty of
  12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13    Lesser General Public License for more details.
  14
  15    You should have received a copy of the GNU Lesser General Public
  16    License along with the GNU C Library; if not, see
  17    <http://www.gnu.org/licenses/>.  */
  18
  19 #include <assert.h>
  20 #include <errno.h>
  21 #include <fcntl.h>
  22 #include <grp.h>
  23 #include <limits.h>
  24 #include <stdlib.h>
  25 #include <string.h>
  26 #include <sys/resource.h>
  27 #include <sys/stat.h>
  28 #include <sys/types.h>
  29 #include <sys/wait.h>
  30 #include <unistd.h>
  31
  32 #include "pty-private.h"
  33
  34
  35 /* Return the result of ptsname_r in the buffer pointed to by PTS,
  36    which should be of length BUF_LEN.  If it is too long to fit in
  37    this buffer, a sufficiently long buffer is allocated using malloc,
  38    and returned in PTS.  0 is returned upon success, -1 otherwise.  */
  39 static int
  40 pts_name (int fd, char **pts, size_t buf_len, struct stat64 *stp)
  41 {
  42   int rv;
  43   char *buf = *pts;
  44
  45   for (;;)
  46     {
  47       char *new_buf;
  48
  49       if (buf_len)
  50         {
  51           rv = __ptsname_internal (fd, buf, buf_len, stp);
  52           if (rv != 0)
  53             {
  54               if (rv == ENOTTY)
  55                 /* ptsname_r returns with ENOTTY to indicate
  56                    a descriptor not referring to a pty master.
  57                    For this condition, grantpt must return EINVAL.  */
  58                 rv = EINVAL;
  59               errno = rv;       /* Not necessarily set by __ptsname_r.  */
  60               break;
  61             }
  62
  63           if (memchr (buf, '\0', buf_len))
  64             /* We succeeded and the returned name fit in the buffer.  */
  65             break;
  66
  67           /* Try again with a longer buffer.  */
  68           buf_len += buf_len;   /* Double it */
  69         }
  70       else
  71         /* No initial buffer; start out by mallocing one.  */
  72         buf_len = 128;          /* First time guess.  */
  73
  74       if (buf != *pts)
  75         /* We've already malloced another buffer at least once.  */
  76         new_buf = (char *) realloc (buf, buf_len);
  77       else
  78         new_buf = (char *) malloc (buf_len);
  79       if (! new_buf)
  80         {
  81           rv = -1;
  82           __set_errno (ENOMEM);
  83           break;
  84         }
  85       buf = new_buf;
  86     }
  87
  88   if (rv == 0)
  89     *pts = buf;         /* Return buffer to the user.  */
  90   else if (buf != *pts)
  91     free (buf);         /* Free what we malloced when returning an error.  */
  92
  93   return rv;
  94 }
  95
  96 /* Change the ownership and access permission of the slave pseudo
  97    terminal associated with the master pseudo terminal specified
  98    by FD.  */
  99 int
 100 grantpt (int fd)
 101 {
 102   int retval = -1;
 103 #ifdef PATH_MAX
 104   char _buf[PATH_MAX];
 105 #else
 106   char _buf[512];
 107 #endif
 108   char *buf = _buf;
 109   struct stat64 st;
 110
 111   if (__glibc_unlikely (pts_name (fd, &buf, sizeof (_buf), &st)))
 112     {
 113       int save_errno = errno;
 114
 115       /* Check, if the file descriptor is valid.  pts_name returns the
 116          wrong errno number, so we cannot use that.  */
 117       if (__libc_fcntl (fd, F_GETFD) == -1 && errno == EBADF)
 118         return -1;
 119
 120        /* If the filedescriptor is no TTY, grantpt has to set errno
 121           to EINVAL.  */
 122        if (save_errno == ENOTTY)
 123          __set_errno (EINVAL);
 124        else
 125          __set_errno (save_errno);
 126
 127        return -1;
 128     }
 129
 130   /* Make sure that we own the device.  */
 131   uid_t uid = __getuid ();
 132   if (st.st_uid != uid)
 133     {
 134       if (__chown (buf, uid, st.st_gid) < 0)
 135         goto helper;
 136     }
 137
 138   static int tty_gid = -1;
 139   if (__glibc_unlikely (tty_gid == -1))
 140     {
 141       char *grtmpbuf;
 142       struct group grbuf;
 143       size_t grbuflen = __sysconf (_SC_GETGR_R_SIZE_MAX);
 144       struct group *p;
 145
 146       /* Get the group ID of the special `tty' group.  */
 147       if (grbuflen == (size_t) -1L)
 148         /* `sysconf' does not support _SC_GETGR_R_SIZE_MAX.
 149            Try a moderate value.  */
 150         grbuflen = 1024;
 151       grtmpbuf = (char *) __alloca (grbuflen);
 152       __getgrnam_r (TTY_GROUP, &grbuf, grtmpbuf, grbuflen, &p);
 153       if (p != NULL)
 154         tty_gid = p->gr_gid;
 155     }
 156   gid_t gid = tty_gid == -1 ? __getgid () : tty_gid;
 157
 158   /* Make sure the group of the device is that special group.  */
 159   if (st.st_gid != gid)
 160     {
 161       if (__chown (buf, uid, gid) < 0)
 162         goto helper;
 163     }
 164
 165   /* Make sure the permission mode is set to readable and writable by
 166      the owner, and writable by the group.  */
 167   if ((st.st_mode & ACCESSPERMS) != (S_IRUSR|S_IWUSR|S_IWGRP))
 168     {
 169       if (__chmod (buf, S_IRUSR|S_IWUSR|S_IWGRP) < 0)
 170         goto helper;
 171     }
 172
 173   retval = 0;
 174   goto cleanup;
 175
 176   /* We have to use the helper program if it is available.  */
 177  helper:;
 178
 179 #if HAVE_PT_CHOWN
 180   pid_t pid = __fork ();
 181   if (pid == -1)
 182     goto cleanup;
 183   else if (pid == 0)
 184     {
 185       /* Disable core dumps.  */
 186       struct rlimit rl = { 0, 0 };
 187       __setrlimit (RLIMIT_CORE, &rl);
 188
 189       /* We pass the master pseudo terminal as file descriptor PTY_FILENO.  */
 190       if (fd != PTY_FILENO)
 191         if (__dup2 (fd, PTY_FILENO) < 0)
 192           _exit (FAIL_EBADF);
 193
 194 # ifdef CLOSE_ALL_FDS
 195       CLOSE_ALL_FDS ();
 196 # endif
 197
 198       execle (_PATH_PT_CHOWN, basename (_PATH_PT_CHOWN), NULL, NULL);
 199       _exit (FAIL_EXEC);
 200     }
 201   else
 202     {
 203       int w;
 204
 205       if (__waitpid (pid, &w, 0) == -1)
 206         goto cleanup;
 207       if (!WIFEXITED (w))
 208         __set_errno (ENOEXEC);
 209       else
 210         switch (WEXITSTATUS (w))
 211           {
 212           case 0:
 213             retval = 0;
 214             break;
 215           case FAIL_EBADF:
 216             __set_errno (EBADF);
 217             break;
 218           case FAIL_EINVAL:
 219             __set_errno (EINVAL);
 220             break;
 221           case FAIL_EACCES:
 222             __set_errno (EACCES);
 223             break;
 224           case FAIL_EXEC:
 225             __set_errno (ENOEXEC);
 226             break;
 227           case FAIL_ENOMEM:
 228             __set_errno (ENOMEM);
 229             break;
 230
 231           default:
 232             assert(! "grantpt: internal error: invalid exit code from pt_chown");
 233           }
 234     }
 235 #endif
 236
 237  cleanup:
 238   if (buf != _buf)
 239     free (buf);
 240
 241   return retval;
 242 }