[Bug nptl/26248] New: Incorrect argument types for INLINE_SETXID_SYSCALL

[Bug nptl/26248] New: Incorrect argument types for INLINE_SETXID_SYSCALL

[hjl.tools at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=26248

            Bug ID: 26248
           Summary: Incorrect argument types for INLINE_SETXID_SYSCALL
           Product: glibc
           Version: 2.32
            Status: NEW
          Severity: normal
          Priority: P2
         Component: nptl
          Assignee: unassigned at sourceware dot org
          Reporter: hjl.tools at gmail dot com
                CC: drepper.fsp at gmail dot com
  Target Milestone: ---

nptl has

/* Opcodes and data types for communication with the signal handler to
   change user/group IDs.  */
struct xid_command
{
  int syscall_no;
  long int id[3];
  volatile int cntr;
  volatile int error; /* -1: no call yet, 0: success seen, >0: error seen.  */
};

 /* This must be last, otherwise the current thread might not have
     permissions to send SIGSETXID syscall to the other threads.  */
  result = INTERNAL_SYSCALL_NCS (cmdp->syscall_no, 3,
                                 cmdp->id[0], cmdp->id[1], cmdp->id[2]);

But arguments of some SETXID syscals are pointers:

       int setgroups(size_t size, const gid_t *list);

which aren't handled properly.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/26248] Incorrect argument types for INLINE_SETXID_SYSCALL

[fweimer at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=26248

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |fweimer at redhat dot com

--- Comment #1 from Florian Weimer <fweimer at redhat dot com> ---
Is the issue that pointers-as-long are incorrectly sign-extended on x32?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/26248] Incorrect argument types for INLINE_SETXID_SYSCALL

[aurelien at aurel32 dot net]

https://sourceware.org/bugzilla/show_bug.cgi?id=26248

Aurelien Jarno <aurelien at aurel32 dot net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |aurelien at aurel32 dot net

--- Comment #2 from Aurelien Jarno <aurelien at aurel32 dot net> ---
Created attachment 12703
  --> https://sourceware.org/bugzilla/attachment.cgi?id=12703&action=edit
Reproducer for the issue

Please find attached a small reproducer for the issue. Compile it with "gcc
-mx32 -o setgroups-x32 setgroups-x32.c -lpthread". Running it as root returns:

# ./setgroups-x32 
setgroups failed: Bad address

It runs successfully with commit df76ff3a446a787a95cf74cb15c285464d73a93d
reverted.

(Note that this commit has been backported in 2.30 and 2.31).

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/26248] Incorrect argument types for INLINE_SETXID_SYSCALL

[aurelien at aurel32 dot net]

https://sourceware.org/bugzilla/show_bug.cgi?id=26248

Aurelien Jarno <aurelien at aurel32 dot net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                URL|                            |https://bugs.debian.org/cgi
                   |                            |-bin/bugreport.cgi?bug=9650
                   |                            |91

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/26248] Incorrect argument types for INLINE_SETXID_SYSCALL

[hjl.tools at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=26248

H.J. Lu <hjl.tools at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|---                         |2.32
           Assignee|unassigned at sourceware dot org   |hjl.tools at gmail dot com

--- Comment #3 from H.J. Lu <hjl.tools at gmail dot com> ---
A patch is posted at

https://sourceware.org/pipermail/libc-alpha/2020-July/116388.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/26248] Incorrect argument types for INLINE_SETXID_SYSCALL

[schwab@linux-m68k.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=26248

--- Comment #4 from Andreas Schwab <schwab@linux-m68k.org> ---
Is this fixed already?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/26248] Incorrect argument types for INLINE_SETXID_SYSCALL

[carlos at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=26248

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
                 CC|                            |carlos at redhat dot com
             Status|NEW                         |RESOLVED

--- Comment #5 from Carlos O'Donell <carlos at redhat dot com> ---
(In reply to Andreas Schwab from comment #4)
> Is this fixed already?

Yes, fixed with this:

commit 0ad926f34937f7b4843a8b49e5d93199601fe324
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Thu Jul 16 03:37:10 2020 -0700

    nptl: Zero-extend arguments to SETXID syscalls [BZ #26248]

-- 
You are receiving this mail because:
You are on the CC list for the bug.