[packages/gdb.git] / gdb-6.3-security-errata-20050610.patch

http://sourceware.org/ml/gdb-patches/2005-05/threads.html#00637
Proposed upstream but never committed upstream.

2005-06-09  Jeff Johnston  <jjohnstn@redhat.com>

        * gdb.base/gdbinit.exp: New testcase.
        * gdb.base/gdbinit.sample: Sample .gdbinit for gdbinit.exp.

2005-06-08  Daniel Jacobowitz  <dan@codesourcery.com>
            Jeff Johnston  <jjohnstn@redhat.com>

        * Makefile.in (cli-cmds.o): Update.
        * configure.in: Add check for getuid.
        * configure: Regenerated.
        * config.in: Ditto.
        * main.c (captured_main): Pass -1 to source_command when loading
        gdbinit files.
        * cli/cli-cmds.c: Include "gdb_stat.h" and <fcntl.h>.
        (source_command): Update documentation.  Check permissions if
        FROM_TTY is -1.

Index: gdb-6.8.50.20090226/gdb/cli/cli-cmds.c
===================================================================
--- gdb-6.8.50.20090226.orig/gdb/cli/cli-cmds.c	2009-02-27 00:04:32.000000000 +0100
+++ gdb-6.8.50.20090226/gdb/cli/cli-cmds.c	2009-02-28 07:17:49.000000000 +0100
@@ -36,6 +36,7 @@
 #include "objfiles.h"
 #include "source.h"
 #include "disasm.h"
+#include "gdb_stat.h"
 
 #include "ui-out.h"
 
@@ -466,7 +467,7 @@ source_script (char *file, int from_tty)
 
   if (fd == -1)
     {
-      if (from_tty)
+      if (from_tty > 0)
 	perror_with_name (file);
       else
 	{
@@ -475,6 +476,29 @@ source_script (char *file, int from_tty)
 	}
     }
 
+#ifdef HAVE_GETUID
+  if (from_tty == -1)
+    {
+      struct stat statbuf;
+
+      if (fstat (fd, &statbuf) < 0)
+	{
+	  close (fd);
+	  /* Do not do_cleanups (old_cleanups) as FILE is allocated there.
+	     perror_with_name calls error which should call the cleanups.  */
+	  perror_with_name (file);
+	}
+      if (statbuf.st_uid != getuid () || (statbuf.st_mode & S_IWOTH))
+	{
+	  /* FILE gets freed by do_cleanups (old_cleanups).  */
+	  warning (_("not using untrusted file \"%s\""), file);
+	  close (fd);
+	  do_cleanups (old_cleanups);
+	  return;
+	}
+    }
+#endif
+
   is_python = source_python;
   if (strlen (file) > 3 && !strcmp (&file[strlen (file) - 3], ".py"))
     is_python = 1;
@@ -486,6 +510,7 @@ source_script (char *file, int from_tty)
   else
     script_from_file (stream, file);
 
+  /* FILE gets freed by do_cleanups (old_cleanups).  */
   do_cleanups (old_cleanups);
 }
 
Index: gdb-6.8.50.20090226/gdb/testsuite/gdb.base/gdbinit.exp
===================================================================
--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ gdb-6.8.50.20090226/gdb/testsuite/gdb.base/gdbinit.exp	2009-02-28 07:15:57.000000000 +0100
@@ -0,0 +1,98 @@
+#   Copyright 2005
+#   Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+# Please email any bugs, comments, and/or additions to this file to:
+# bug-gdb@prep.ai.mit.edu
+
+# This file was written by Jeff Johnston <jjohnstn@redhat.com>.
+
+if $tracelevel then {
+    strace $tracelevel
+}
+
+set prms_id 0
+set bug_id 0
+
+# are we on a target board
+if [is_remote target] {
+    return
+}
+
+
+global verbose
+global GDB
+global GDBFLAGS
+global gdb_prompt
+global timeout
+global gdb_spawn_id;
+
+gdb_stop_suppressing_tests;
+
+verbose "Spawning $GDB -nw"
+
+if [info exists gdb_spawn_id] {
+    return 0;
+}
+
+if ![is_remote host] {
+   if { [which $GDB] == 0 } then {
+        perror "$GDB does not exist."
+        exit 1
+    }
+}
+
+set env(HOME) [pwd]
+remote_exec build "rm .gdbinit"
+remote_exec build "cp ${srcdir}/${subdir}/gdbinit.sample .gdbinit"
+remote_exec build "chmod 646 .gdbinit"
+
+set res [remote_spawn host "$GDB -nw [host_info gdb_opts]"];
+if { $res < 0 || $res == "" } {
+    perror "Spawning $GDB failed."
+    return 1;
+}
+gdb_expect 360 {
+    -re "warning: not using untrusted file.*\.gdbinit.*\[\r\n\]$gdb_prompt $" {
+        pass "untrusted .gdbinit caught."
+    }
+    -re "$gdb_prompt $"     {
+        fail "untrusted .gdbinit caught."
+    }
+    timeout {
+        fail "(timeout) untrusted .gdbinit caught."
+    }
+}
+
+remote_exec build "chmod 644 .gdbinit"
+set res [remote_spawn host "$GDB -nw [host_info gdb_opts]"];
+if { $res < 0 || $res == "" } {
+    perror "Spawning $GDB failed."
+    return 1;
+}
+gdb_expect 360 {
+    -re "warning: not using untrusted file.*\.gdbinit.*\[\r\n\]$gdb_prompt $" {
+        fail "trusted .gdbinit allowed."
+    }
+    -re "in gdbinit.*$gdb_prompt $"     {
+        pass "trusted .gdbinit allowed."
+    }
+    timeout {
+        fail "(timeout) trusted .gdbinit allowed."
+    }
+}
+
+remote_exec build "rm .gdbinit"
Index: gdb-6.8.50.20090226/gdb/testsuite/gdb.base/gdbinit.sample
===================================================================
--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ gdb-6.8.50.20090226/gdb/testsuite/gdb.base/gdbinit.sample	2009-02-28 07:15:57.000000000 +0100
@@ -0,0 +1 @@
+echo "\nin gdbinit"
Index: gdb-6.8.50.20090226/gdb/main.c
===================================================================
--- gdb-6.8.50.20090226.orig/gdb/main.c	2009-02-27 00:04:32.000000000 +0100
+++ gdb-6.8.50.20090226/gdb/main.c	2009-02-28 07:15:57.000000000 +0100
@@ -855,7 +855,7 @@ Excess command line arguments ignored. (
      debugging or what directory you are in.  */
 
   if (home_gdbinit && !inhibit_gdbinit)
-    catch_command_errors (source_script, home_gdbinit, 0, RETURN_MASK_ALL);
+    catch_command_errors (source_script, home_gdbinit, -1, RETURN_MASK_ALL);
 
   /* Now perform all the actions indicated by the arguments.  */
   if (cdarg != NULL)
@@ -924,7 +924,7 @@ Can't attach to process and specify a co
   /* Read the .gdbinit file in the current directory, *if* it isn't
      the same as the $HOME/.gdbinit file (it should exist, also).  */
   if (local_gdbinit && !inhibit_gdbinit)
-    catch_command_errors (source_script, local_gdbinit, 0, RETURN_MASK_ALL);
+    catch_command_errors (source_script, local_gdbinit, -1, RETURN_MASK_ALL);
 
   for (i = 0; i < ncmd; i++)
     {
Commit	Line	Data
3a58abaf AM	1	http://sourceware.org/ml/gdb-patches/2005-05/threads.html#00637
	2	Proposed upstream but never committed upstream.
	3
	4	2005-06-09 Jeff Johnston <jjohnstn@redhat.com>
	5
	6	* gdb.base/gdbinit.exp: New testcase.
	7	* gdb.base/gdbinit.sample: Sample .gdbinit for gdbinit.exp.
	8
	9	2005-06-08 Daniel Jacobowitz <dan@codesourcery.com>
	10	Jeff Johnston <jjohnstn@redhat.com>
	11
	12	* Makefile.in (cli-cmds.o): Update.
	13	* configure.in: Add check for getuid.
	14	* configure: Regenerated.
	15	* config.in: Ditto.
	16	* main.c (captured_main): Pass -1 to source_command when loading
	17	gdbinit files.
	18	* cli/cli-cmds.c: Include "gdb_stat.h" and <fcntl.h>.
	19	(source_command): Update documentation. Check permissions if
	20	FROM_TTY is -1.
	21
	22	Index: gdb-6.8.50.20090226/gdb/cli/cli-cmds.c
	23	===================================================================
	24	--- gdb-6.8.50.20090226.orig/gdb/cli/cli-cmds.c 2009-02-27 00:04:32.000000000 +0100
	25	+++ gdb-6.8.50.20090226/gdb/cli/cli-cmds.c 2009-02-28 07:17:49.000000000 +0100
	26	@@ -36,6 +36,7 @@
	27	#include "objfiles.h"
	28	#include "source.h"
	29	#include "disasm.h"
	30	+#include "gdb_stat.h"
	31
	32	#include "ui-out.h"
	33
	34	@@ -466,7 +467,7 @@ source_script (char *file, int from_tty)
	35
	36	if (fd == -1)
	37	{
	38	- if (from_tty)
	39	+ if (from_tty > 0)
	40	perror_with_name (file);
	41	else
	42	{
	43	@@ -475,6 +476,29 @@ source_script (char *file, int from_tty)
	44	}
	45	}
	46
	47	+#ifdef HAVE_GETUID
	48	+ if (from_tty == -1)
	49	+ {
	50	+ struct stat statbuf;
	51	+
	52	+ if (fstat (fd, &statbuf) < 0)
	53	+ {
	54	+ close (fd);
	55	+ /* Do not do_cleanups (old_cleanups) as FILE is allocated there.
	56	+ perror_with_name calls error which should call the cleanups. */
	57	+ perror_with_name (file);
	58	+ }
	59	+ if (statbuf.st_uid != getuid () \|\| (statbuf.st_mode & S_IWOTH))
	60	+ {
	61	+ /* FILE gets freed by do_cleanups (old_cleanups). */
	62	+ warning (_("not using untrusted file \"%s\""), file);
	63	+ close (fd);
	64	+ do_cleanups (old_cleanups);
65	+ return;
66	+ }
67	+ }
68	+#endif
69	+
70	is_python = source_python;
71	if (strlen (file) > 3 && !strcmp (&file[strlen (file) - 3], ".py"))
72	is_python = 1;
73	@@ -486,6 +510,7 @@ source_script (char *file, int from_tty)
74	else
75	script_from_file (stream, file);
76
77	+ /* FILE gets freed by do_cleanups (old_cleanups). */
78	do_cleanups (old_cleanups);
79	}
80
81	Index: gdb-6.8.50.20090226/gdb/testsuite/gdb.base/gdbinit.exp
82	===================================================================
83	--- /dev/null 1970-01-01 00:00:00.000000000 +0000
84	+++ gdb-6.8.50.20090226/gdb/testsuite/gdb.base/gdbinit.exp 2009-02-28 07:15:57.000000000 +0100
85	@@ -0,0 +1,98 @@
86	+# Copyright 2005
87	+# Free Software Foundation, Inc.
88	+
89	+# This program is free software; you can redistribute it and/or modify
90	+# it under the terms of the GNU General Public License as published by
91	+# the Free Software Foundation; either version 2 of the License, or
92	+# (at your option) any later version.
93	+#
94	+# This program is distributed in the hope that it will be useful,
95	+# but WITHOUT ANY WARRANTY; without even the implied warranty of
96	+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
97	+# GNU General Public License for more details.
98	+#
99	+# You should have received a copy of the GNU General Public License
100	+# along with this program; if not, write to the Free Software
101	+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
102	+
103	+# Please email any bugs, comments, and/or additions to this file to:
104	+# bug-gdb@prep.ai.mit.edu
105	+
106	+# This file was written by Jeff Johnston <jjohnstn@redhat.com>.
107	+
108	+if $tracelevel then {
109	+ strace $tracelevel
110	+}
111	+
112	+set prms_id 0
113	+set bug_id 0
114	+
115	+# are we on a target board
116	+if [is_remote target] {
117	+ return
118	+}
119	+
120	+
121	+global verbose
122	+global GDB
123	+global GDBFLAGS
124	+global gdb_prompt
125	+global timeout
126	+global gdb_spawn_id;
127	+
128	+gdb_stop_suppressing_tests;
129	+
130	+verbose "Spawning $GDB -nw"
131	+
132	+if [info exists gdb_spawn_id] {
133	+ return 0;
134	+}
135	+
136	+if ![is_remote host] {
137	+ if { [which $GDB] == 0 } then {
138	+ perror "$GDB does not exist."
139	+ exit 1
140	+ }
141	+}
142	+
143	+set env(HOME) [pwd]
144	+remote_exec build "rm .gdbinit"
145	+remote_exec build "cp ${srcdir}/${subdir}/gdbinit.sample .gdbinit"
146	+remote_exec build "chmod 646 .gdbinit"
147	+
148	+set res [remote_spawn host "$GDB -nw [host_info gdb_opts]"];
149	+if { $res < 0 \|\| $res == "" } {
150	+ perror "Spawning $GDB failed."
151	+ return 1;
152	+}
153	+gdb_expect 360 {
154	+ -re "warning: not using untrusted file.\.gdbinit.\[\r\n\]$gdb_prompt $" {
155	+ pass "untrusted .gdbinit caught."
156	+ }
157	+ -re "$gdb_prompt $" {
158	+ fail "untrusted .gdbinit caught."
159	+ }
160	+ timeout {
161	+ fail "(timeout) untrusted .gdbinit caught."
162	+ }
163	+}
164	+
165	+remote_exec build "chmod 644 .gdbinit"
166	+set res [remote_spawn host "$GDB -nw [host_info gdb_opts]"];
167	+if { $res < 0 \|\| $res == "" } {
168	+ perror "Spawning $GDB failed."
169	+ return 1;
170	+}
171	+gdb_expect 360 {
172	+ -re "warning: not using untrusted file.\.gdbinit.\[\r\n\]$gdb_prompt $" {
173	+ fail "trusted .gdbinit allowed."
174	+ }
175	+ -re "in gdbinit.*$gdb_prompt $" {
176	+ pass "trusted .gdbinit allowed."
177	+ }
178	+ timeout {
179	+ fail "(timeout) trusted .gdbinit allowed."
180	+ }
181	+}
182	+
183	+remote_exec build "rm .gdbinit"
184	Index: gdb-6.8.50.20090226/gdb/testsuite/gdb.base/gdbinit.sample
185	===================================================================
186	--- /dev/null 1970-01-01 00:00:00.000000000 +0000
187	+++ gdb-6.8.50.20090226/gdb/testsuite/gdb.base/gdbinit.sample 2009-02-28 07:15:57.000000000 +0100
188	@@ -0,0 +1 @@
189	+echo "\nin gdbinit"
190	Index: gdb-6.8.50.20090226/gdb/main.c
191	===================================================================
192	--- gdb-6.8.50.20090226.orig/gdb/main.c 2009-02-27 00:04:32.000000000 +0100
193	+++ gdb-6.8.50.20090226/gdb/main.c 2009-02-28 07:15:57.000000000 +0100
194	@@ -855,7 +855,7 @@ Excess command line arguments ignored. (
195	debugging or what directory you are in. */
196
197	if (home_gdbinit && !inhibit_gdbinit)
198	- catch_command_errors (source_script, home_gdbinit, 0, RETURN_MASK_ALL);
199	+ catch_command_errors (source_script, home_gdbinit, -1, RETURN_MASK_ALL);
200
201	/* Now perform all the actions indicated by the arguments. */
202	if (cdarg != NULL)
203	@@ -924,7 +924,7 @@ Can't attach to process and specify a co
204	/* Read the .gdbinit file in the current directory, if it isn't
205	the same as the $HOME/.gdbinit file (it should exist, also). */
206	if (local_gdbinit && !inhibit_gdbinit)
207	- catch_command_errors (source_script, local_gdbinit, 0, RETURN_MASK_ALL);
208	+ catch_command_errors (source_script, local_gdbinit, -1, RETURN_MASK_ALL);
209
210	for (i = 0; i < ncmd; i++)
211	{