~ chicken-core (chicken-5) 95ea81bdd51c4bebbd2917688deee17ae727bf69
commit 95ea81bdd51c4bebbd2917688deee17ae727bf69
Author: Peter Bex <peter@more-magic.net>
AuthorDate: Fri Sep 24 08:25:07 2021 +0200
Commit: Evan Hanson <evhan@foldling.org>
CommitDate: Sat Sep 25 16:01:41 2021 +1200
Add checks to current user/group id setters in (chicken process-context posix)
Fixes #1787
Signed-off-by: Evan Hanson <evhan@foldling.org>
diff --git a/NEWS b/NEWS
index 3118461b..0ce3a1bd 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,12 @@
+5.3.0rc4
+
+- Core libraries
+ - In (chicken process-context posix), the setters for current-user-id,
+ current-effective-user-id and current-group-id now check that the
+ new user/group value is a fixnum instead of blindly passing it on
+ to the C implementation (which would cause bogus user ids to be set).
+ Fixes #1787, thanks to Christopher Brannon.
+
5.3.0rc3
- Build system
diff --git a/manual/Acknowledgements b/manual/Acknowledgements
index fcaaa92f..8e6ac12b 100644
--- a/manual/Acknowledgements
+++ b/manual/Acknowledgements
@@ -7,8 +7,8 @@ Annis, Jason E. Aten, Marc Baily, Peter Barabas, Andrei Barbu, Jonah
Beckford, Arto Bendiken, Andy Bennett, Kevin Beranek, Peter Bex,
Jean-Francois Bignolles, Oivind Binde, Alaric Blagrave Snell-Pym, Dave
Bodenstab, Fabian Böhlke, T. Kurt Bond, Ashley Bone, Dominique Boucher,
-Terence Brannon, Roy Bryant, Adam Buchbinder, Hans Bulfone, "Category
-5", Taylor Campbell, Naruto Canada, Mark Carter, Esteban U. Caamano
+Christopher Brannon, Terence Brannon, Roy Bryant, Adam Buchbinder, Hans Bulfone,
+"Category 5", Taylor Campbell, Naruto Canada, Mark Carter, Esteban U. Caamano
Castro, Semih Cemiloglu, Alex Charlton, Franklin Chen, Joo ChurlSoo,
Thomas Chust, Gian Paolo Ciceri, Fulvio Ciriaco, Paul Colby, Tobia
Conforto, John Cowan, Grzegorz Chrupala, James Crippen, Evan Hanson,
diff --git a/posixunix.scm b/posixunix.scm
index e8cf8526..019108f1 100644
--- a/posixunix.scm
+++ b/posixunix.scm
@@ -602,6 +602,7 @@ static int set_file_mtime(char *filename, C_word atime, C_word mtime)
(getter-with-setter
(foreign-lambda int "C_getuid")
(lambda (id)
+ (##sys#check-fixnum id 'current-user-id)
(when (fx< (##core#inline "C_setuid" id) 0)
(##sys#update-errno)
(##sys#error 'current-user-id!-setter "cannot set user ID" id) ) )
@@ -611,29 +612,32 @@ static int set_file_mtime(char *filename, C_word atime, C_word mtime)
(getter-with-setter
(foreign-lambda int "C_geteuid")
(lambda (id)
- (when (fx< (##core#inline "C_seteuid" id) 0)
- (##sys#update-errno)
- (##sys#error
- 'effective-user-id!-setter "cannot set effective user ID" id) ) )
+ (##sys#check-fixnum id 'current-effective-user-id)
+ (when (fx< (##core#inline "C_seteuid" id) 0)
+ (##sys#update-errno)
+ (##sys#error
+ 'effective-user-id!-setter "cannot set effective user ID" id) ) )
"(chicken.process-context.posix#current-effective-user-id)"))
(set! chicken.process-context.posix#current-group-id
(getter-with-setter
(foreign-lambda int "C_getgid")
(lambda (id)
- (when (fx< (##core#inline "C_setgid" id) 0)
- (##sys#update-errno)
- (##sys#error 'current-group-id!-setter "cannot set group ID" id) ) )
+ (##sys#check-fixnum id 'current-group-id)
+ (when (fx< (##core#inline "C_setgid" id) 0)
+ (##sys#update-errno)
+ (##sys#error 'current-group-id!-setter "cannot set group ID" id) ) )
"(chicken.process-context.posix#current-group-id)") )
(set! chicken.process-context.posix#current-effective-group-id
(getter-with-setter
(foreign-lambda int "C_getegid")
(lambda (id)
- (when (fx< (##core#inline "C_setegid" id) 0)
- (##sys#update-errno)
- (##sys#error
- 'effective-group-id!-setter "cannot set effective group ID" id) ) )
+ (##sys#check-fixnum id 'current-effective-group-id)
+ (when (fx< (##core#inline "C_setegid" id) 0)
+ (##sys#update-errno)
+ (##sys#error
+ 'effective-group-id!-setter "cannot set effective group ID" id) ) )
"(chicken.process-context.posix#current-effective-group-id)") )
(define-foreign-variable _user-name nonnull-c-string "C_user->pw_name")
Trap