[LTP] [PATCH 4/4] syscalls/add_key03: new test for forging user keyrings

public inbox for ltp@lists.linux.it
 help / color / mirror / Atom feed

From: Cyril Hrubis <chrubis@suse.cz>
To: ltp@lists.linux.it
Subject: [LTP] [PATCH 4/4] syscalls/add_key03: new test for forging user keyrings
Date: Wed, 11 Oct 2017 15:53:31 +0200	[thread overview]
Message-ID: <20171011135330.GD15968@rei> (raw)
In-Reply-To: <20171011134748.GC15968@rei>

Hi!
> > +static void do_test(void)
> > +{
> > +	int i;
> > +
> > +	/*
> > +	 * Try with multiple user IDs before reporting success.  By chance, some
> > +	 * users may already have an existing user keyring; the bug will not be
> > +	 * reproducible for them.
> > +	 */
> > +	for (i = 0; i < 10; i++) {
> > +		char description[32];
> > +		uid_t uid;
> > +		key_serial_t fake_user_keyring;
> > +		key_serial_t fake_user_session_keyring;
> > +
> > +		uid = rand();
> > +		if (uid == 0)
> > +			continue;
> 
> We have testcases that look for unused uid with this loop:
> 
> 	for (i = 1; i < 1000; i++) {
> 		if (!getpwuid(i))
> 			return i;
> 	}
> 
> What about using this instead of doing 10 random tries?

Or even better try to get the keyring as an user and proceed with the
test if there is none?

-- 
Cyril Hrubis
chrubis@suse.cz

     prev parent reply	other threads:[~2017-10-11 13:53 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-10-10 17:51 [LTP] [PATCH 0/4] ltp: add tests for some recently-fixed keyrings bugs Eric Biggers
2017-10-10 17:51 ` [LTP] [PATCH 1/4] lapi/keyctl.h: add a few missing definitions Eric Biggers
2017-10-10 17:51 ` [LTP] [PATCH 2/4] syscalls/keyctl06: new test for keyring_read() buffer overrun Eric Biggers
2017-10-10 17:51 ` [LTP] [PATCH 3/4] syscalls/keyctl07: new test for oops when reading negative key Eric Biggers
2017-10-10 17:51 ` [LTP] [PATCH 4/4] syscalls/add_key03: new test for forging user keyrings Eric Biggers
2017-10-11 13:47   ` Cyril Hrubis
2017-10-11 13:53     ` Cyril Hrubis [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171011135330.GD15968@rei \
    --to=chrubis@suse.cz \
    --cc=ltp@lists.linux.it \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox