aboutsummaryrefslogtreecommitdiff
path: root/sysdeps/unix/grantpt.c
diff options
context:
space:
mode:
Diffstat (limited to 'sysdeps/unix/grantpt.c')
-rw-r--r--sysdeps/unix/grantpt.c150
1 files changed, 121 insertions, 29 deletions
diff --git a/sysdeps/unix/grantpt.c b/sysdeps/unix/grantpt.c
index 5d33a515f1..d216baa476 100644
--- a/sysdeps/unix/grantpt.c
+++ b/sysdeps/unix/grantpt.c
@@ -17,65 +17,158 @@
write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. */
+#include <assert.h>
#include <errno.h>
+#include <grp.h>
+#include <limits.h>
#include <stdlib.h>
-#include <unistd.h>
+#include <string.h>
#include <sys/resource.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
+#include <unistd.h>
-#include <assert.h>
+#include "pty-private.h"
+
+
+/* Return the result of ptsname_r in the buffer pointed to by PTS,
+ which should be of length BUF_LEN. If it is too long to fit in
+ this buffer, a sufficiently long buffer is allocated using malloc,
+ and returned in PTS. 0 is returned upon success, -1 otherwise. */
+static int
+pts_name (int fd, char **pts, size_t buf_len)
+{
+ int rv;
+ char *buf = *pts;
+
+ for (;;)
+ {
+ char *new_buf;
+
+ if (buf_len)
+ {
+ rv = ptsname_r (fd, buf, buf_len);
+
+ if (rv != 0 || memchr (buf, '\0', buf_len))
+ /* We either got an error, or we succeeded and the
+ returned name fit in the buffer. */
+ break;
+
+ /* Try again with a longer buffer. */
+ buf_len += buf_len; /* Double it */
+ }
+ else
+ /* No initial buffer; start out by mallocing one. */
+ buf_len = 128; /* First time guess. */
-#include "pty-internal.h"
+ if (buf != *pts)
+ /* We've already malloced another buffer at least once. */
+ new_buf = realloc (buf, buf_len);
+ else
+ new_buf = malloc (buf_len);
+ if (! new_buf)
+ {
+ rv = -1;
+ __set_errno (ENOMEM);
+ break;
+ }
+ buf = new_buf;
+ }
-/* Given a fd on a master pseudoterminal, chown the file associated
- with the slave to the calling process, and set its group and
- mode appropriately. Note that this is an unprivileged operation. */
+ if (rv == 0)
+ *pts = buf; /* Return buffer to the user. */
+ else if (buf != *pts)
+ free (buf); /* Free what we malloced when returning an error. */
-/* This "generic Unix" implementation works because we provide the program
- /usr/libexec/pt_chown, and it only depends on ptsname() working. */
-static const char helper[] = LIBEXECDIR "/pt_chown";
-static const char *const argv[] = { "pt_chown", NULL };
+ return rv;
+}
+/* Change the ownership and access permission of the slave pseudo
+ terminal associated with the master pseudo terminal specified
+ by FD. */
int
-grantpt (fd)
- int fd;
+grantpt (int fd)
{
+#ifdef PATH_MAX
+ char _buf[PATH_MAX];
+#else
+ char _buf[512];
+#endif
+ char *buf = _buf;
struct stat st;
- int w, pid;
- char namebuf[PTYNAMELEN];
-
- /* Some systems do it for us. */
- if (__ptsname_r (fd, namebuf, PTYNAMELEN) != 0)
+ char *grtmpbuf;
+ struct group grbuf;
+ size_t grbuflen = __sysconf (_SC_GETGR_R_SIZE_MAX);
+ struct group *p;
+ uid_t uid;
+ gid_t gid;
+ pid_t pid;
+
+ if (pts_name (fd, &buf, sizeof (_buf)))
return -1;
- if (__xstat (_STAT_VER, namebuf, &st) != 0)
+
+ if (__stat (buf, &st) < 0)
return -1;
- if (st.st_uid == __getuid ())
- return 0;
+ /* Make sure that we own the device. */
+ uid = __getuid ();
+ if (st.st_uid != uid)
+ {
+ if (__chown (buf, uid, st.st_gid) < 0)
+ goto helper;
+ }
+
+ /* Get the group ID of the special `tty' group. */
+ if (grbuflen == -1)
+ /* `sysconf' does not support _SC_GETGR_R_SIZE_MAX.
+ Try a moderate value. */
+ grbuflen = 1024;
+ grtmpbuf = (char *) __alloca (grbuflen);
+ getgrnam_r (TTY_GROUP, &grbuf, grtmpbuf, grbuflen, &p);
+ gid = p ? p->gr_gid : __getgid ();
+
+ /* Make sure the group of the device is that special group. */
+ if (st.st_gid != gid)
+ {
+ if (__chown (buf, uid, gid) < 0)
+ goto helper;
+ }
+
+ /* Make sure the permission mode is set to readable and writable by
+ the owner, and writable by the group. */
+ if ((st.st_mode & ACCESSPERMS) != (S_IRUSR|S_IWUSR|S_IWGRP))
+ {
+ if (__chmod (buf, S_IRUSR|S_IWUSR|S_IWGRP) < 0)
+ goto helper;
+ }
+
+ return 0;
- /* We have to do it in user space. */
+ /* We have to use the helper program. */
+ helper:
pid = __fork ();
if (pid == -1)
return -1;
else if (pid == 0)
{
- /* Disable core dumps in the child. */
- struct rlimit off = { 0, 0 };
- setrlimit (RLIMIT_CORE, &off);
+ /* Disable core dumps. */
+ struct rlimit rl = { 0, 0 };
+ setrlimit (RLIMIT_CORE, &rl);
- /* The helper does its thing on fd PTY_FD. */
- if (fd != PTY_FD)
- if (__dup2 (fd, PTY_FD) == -1)
+ /* We pase the master pseudo terminal as file descriptor PTY_FILENO. */
+ if (fd != PTY_FILENO)
+ if (__dup2 (fd, PTY_FILENO) < 0)
_exit (FAIL_EBADF);
- __execve (helper, (char *const *) argv, 0);
+ execle (_PATH_PT_CHOWN, basename (_PATH_PT_CHOWN), NULL, NULL);
_exit (FAIL_EXEC);
}
else
{
+ int w;
+
if (__waitpid (pid, &w, 0) == -1)
return -1;
if (!WIFEXITED (w))
@@ -106,6 +199,5 @@ grantpt (fd)
}
}
- /* Success. */
return 0;
}