Re: [libvirt] [PATCH] util: portably check for unchanged uid
On 03/14/2013 06:35 PM, Eric Blake wrote:
We've already scrubbed for comparisons of 'uid_t == -1'
(which fail
on platforms where uid_t is a u16), but another one snuck in.
ACK (and sorry for the botched "bugfix" :-/)
* src/util/virutil.c (virSetUIDGIDWithCaps): Correct uid comparison.
* cfg.mk (sc_prohibit_risky_id_promotion): New rule.
---
cfg.mk | 6 ++++++
src/util/virutil.c | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/cfg.mk b/cfg.mk
index b95a90b..394521e 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -389,6 +389,12 @@ sc_prohibit_setuid:
halt='use virSetUIDGID, not raw set*id' \
$(_sc_search_regexp)
+# Don't compare *id_t against raw -1.
+sc_prohibit_risky_id_promotion:
+ @prohibit='\b(user|group|[ug]id) *[=!]= *-' \
+ halt='cast -1 to ([ug]id_t) before comparing against id' \
+ $(_sc_search_regexp)
+
As we discussed on IRC, I'm slightly concerned about false positives
when user, group, or [gu]id is used as something other than [gu]id_t,
but the most common case of this would be for a char*, and I doubt we
would ever be comparing a char* with !=, so I think it's okay (certainly
better than the alternative of pushing a release only to find that we
don't compile on some platform).