libsandbox: fix ptrace decode of utimensat

The ptrace code skipped one too many arguments when decoding the utimensat
syscall which caused random utils to fail with garbage paths.

URL: http://bugs.gentoo.org/288227
Reported-by: RB <aoz.syn@gmail.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>

16 files changed, 81 insertions, 1 deletions

diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index d669fc9..2fd33cd 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -327,7 +327,7 @@ static bool trace_check_syscall(const struct syscall_entry *se, void *regs)
 	else if (nr == SB_NR_UNLINKAT)  return  trace_check_syscall_DCF(&state);
 	else if (nr == SB_NR_UTIME)     return  trace_check_syscall_C  (&state);
 	else if (nr == SB_NR_UTIMES)    return  trace_check_syscall_C  (&state);
-	else if (nr == SB_NR_UTIMENSAT) return _trace_check_syscall_DCF(&state, 2);
+	else if (nr == SB_NR_UTIMENSAT) return _trace_check_syscall_DCF(&state, 1);
 
 	else if (nr == SB_NR_ACCESS) {
 		char *path = do_peekstr(trace_arg(regs, 1));
diff --git a/tests/Makefile.am b/tests/Makefile.am
index a5ebd8b..6405bc6 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -27,6 +27,7 @@ check_PROGRAMS = \
 	lchown-0 \
 	link-0 \
 	linkat-0 \
+	linkat_static-0 \
 	lutimes-0 \
 	mkdir-0 \
 	mkdir_static-0 \
@@ -53,6 +54,7 @@ check_PROGRAMS = \
 	unlinkat-0 \
 	utime-0 \
 	utimensat-0 \
+	utimensat_static-0 \
 	utimes-0 \
 	vfork-0 \
 	\
diff --git a/tests/linkat-2.sh b/tests/linkat-2.sh
new file mode 100755
index 0000000..9574070
--- /dev/null
+++ b/tests/linkat-2.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+# basic functionality check (violations are caught)
+
+addwrite $PWD
+touch file || exit 1
+
+adddeny $PWD
+export SANDBOX_LOG=$PWD/sb.log
+linkat-0 -1,EACCES AT_FDCWD file AT_FDCWD file-linked 0 || exit 1
+test -s sb.log
diff --git a/tests/linkat.at b/tests/linkat.at
index 081d7d2..d364b4b 100644
--- a/tests/linkat.at
+++ b/tests/linkat.at
@@ -1 +1,2 @@
 SB_CHECK(1)
+SB_CHECK(2)
diff --git a/tests/linkat_static-0.c b/tests/linkat_static-0.c
new file mode 100644
index 0000000..946fd1c
--- /dev/null
+++ b/tests/linkat_static-0.c
@@ -0,0 +1 @@
+#include "linkat-0.c"
diff --git a/tests/linkat_static-1.sh b/tests/linkat_static-1.sh
new file mode 100755
index 0000000..921d9d2
--- /dev/null
+++ b/tests/linkat_static-1.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+# basic functionality check
+[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
+
+addwrite $PWD
+
+touch file || exit 1
+linkat_static-0 0 AT_FDCWD file AT_FDCWD link 0 || exit 1
+[ -e file -a -e link ]
diff --git a/tests/linkat_static-2.sh b/tests/linkat_static-2.sh
new file mode 100755
index 0000000..5a3d64b
--- /dev/null
+++ b/tests/linkat_static-2.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+# basic functionality check (violations are caught)
+[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
+
+addwrite $PWD
+touch file || exit 1
+
+adddeny $PWD
+export SANDBOX_LOG=$PWD/sb.log
+# we cant check exit status as ptrace code kills child
+linkat-0 -1,EACCES AT_FDCWD file AT_FDCWD file-linked 0 #|| exit 1
+test -s sb.log
diff --git a/tests/linkat_static.at b/tests/linkat_static.at
new file mode 100644
index 0000000..d364b4b
--- /dev/null
+++ b/tests/linkat_static.at
@@ -0,0 +1,2 @@
+SB_CHECK(1)
+SB_CHECK(2)
diff --git a/tests/testsuite.at b/tests/testsuite.at
index 5dca09a..846dc80 100644
--- a/tests/testsuite.at
+++ b/tests/testsuite.at
@@ -14,6 +14,7 @@ sb_inc([lchown])
 sb_inc([libsigsegv])
 sb_inc([link])
 sb_inc([linkat])
+sb_inc([linkat_static])
 sb_inc([mkdir])
 sb_inc([mkdir_static])
 sb_inc([mkdirat])
@@ -32,4 +33,6 @@ sb_inc([script])
 sb_inc([signal_static])
 sb_inc([symlink])
 sb_inc([symlinkat])
+sb_inc([utimensat])
+sb_inc([utimensat_static])
 sb_inc([vfork])
diff --git a/tests/utimensat-1.sh b/tests/utimensat-1.sh
new file mode 100755
index 0000000..068719e
--- /dev/null
+++ b/tests/utimensat-1.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+# basic functionality check
+
+addwrite $PWD
+
+touch -r / file || exit 1
+utimensat-0 0 AT_FDCWD . NULL 0 || exit 1
+utimensat-0 0 AT_FDCWD file NULL 0 || exit 1
+[ file -nt / ]
diff --git a/tests/utimensat-2.sh b/tests/utimensat-2.sh
new file mode 100755
index 0000000..110da4e
--- /dev/null
+++ b/tests/utimensat-2.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+# basic functionality check (violations are caught)
+
+adddeny $PWD
+export SANDBOX_LOG=$PWD/sb.log
+utimensat-0 -1,EACCES AT_FDCWD . NULL 0 || exit 1
+test -s sb.log
diff --git a/tests/utimensat.at b/tests/utimensat.at
new file mode 100644
index 0000000..d364b4b
--- /dev/null
+++ b/tests/utimensat.at
@@ -0,0 +1,2 @@
+SB_CHECK(1)
+SB_CHECK(2)
diff --git a/tests/utimensat_static-0.c b/tests/utimensat_static-0.c
new file mode 100644
index 0000000..e9d5ab4
--- /dev/null
+++ b/tests/utimensat_static-0.c
@@ -0,0 +1 @@
+#include "utimensat-0.c"
diff --git a/tests/utimensat_static-1.sh b/tests/utimensat_static-1.sh
new file mode 100755
index 0000000..1bf468a
--- /dev/null
+++ b/tests/utimensat_static-1.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+# basic functionality check
+[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
+
+addwrite $PWD
+
+touch -r / file || exit 1
+utimensat_static-0 0 AT_FDCWD . NULL 0 || exit 1
+utimensat_static-0 0 AT_FDCWD file NULL 0 || exit 1
+[ file -nt / ]
diff --git a/tests/utimensat_static-2.sh b/tests/utimensat_static-2.sh
new file mode 100755
index 0000000..8f190fd
--- /dev/null
+++ b/tests/utimensat_static-2.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+# basic functionality check (violations are caught)
+[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
+
+adddeny $PWD
+export SANDBOX_LOG=$PWD/sb.log
+# we cant check exit status as ptrace code kills child
+utimensat_static-0 -1,EACCES AT_FDCWD . NULL 0 #|| exit 1
+test -s sb.log
diff --git a/tests/utimensat_static.at b/tests/utimensat_static.at
new file mode 100644
index 0000000..d364b4b
--- /dev/null
+++ b/tests/utimensat_static.at
@@ -0,0 +1,2 @@
+SB_CHECK(1)
+SB_CHECK(2)