dbus-sysdeps-unix: don't add (uid_t)-1 to creds (!464) · Merge requests · dbus / dbus

Alyssa Ross requested to merge qyliss/dbus:uid_t into master Jul 22, 2024

If I set a breakpoint on the call to _dbus_credentials_add_unix_uid further down in this function and run the loopback test, I can see that sometimes it's getting called with a uid of 4294967295. This is not intended, but happens because the -1 value returned from SO_PEERCRED is interpreted as a uid of 4294967295, because if uid_t is unsigned, it won't be sign extended when assigned to uid_read.

As far as I can tell, every other API used in this function to get uid/gid on some system returns an error when there's no credential information (e.g. on a non-unix socket), rather than returning -1, so they shouldn't have to do this check.

Fixes: 01af5ff4 ("add credentials support, add EXTERNAL auth mechanism")
Signed-off-by: Alyssa Ross hi@alyssa.is

Edited Jul 22, 2024 by Alyssa Ross

Admin message

dbus-sysdeps-unix: don't add (uid_t)-1 to creds

Merge request reports