Busybox awk throws glibc failure if using standalone/preferred applet feature
Tito
farmatito at tiscali.it
Sun Aug 12 16:22:35 UTC 2012
On Sunday 12 August 2012 16:09:52 Harald Becker wrote:
> Hi Tito !
>
> >can you run it again after disabling ENABLE_FEATURE_SUID_CONFIG
> >just to be sure, as in this case there should be no error.
>
> Ok, fresh compile with CONFIG_FEATURE_SUID_CONFIG disabled: No error as
> you expected.
>
> >This would narrow down our search.
>
> Sure. Ask for any information which would help to find the reason for
> my current trouble.
>
> >If I understood correctly the bug is triggered when:
> >/etc/busybox.conf -rw-r--r--
> >and is not triggered when
> >/etc/busybox.conf -rw-------
>
> Not completely correct, lets explicitly check the cases:
>
Hi,
could not replicate it however I tried.
In http://www.softforge.de/bb/suid.html however i read:
"Format of /etc/busybox.conf:
The file has to be owned by user root, group root and has to be writeable only by root (chown 0.0; chmod 600;). "
> busybox.conf -rw-r--r-- with no entry for awk
> direct call -> bug
> with strace -> bug
> busybox.conf -rw-r--r-- with entry "awk = xxx root.root"
> direct call -> NO bug
> with strace -> NO bug
>
In the above cases:
I suppose the missing of the entry leeds to some free error.
By intuition I would check (comment out for testing) llist_free at the end of
parse_config_file(void) in libbb/appletlib.c
(or maybe try sct_head = xzalloc(sizeof(*sct_head)) at the beginning of parse_config_file).
Another candidate is list_free at the end of check_suid(int applet_no).
All this calls to list_free look suspicious to me.
> busybox.conf -rw------- with no entry for awk
> direct call -> bug
same as above
> with strace -> NO bug, "using fallback suid methode"
busybox.conf is not used in this case.
> busybox.conf -rw------- with entry "awk = xxx root.root"
> direct call -> NO bug
same as in first case
> with strace -> NO bug, "using fallback suid methode"
busybox.conf is not used in this case.
> >It is also not triggered if
> >/etc/busybox.conf is missing as in my case
>
> This is correct. In detail:
> direct call -> NO bug, "using fallback suid methode"
> with strace -> NO bug, "using fallback suid methode"
>
So the bug is triggered when /etc/busybox.conf is parsed
and there is no entry for the applet, permissions
seem to be irrelevant.
Ciao,
Tito
> >Just out of curiosity what are your busybox binary permissions?
>
> /bin/busybox installed as:
>
> Owner: root
> Group: 65533 (none)
> Permissions: ---s-----x
>
> ... but:
>
> Owner: root
> Group: root
> Permissions: ---s--x--x
>
> ... make no difference (checked!)
>
> All libraries, etc. installed as:
>
> Owner: root
> Group: root
> Permissions: -rwxr-xr-x
>
> --
> Harald
>
More information about the busybox
mailing list