Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #70241 > unrolled thread

Re:Python, Linux, and the setuid bit

Started byDave Angel <davea@davea.name>
First post2014-04-14 21:33 -0400
Last post2014-04-15 15:05 +0000
Articles 2 — 2 participants

Back to article view | Back to comp.lang.python

This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by below is the oldest one visible, not the original post.

Contents

  Re:Python, Linux, and the setuid bit Dave Angel <davea@davea.name> - 2014-04-14 21:33 -0400
    Re: Python, Linux, and the setuid bit Grant Edwards <invalid@invalid.invalid> - 2014-04-15 15:05 +0000

#70241 — Re:Python, Linux, and the setuid bit

FromDave Angel <davea@davea.name>
Date2014-04-14 21:33 -0400
SubjectRe:Python, Linux, and the setuid bit
Message-ID<mailman.9263.1397525297.18130.python-list@python.org>
Ethan Furman <ethan@stoneleaf.us> Wrote in message:
> For anyone in the unenviable position of needing [1] to run Python scripts with the setuid bit on, there is an 
> suid-python wrapper [2] that makes this possible.
> 
> When I compiled it I was given a couple warnings.  Can any one shed light on what they mean?
> 
> ==================================================================
> suid-python.c: In function �malloc_abort�:
> suid-python.c:119:17: warning: format �%d� expects argument of type �int�, but argument 3 has type �size_t� [-Wformat]
> suid-python.c: In function �remove_env_prefix�:
> suid-python.c:200:32: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
> suid-python.c:201:32: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
> ==================================================================
> 
> and the code segments in question:
> 
> ==================================================================
> void *
> malloc_abort(size_t size)
> {
>      void *buf;
> 
>      buf = malloc(size);
>      if (!buf)
>      {
>          fprintf(stderr, "Could not allocate %d bytes.  errno=%d\n",
>                  size, errno);

Your variable 'size' is declared as size_t, which is an integer
 the size of a pointer. Not necessarily the same as an int. But if
 your size is reasonable,  no harm done. The correct fix is to use
 some other format rather than % d, I forget what one. Second
 choice is to cast to an int. Third lousy choice,  ignore the
 warning. 


>          exit(1);
>      }
> 
>      return buf;
> }
> ------------------------------------------------------------------
> int
> remove_env_prefix(char **envp, char *prefix)
> {
>      char **envp_read;
>      char **envp_write;
>      int prefix_len = strlen(prefix);
>      int removed_count = 0;
> 
>      envp_write = envp;
>      for (envp_read = envp; *envp_read; envp_read++)
>      {
>          if (!strncmp(*envp_read, prefix, prefix_len))
>          {
>              /* Step past the environment variable that we don't want. */
>              removed_count++;
>              continue;
>          }
> 
>          if (envp_read != envp_write)
>          {
>              *envp_write = *envp_read;
>          }
> 
>          envp_write++;
>      }
> 
>      /* Set the remaining slots to NULL. */
>      if (envp_write < envp_read)
>      {
>          memset(envp_write, 0, ((unsigned int) envp_read -
>                                 (unsigned int) envp_write));

(you really should have put a comment,  so we'd know this is line
 200, 201)

It's incorrect to cast each pointer to an int, but not the
 difference of two pointers.  Subtract the first,  then cast if
 you must.  But the difference of two pointers is type ptr_diff,
 and that should already be the type mem set is expecting.
 

>
> 
> 


-- 
DaveA

[toc] | [next] | [standalone]

#70271

FromGrant Edwards <invalid@invalid.invalid>
Date2014-04-15 15:05 +0000
Message-ID<lijhrl$709$1@reader1.panix.com>
In reply to#70241
On 2014-04-15, Dave Angel <davea@davea.name> wrote:

> Your variable 'size' is declared as size_t, which is an integer
> the size of a pointer.

While that may always be true in practice (at least with gcc), I don't
think the C standard requires it.  size_t is guaranteed to be unsigned
with at least 16 bits and sufficiently wide to represent the size of
any object.  It might be possible, in theory, to have an architecture
that used 64-bit pointers but restricted each data space to 32-bits
and therefore could use 32-bit values for size_t.

If you want to declare an integer the size of a pointer, then the
choices are intptr_t (signed), uintptr_t (unsigned), and ptrdiff_t
(signed value representing the difference between to pointers). 

> Not necessarily the same as an int.

Indeed.

-- 
Grant Edwards               grant.b.edwards        Yow! Is something VIOLENT
                                  at               going to happen to a
                              gmail.com            GARBAGE CAN?

[toc] | [prev] | [standalone]

Back to top | Article view | comp.lang.python

csiph-web