From 6d00cfb2330cb47d00d350eedfbffbbf5991a743 Mon Sep 17 00:00:00 2001
From: Karel Zak
Date: Fri, 12 Jan 2018 11:01:26 +0100
Subject: include/debug: don't print pointer address for SUID programs

* introduce new flag __UL_DEBUG_FL_NOADDR to suppress pointer address printing

* use __UL_DEBUG_FL_NOADDR when SUID

* move ul_debugobj() to debugobj.h, and require UL_DEBUG_CURRENT_MASK
  to provide access to the current mask from ul_debugobj(). It's better
  than modify all ul_debugobj() calls and use the global mask as
  argument.

* remove never used UL_DEBUG_DEFINE_FLAG

Reported-by: halfdog <me@halfdog.net>
Signed-off-by: Karel Zak <kzak@redhat.com>
---
 include/debug.h | 27 +++++++++++----------------
 1 file changed, 11 insertions(+), 16 deletions(-)

(limited to 'include/debug.h')

diff --git a/include/debug.h b/include/debug.h
index 97c0e1f08..07a8dcb2a 100644
--- a/include/debug.h
+++ b/include/debug.h
@@ -49,11 +49,15 @@ struct ul_debug_maskname {
 #define UL_DEBUG_DEFINE_MASKNAMES(m) static const struct ul_debug_maskname m ## _masknames[]
 #define UL_DEBUG_MASKNAMES(m)	m ## _masknames
 
-#define UL_DEBUG_DEFINE_MASK(m) int m ## _debug_mask
+#define UL_DEBUG_MASK(m)         m ## _debug_mask
+#define UL_DEBUG_DEFINE_MASK(m)  int UL_DEBUG_MASK(m)
 #define UL_DEBUG_DECLARE_MASK(m) extern UL_DEBUG_DEFINE_MASK(m)
 
-/* p - flag prefix, m - flag postfix */
-#define UL_DEBUG_DEFINE_FLAG(p, m) p ## m
+/*
+ * Internal mask flags (above 0xffffff)
+ */
+#define __UL_DEBUG_FL_NOADDR	(1 << 24)	/* Don't print object address */
+
 
 /* l - library name, p - flag prefix, m - flag postfix, x - function */
 #define __UL_DBG(l, p, m, x) \
@@ -90,6 +94,10 @@ struct ul_debug_maskname {
 				lib ## _debug_mask = ul_debug_parse_envmask(lib ## _masknames, str); \
 		} else \
 			lib ## _debug_mask = mask; \
+		if (lib ## _debug_mask) { \
+			if (getuid() != geteuid() || getgid() != getegid()) \
+				lib ## _debug_mask |= __UL_DEBUG_FL_NOADDR; \
+		} \
 		lib ## _debug_mask |= pref ## INIT; \
 	} while (0)
 
@@ -104,19 +112,6 @@ ul_debug(const char *mesg, ...)
 	fputc('\n', stderr);
 }
 
-static inline void __attribute__ ((__format__ (__printf__, 2, 3)))
-ul_debugobj(const void *handler, const char *mesg, ...)
-{
-	va_list ap;
-
-	if (handler)
-		fprintf(stderr, "[%p]: ", handler);
-	va_start(ap, mesg);
-	vfprintf(stderr, mesg, ap);
-	va_end(ap);
-	fputc('\n', stderr);
-}
-
 static inline int ul_debug_parse_envmask(
 			const struct ul_debug_maskname flagnames[],
 			const char *mask)
-- 
cgit v1.2.3-55-g7522