Check sigsetsize in rt_sigaction

This isn't in the libc wrapper, but it is in the syscall itself. Discovered by @xiaobo55x in #1625. PiperOrigin-RevId: 291973931
2020-01-28 11:12:01 -08:00 · 2020-01-28 11:12:01 -08:00 · 76483b8b1e
parent 74e04506a4
commit 76483b8b1e
4 changed files with 38 additions and 24 deletions
--- a/pkg/sentry/strace/linux64_amd64.go
+++ b/pkg/sentry/strace/linux64_amd64.go
@ -37,7 +37,7 @@ var linuxAMD64 = SyscallMap{
 	10:  makeSyscallInfo("mprotect", Hex, Hex, Hex),
 	11:  makeSyscallInfo("munmap", Hex, Hex),
 	12:  makeSyscallInfo("brk", Hex),
-	13:  makeSyscallInfo("rt_sigaction", Signal, SigAction, PostSigAction),
+	13:  makeSyscallInfo("rt_sigaction", Signal, SigAction, PostSigAction, Hex),
 	14:  makeSyscallInfo("rt_sigprocmask", SignalMaskAction, SigSet, PostSigSet, Hex),
 	15:  makeSyscallInfo("rt_sigreturn"),
 	16:  makeSyscallInfo("ioctl", FD, Hex, Hex),
--- a/pkg/sentry/strace/linux64_arm64.go
+++ b/pkg/sentry/strace/linux64_arm64.go
@ -158,7 +158,7 @@ var linuxARM64 = SyscallMap{
 	131: makeSyscallInfo("tgkill", Hex, Hex, Signal),
 	132: makeSyscallInfo("sigaltstack", Hex, Hex),
 	133: makeSyscallInfo("rt_sigsuspend", Hex),
-	134: makeSyscallInfo("rt_sigaction", Signal, SigAction, PostSigAction),
+	134: makeSyscallInfo("rt_sigaction", Signal, SigAction, PostSigAction, Hex),
 	135: makeSyscallInfo("rt_sigprocmask", SignalMaskAction, SigSet, PostSigSet, Hex),
 	136: makeSyscallInfo("rt_sigpending", Hex),
 	137: makeSyscallInfo("rt_sigtimedwait", SigSet, Hex, Timespec, Hex),
--- a/pkg/sentry/syscalls/linux/sys_signal.go
+++ b/pkg/sentry/syscalls/linux/sys_signal.go
@ -245,6 +245,11 @@ func RtSigaction(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.S
 	sig := linux.Signal(args[0].Int())
 	newactarg := args[1].Pointer()
 	oldactarg := args[2].Pointer()
+	sigsetsize := args[3].SizeT()
+
+	if sigsetsize != linux.SignalSetSize {
+		return 0, nil, syserror.EINVAL
+	}

 	var newactptr *arch.SignalAct
 	if newactarg != 0 {
--- a/test/syscalls/linux/sigaction.cc
+++ b/test/syscalls/linux/sigaction.cc
@ -13,6 +13,7 @@
 // limitations under the License.

 #include <signal.h>
+#include <sys/syscall.h>

 #include "gtest/gtest.h"
 #include "test/util/test_util.h"
@ -23,45 +24,53 @@ namespace testing {
 namespace {

 TEST(SigactionTest, GetLessThanOrEqualToZeroFails) {
-  struct sigaction act;
-  memset(&act, 0, sizeof(act));
-  ASSERT_THAT(sigaction(-1, NULL, &act), SyscallFailsWithErrno(EINVAL));
-  ASSERT_THAT(sigaction(0, NULL, &act), SyscallFailsWithErrno(EINVAL));
+  struct sigaction act = {};
+  ASSERT_THAT(sigaction(-1, nullptr, &act), SyscallFailsWithErrno(EINVAL));
+  ASSERT_THAT(sigaction(0, nullptr, &act), SyscallFailsWithErrno(EINVAL));
 }

 TEST(SigactionTest, SetLessThanOrEqualToZeroFails) {
-  struct sigaction act;
-  memset(&act, 0, sizeof(act));
-  ASSERT_THAT(sigaction(0, &act, NULL), SyscallFailsWithErrno(EINVAL));
-  ASSERT_THAT(sigaction(0, &act, NULL), SyscallFailsWithErrno(EINVAL));
+  struct sigaction act = {};
+  ASSERT_THAT(sigaction(0, &act, nullptr), SyscallFailsWithErrno(EINVAL));
+  ASSERT_THAT(sigaction(0, &act, nullptr), SyscallFailsWithErrno(EINVAL));
 }

 TEST(SigactionTest, GetGreaterThanMaxFails) {
-  struct sigaction act;
-  memset(&act, 0, sizeof(act));
-  ASSERT_THAT(sigaction(SIGRTMAX + 1, NULL, &act),
+  struct sigaction act = {};
+  ASSERT_THAT(sigaction(SIGRTMAX + 1, nullptr, &act),
              SyscallFailsWithErrno(EINVAL));
 }

 TEST(SigactionTest, SetGreaterThanMaxFails) {
-  struct sigaction act;
-  memset(&act, 0, sizeof(act));
-  ASSERT_THAT(sigaction(SIGRTMAX + 1, &act, NULL),
+  struct sigaction act = {};
+  ASSERT_THAT(sigaction(SIGRTMAX + 1, &act, nullptr),
              SyscallFailsWithErrno(EINVAL));
 }

 TEST(SigactionTest, SetSigkillFails) {
-  struct sigaction act;
-  memset(&act, 0, sizeof(act));
-  ASSERT_THAT(sigaction(SIGKILL, NULL, &act), SyscallSucceeds());
-  ASSERT_THAT(sigaction(SIGKILL, &act, NULL), SyscallFailsWithErrno(EINVAL));
+  struct sigaction act = {};
+  ASSERT_THAT(sigaction(SIGKILL, nullptr, &act), SyscallSucceeds());
+  ASSERT_THAT(sigaction(SIGKILL, &act, nullptr), SyscallFailsWithErrno(EINVAL));
 }

 TEST(SigactionTest, SetSigstopFails) {
-  struct sigaction act;
-  memset(&act, 0, sizeof(act));
-  ASSERT_THAT(sigaction(SIGSTOP, NULL, &act), SyscallSucceeds());
-  ASSERT_THAT(sigaction(SIGSTOP, &act, NULL), SyscallFailsWithErrno(EINVAL));
+  struct sigaction act = {};
+  ASSERT_THAT(sigaction(SIGSTOP, nullptr, &act), SyscallSucceeds());
+  ASSERT_THAT(sigaction(SIGSTOP, &act, nullptr), SyscallFailsWithErrno(EINVAL));
+}
+
+TEST(SigactionTest, BadSigsetFails) {
+  constexpr size_t kWrongSigSetSize = 43;
+
+  struct sigaction act = {};
+
+  // The syscall itself (rather than the libc wrapper) takes the sigset_t size.
+  ASSERT_THAT(
+      syscall(SYS_rt_sigaction, SIGTERM, nullptr, &act, kWrongSigSetSize),
+      SyscallFailsWithErrno(EINVAL));
+  ASSERT_THAT(
+      syscall(SYS_rt_sigaction, SIGTERM, &act, nullptr, kWrongSigSetSize),
+      SyscallFailsWithErrno(EINVAL));
 }

 }  // namespace