Ticket #1809 (invalid length of nonprintable chars)
[kaloumi3.git] / src / cons.saver.c
blob348285a3fcc2cd33b841e612ca79c9bc10a1997a
1 /* This program should be setuid vcsa and /dev/vcsa* should be
2 owned by the same user too.
3 Partly rewritten by Jakub Jelinek <jakub@redhat.com>. */
5 /* General purpose Linux console screen save/restore server
6 Copyright (C) 1994, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
7 2006, 2007 Free Software Foundation, Inc.
8 Original idea from Unix Interactive Tools version 3.2b (tty.c)
9 This code requires root privileges.
10 You may want to make the cons.saver setuid root.
11 The code should be safe even if it is setuid but who knows?
13 This program is free software; you can redistribute it and/or modify
14 it under the terms of the GNU General Public License as published by
15 the Free Software Foundation; either version 2 of the License, or
16 (at your option) any later version.
18 This program is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 GNU General Public License for more details.
23 You should have received a copy of the GNU General Public License
24 along with this program; if not, write to the Free Software
25 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
27 /* This code does _not_ need to be setuid root. However, it needs
28 read/write access to /dev/vcsa* (which is priviledged
29 operation). You should create user vcsa, make cons.saver setuid
30 user vcsa, and make all vcsa's owned by user vcsa.
32 Seeing other peoples consoles is bad thing, but believe me, full
33 root is even worse. */
35 /** \file cons.saver.c
36 * \brief Source: general purpose Linux console screen save/restore server
38 * This code does _not_ need to be setuid root. However, it needs
39 * read/write access to /dev/vcsa* (which is priviledged
40 * operation). You should create user vcsa, make cons.saver setuid
41 * user vcsa, and make all vcsa's owned by user vcsa.
42 * Seeing other peoples consoles is bad thing, but believe me, full
43 * root is even worse.
46 #include <config.h>
48 #ifndef _GNU_SOURCE
49 #define _GNU_SOURCE
50 #endif
52 #include <stdlib.h>
53 #include <stdio.h>
54 #include <string.h>
56 #include <sys/types.h>
57 #include <sys/stat.h>
58 #include <sys/ioctl.h>
59 #include <fcntl.h>
60 #ifdef HAVE_TERMIOS_H
61 #include <termios.h>
62 #endif
63 #include <unistd.h>
65 #define LINUX_CONS_SAVER_C
66 #include "cons.saver.h"
67 #include "../src/tty/win.h"
69 static void
70 send_contents (char *buffer, unsigned int columns, unsigned int rows)
72 unsigned char begin_line = 0, end_line = 0;
73 unsigned int lastline, lc_index, x;
74 unsigned char message, outbuf[1024], *p;
75 unsigned short bytes;
77 lc_index = 2 * rows * columns;
78 for (lastline = rows; lastline > 0; lastline--)
79 for (x = 0; x < columns; x++)
81 lc_index -= 2;
82 if (buffer [lc_index] != ' ')
83 goto out;
85 out:
87 message = CONSOLE_CONTENTS;
88 write (1, &message, 1);
90 read (0, &begin_line, 1);
91 read (0, &end_line, 1);
92 if (begin_line > lastline)
93 begin_line = lastline;
94 if (end_line > lastline)
95 end_line = lastline;
97 lc_index = (end_line - begin_line) * columns;
98 bytes = lc_index;
99 if (lc_index != bytes)
100 bytes = 0;
101 write (1, &bytes, 2);
102 if (! bytes)
103 return;
105 p = outbuf;
106 for (lc_index = 2 * begin_line * columns;
107 lc_index < 2 * end_line * columns;
108 lc_index += 2)
110 *p++ = buffer [lc_index];
111 if (p == outbuf + sizeof (outbuf))
113 write (1, outbuf, sizeof (outbuf));
114 p = outbuf;
118 if (p != outbuf)
119 write (1, outbuf, p - outbuf);
122 static void __attribute__ ((noreturn))
123 die (void)
125 unsigned char zero = 0;
126 write (1, &zero, 1);
127 exit (3);
131 main (int argc, char **argv)
133 unsigned char action = 0, console_flag = 3;
134 int console_fd, vcsa_fd, console_minor, buffer_size;
135 struct stat st;
136 uid_t uid, euid;
137 char *buffer, *tty_name, console_name [16], vcsa_name [16];
138 const char *p, *q;
139 struct winsize winsz;
141 close (2);
143 if (argc != 2)
144 die ();
146 tty_name = argv [1];
147 if (strnlen (tty_name, 15) == 15
148 || strncmp (tty_name, "/dev/", 5))
149 die ();
151 setsid ();
152 uid = getuid ();
153 euid = geteuid ();
155 if (seteuid (uid) < 0)
156 die ();
157 console_fd = open (tty_name, O_RDONLY);
158 if (console_fd < 0)
159 die ();
160 if (fstat (console_fd, &st) < 0 || ! S_ISCHR (st.st_mode))
161 die ();
162 if ((st.st_rdev & 0xff00) != 0x0400)
163 die ();
164 console_minor = (int) (st.st_rdev & 0x00ff);
165 if (console_minor < 1 || console_minor > 63)
166 die ();
167 if (st.st_uid != uid)
168 die ();
170 switch (tty_name [5])
172 /* devfs */
173 case 'v': p = "/dev/vc/%d"; q = "/dev/vcc/a%d"; break;
174 /* /dev/ttyN */
175 case 't': p = "/dev/tty%d"; q = "/dev/vcsa%d"; break;
176 default: die (); break;
179 snprintf (console_name, sizeof (console_name), p, console_minor);
180 if (strncmp (console_name, tty_name, sizeof (console_name)) != 0)
181 die ();
183 if (seteuid (euid) < 0)
184 die ();
186 snprintf (vcsa_name, sizeof (vcsa_name), q, console_minor);
187 vcsa_fd = open (vcsa_name, O_RDWR);
188 if (vcsa_fd < 0)
189 die ();
190 if (fstat (vcsa_fd, &st) < 0 || ! S_ISCHR (st.st_mode))
191 die ();
193 if (seteuid (uid) < 0)
194 die ();
196 winsz.ws_col = winsz.ws_row = 0;
197 if (ioctl (console_fd, TIOCGWINSZ, &winsz) < 0
198 || winsz.ws_col <= 0 || winsz.ws_row <= 0
199 || winsz.ws_col >= 256 || winsz.ws_row >= 256)
200 die ();
202 buffer_size = 4 + 2 * winsz.ws_col * winsz.ws_row;
203 buffer = calloc (buffer_size, 1);
204 if (buffer == NULL)
205 die ();
207 write (1, &console_flag, 1);
209 while (console_flag && read (0, &action, 1) == 1)
211 switch (action)
213 case CONSOLE_DONE:
214 console_flag = 0;
215 continue;
216 case CONSOLE_SAVE:
217 if (seteuid (euid) < 0
218 || lseek (vcsa_fd, 0, 0) != 0
219 || fstat (console_fd, &st) < 0 || st.st_uid != uid
220 || read (vcsa_fd, buffer, buffer_size) != buffer_size
221 || fstat (console_fd, &st) < 0 || st.st_uid != uid)
222 memset (buffer, 0, buffer_size);
223 if (seteuid (uid) < 0)
224 die ();
225 break;
226 case CONSOLE_RESTORE:
227 if (seteuid (euid) >= 0
228 && lseek (vcsa_fd, 0, 0) == 0
229 && fstat (console_fd, &st) >= 0 && st.st_uid == uid)
230 write (vcsa_fd, buffer, buffer_size);
231 if (seteuid (uid) < 0)
232 die ();
233 break;
234 case CONSOLE_CONTENTS:
235 send_contents (buffer + 4, winsz.ws_col, winsz.ws_row);
236 break;
239 write (1, &console_flag, 1);
242 exit (0);