Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Check for writes outside of the build directory #2974

Merged
merged 1 commit into from
Oct 10, 2024

Conversation

powerboat9
Copy link
Contributor

I noticed that libgrust/libformat_parser/target was seemingly generated outside the build directory on my machine. This should detect similar issues, and confirm/deny the aforementioned issue.

@P-E-P
Copy link
Member

P-E-P commented May 6, 2024

@powerboat9 The MacOS CI broke, we repaired it but you need to rebase your branch now.

@tschwinge
Copy link
Member

That specific issue was addressed by #2947 "Move 'libformat_parser' build into the GCC build directory, and into libgrust" -- but yes, good idea to actually make sure we're not introducing similar things again! 👍

Copy link
Member

@tschwinge tschwinge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of chmod -R a-w *, it's good practice to use chmod -R a-w ./* (or something similar) -- or just chmod -R a-w . in fact 🙃 -- so that "malicious" files starting with - can't possibly affect the chmod command.

@tschwinge
Copy link
Member

Eh, the build now actually is failing due to a similar issue:

cargo build --manifest-path ../../gcc/rust/checks/errors/borrowck/ffi-polonius/Cargo.toml --release --target-dir rust/ffi-polonius
    Updating crates.io index
error: failed to write /home/runner/work/gccrs/gccrs/gcc/rust/checks/errors/borrowck/ffi-polonius/Cargo.lock

...., so that'll need to be addressed first (in a similar way as #2947 "Move 'libformat_parser' build into the GCC build directory, and into libgrust", I suppose).

@powerboat9
Copy link
Contributor Author

powerboat9 commented May 7, 2024

From what I see from man documentation the chmod command doesn't accept flags after the mode(s) are given, but I'll change it just in case. Good catch though

@tschwinge
Copy link
Member

It's easy enough to try:

$ ls -l
total 0
-rw-r--r-- 1 thomas thomas 0 May  8 10:50 --verbose
-rw-r--r-- 1 thomas thomas 0 May  8 10:50 foo
$ chmod -R a-w *
mode of 'foo' changed from 0644 (rw-r--r--) to 0444 (r--r--r--)
$ ls -l
total 0
-rw-r--r-- 1 thomas thomas 0 May  8 10:50 --verbose
-r--r--r-- 1 thomas thomas 0 May  8 10:50 foo

@P-E-P
Copy link
Member

P-E-P commented Jul 16, 2024

Looks like cargo is trying to update the lock file and fail. I've noticed ffi-polonius does not use the same cargo config as libformat parser. Maybe we should update the cargo invocation with a --config argument ?

ChangeLog:

	* .github/workflows/ccpp.yml: Make files outside the build
	directory read-only.

Signed-off-by: Owen Avery <[email protected]>
@thesamesam
Copy link
Contributor

thesamesam commented Sep 30, 2024

I think it's worth passing some arguments to be safe. Even better would be to never call cargo directly and always through a variable to make sure we don't drop args.

In Gentoo, in cargo.eclass, we do:

cat > "${ECARGO_HOME}/config.toml" <<- _EOF_ || die "Failed to create cargo config"
[source.gentoo]
directory = "${ECARGO_VENDOR}"

[source.crates-io]
replace-with = "gentoo"
local-registry = "/nonexistent"

[net]
offline = true

[build]
jobs = $(makeopts_jobs)
incremental = false

[term]
verbose = true
$([[ "${NOCOLOR}" = true || "${NOCOLOR}" = yes ]] && echo "color = 'never'")
$(_cargo_gen_git_config)
_EOF_

export CARGO_HOME="${ECARGO_HOME}"

You don't need the local registry bit (although it doesn't do any harm), but you get the idea wrt offline. We also always invoke cargo with --offline. We could also set CARGO_HOME to be a temporary directory within the builddir.

@powerboat9
Copy link
Contributor Author

It looks like the issues preventing this PR from passing checks have since been fixed

@P-E-P P-E-P added this pull request to the merge queue Oct 10, 2024
Merged via the queue into Rust-GCC:master with commit 1a030d3 Oct 10, 2024
12 checks passed
@powerboat9 powerboat9 deleted the catch-reads branch October 10, 2024 18:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants