From 5a3c3f7ccff322a5383fa8a1b6450480cf7fbab9 Mon Sep 17 00:00:00 2001 From: Bart Van Assche Date: Wed, 22 Mar 2023 13:21:03 -0700 Subject: [PATCH] libprocessgroup: Check validity of uid and pid arguments A user ID (uid) must be greater than or equal to zero to be valid. Only strictly positive process IDs are valid. Add argument checks in libprocessgroup of uid and pid arguments to make it easier to determine the origin of invalid arguments. Change-Id: I8a6d96ca4576bc9c329498c6a804dd05a02afca5 Signed-off-by: Bart Van Assche --- libprocessgroup/processgroup.cpp | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/libprocessgroup/processgroup.cpp b/libprocessgroup/processgroup.cpp index f7af08bbe..38eb92fe6 100644 --- a/libprocessgroup/processgroup.cpp +++ b/libprocessgroup/processgroup.cpp @@ -446,14 +446,9 @@ static int DoKillProcessGroupOnce(const char* cgroup, uid_t uid, int initialPid, static int KillProcessGroup(uid_t uid, int initialPid, int signal, int retries, int* max_processes) { - if (uid < 0) { - LOG(ERROR) << __func__ << ": invalid UID " << uid; - return -1; - } - if (initialPid <= 0) { - LOG(ERROR) << __func__ << ": invalid PID " << initialPid; - return -1; - } + CHECK_GE(uid, 0); + CHECK_GT(initialPid, 0); + std::string hierarchy_root_path; if (CgroupsAvailable()) { CgroupGetControllerPath(CGROUPV2_CONTROLLER_NAME, &hierarchy_root_path); @@ -590,7 +585,8 @@ static int createProcessGroupInternal(uid_t uid, int initialPid, std::string cgr } int createProcessGroup(uid_t uid, int initialPid, bool memControl) { - std::string cgroup; + CHECK_GE(uid, 0); + CHECK_GT(initialPid, 0); if (memControl && !UsePerAppMemcg()) { PLOG(ERROR) << "service memory controls are used without per-process memory cgroup support"; @@ -608,6 +604,7 @@ int createProcessGroup(uid_t uid, int initialPid, bool memControl) { } } + std::string cgroup; CgroupGetControllerPath(CGROUPV2_CONTROLLER_NAME, &cgroup); return createProcessGroupInternal(uid, initialPid, cgroup, true); }