intel: check setuid before writing output file in INTEL_MEASURE

Without this check, the INTEL_MEASURE environment variable could be misused to overwrite arbitrary files. Fixes: 0f4143ec37 ("intel: Print GPU timing data based on INTEL_MEASURE") Reviewed-by: Kenneth Graunke <kenneth@whitecape.org> Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/9166>
2021-02-19 18:18:43 -08:00 · 2021-02-19 18:18:43 -08:00 · f54a65c69b
parent 3250e04d25
commit f54a65c69b
1 changed files with 2 additions and 1 deletions
--- a/src/intel/common/intel_measure.c
+++ b/src/intel/common/intel_measure.c
@ -40,6 +40,7 @@
 #include "dev/gen_device_info.h"
 #include "util/debug.h"
 #include "util/macros.h"
+#include "util/u_debug.h"


 static const struct debug_control debug_control[] = {
@ -100,7 +101,7 @@ intel_measure_init(struct intel_measure_device *device)
         *sep = '\0';
      }

-      if (filename) {
+      if (filename && !__check_suid()) {
         filename += 5;
         config.file = fopen(filename, "w");
         if (!config.file) {