I suspect the problem is a bug in the function below (in pseudocode from disassembly). It seems to take a file permission set as an argument and return a specific permission set based on that. The return value is then used as part of a call to chmod.
I'm not certain what the intended logic is, but it seems that an input that is user writable:
input & 0x80 != 0
and group executable:
input & 0x8 != 0
results in a return value of 774, which is suspicious since the bug we see is a missing the other executable bit. A return of 775 would make more sense.
function sub_4c013a { input = rdi; result = 0x0; if ((input & 0x80) != 0x0) { result = 0x1b4; } else { if ((input & 0x1) != 0x0) { result = 0x124; } } if ((input & 0x8) != 0x0) { result = result | 0x48; } return result; }
btsync and folder permissions
in Sync General Discussion
Posted
I suspect the problem is a bug in the function below (in pseudocode from disassembly). It seems to take a file permission set as an argument and return a specific permission set based on that. The return value is then used as part of a call to chmod.
I'm not certain what the intended logic is, but it seems that an input that is user writable:
and group executable:
results in a return value of 774, which is suspicious since the bug we see is a missing the other executable bit. A return of 775 would make more sense.
I suspect this:
should be this: