set*id() syscalls' return values not checked

[jeffbencteux]

Instances of set*id() functions' return values are not checked in the project source code:

machinekit-hal/src/modules/managed/drivers/uparport/src/uparport.h

Line 208 in ecf488a

setuid(getuid());

set*id() functions are widely used in SUID/SGID binaries to drop privileges. Below is an example with setuid():

setuid(getuid())

If the above call is successful, then the effective UID of the process would have the value of the real UID, hence "cancelling" the SUID bits given to the binary.

Return value of this call from the man states that there exists security issues when that value is not checked:

RETURN VALUE

  On success, zero is returned.  On error, -1 is returned, and
  _[errno](https://man7.org/linux/man-pages/man3/errno.3.html)_ is set to indicate the error.
  
  _Note_: there are cases where **setuid**() can fail even when the
  caller is UID 0; it is a grave security error to omit checking
  for a failure return from **setuid**().

If the previous setuid() call fails and its return value is not checked, a SUID binary doing such a call would then end up not dropping its privileges while believing it did, allowing for potential privilege escalations in the rest of the execution.

I suggest checking the return values of the set*id() function in a manner like the following:

if (setuid(getuid()) == -1)
{
	// error handling
}