git: 7428ebfe7e25 - main - syslogd: Pre-open null file descriptor
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 28 Sep 2023 15:52:46 UTC
The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=7428ebfe7e25d56e2a5853d36d2c34c54a2f4db3 commit 7428ebfe7e25d56e2a5853d36d2c34c54a2f4db3 Author: Jake Freeland <jfree@FreeBSD.org> AuthorDate: 2023-09-01 02:51:17 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2023-09-28 15:51:54 +0000 syslogd: Pre-open null file descriptor Open _PATH_DEVNULL before entering capability mode. Access to /dev/null is needed for dup2() when piping commands. Reviewed by: markj MFC after: 3 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D41381 --- usr.sbin/syslogd/syslogd.c | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 9f4c21cab026..2ff39d8c3676 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -398,6 +398,7 @@ static const int sigcatch[] = { SIGCHLD, }; +static int nulldesc; /* /dev/null descriptor */ static bool Debug; /* debug flag */ static bool Foreground = false; /* Run in foreground, instead of daemonizing */ static bool resolve = true; /* resolve hostname */ @@ -803,6 +804,14 @@ main(int argc, char *argv[]) consfile.f_file = -1; (void)strlcpy(consfile.fu_fname, _PATH_CONSOLE + sizeof(_PATH_DEV) - 1, sizeof(consfile.fu_fname)); + + nulldesc = open(_PATH_DEVNULL, O_RDWR); + if (nulldesc == -1) { + warn("cannot open %s", _PATH_DEVNULL); + pidfile_remove(pfh); + exit(1); + } + (void)strlcpy(bootfile, getbootfile(), sizeof(bootfile)); if ((!Foreground) && (!Debug)) { @@ -3235,7 +3244,6 @@ markit(void) static int waitdaemon(int maxwait) { - int fd; int status; pid_t pid, childpid; @@ -3266,13 +3274,9 @@ waitdaemon(int maxwait) return (-1); (void)chdir("/"); - if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { - (void)dup2(fd, STDIN_FILENO); - (void)dup2(fd, STDOUT_FILENO); - (void)dup2(fd, STDERR_FILENO); - if (fd > STDERR_FILENO) - (void)close(fd); - } + (void)dup2(nulldesc, STDIN_FILENO); + (void)dup2(nulldesc, STDOUT_FILENO); + (void)dup2(nulldesc, STDERR_FILENO); return (getppid()); } @@ -3595,20 +3599,16 @@ static int p_open(const char *prog, int *rpd) { sigset_t sigset = { }; - int nulldesc, pfd[2], pd; + int pfd[2], pd; pid_t pid; char *argv[4]; /* sh -c cmd NULL */ char errmsg[200]; if (pipe(pfd) == -1) return (-1); - if ((nulldesc = open(_PATH_DEVNULL, O_RDWR)) == -1) - /* we are royally screwed anyway */ - return (-1); switch ((pid = pdfork(&pd, PD_CLOEXEC))) { case -1: - close(nulldesc); return (-1); case 0: @@ -3639,7 +3639,6 @@ p_open(const char *prog, int *rpd) (void)execvp(_PATH_BSHELL, argv); _exit(255); } - close(nulldesc); close(pfd[0]); /* * Avoid blocking on a hung pipe. With O_NONBLOCK, we are