git: 1c91aedf25bc - main - dma: exit if invoked with invalid (zero) argc
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 28 Jan 2022 22:49:57 UTC
The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=1c91aedf25bce879a8aced6439200e46601eb8a4 commit 1c91aedf25bce879a8aced6439200e46601eb8a4 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2022-01-28 22:15:02 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2022-01-28 22:49:45 +0000 dma: exit if invoked with invalid (zero) argc This was prompted by the recent pkexec vulnerability (CVE-2021-4034). This change is being made on general principle for setuid/setgid binaries and is not in response to an actual issue. Reviewed by: kevans, markj (both earlier) MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34087 --- contrib/dma/dma.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/contrib/dma/dma.c b/contrib/dma/dma.c index 72115ae2b55e..7cad25a214ee 100644 --- a/contrib/dma/dma.c +++ b/contrib/dma/dma.c @@ -428,6 +428,9 @@ main(int argc, char **argv) int nodot = 0, showq = 0, queue_only = 0, newaliases = 0; int recp_from_header = 0; + if (argc == 0) + errx(EX_OSERR, "invalid argc"); + set_username(); /*