svn commit: r253457 - head/usr.bin/uniq
Pawel Jakub Dawidek
pjd at FreeBSD.org
Wed Jul 24 19:08:45 UTC 2013
On Wed, Jul 24, 2013 at 02:53:32PM +0200, Ulrich Spörlein wrote:
> On Thu, 2013-07-18 at 22:11:27 +0000, Pawel Jakub Dawidek wrote:
> > Author: pjd
> > Date: Thu Jul 18 22:11:27 2013
> > New Revision: 253457
> > URL: http://svnweb.freebsd.org/changeset/base/253457
> >
> > Log:
> > Close uniq(1) in the capability mode sandbox and limit descriptors using
> > capability rights.
> >
> > Modified:
> > head/usr.bin/uniq/uniq.c
> >
> > Modified: head/usr.bin/uniq/uniq.c
> > ==============================================================================
> > --- head/usr.bin/uniq/uniq.c Thu Jul 18 21:56:10 2013 (r253456)
> > +++ head/usr.bin/uniq/uniq.c Thu Jul 18 22:11:27 2013 (r253457)
> > @@ -128,8 +145,34 @@ main (int argc, char *argv[])
> > ofp = stdout;
> > if (argc > 0 && strcmp(argv[0], "-") != 0)
> > ifp = file(ifn = argv[0], "r");
> > + if (cap_rights_limit(fileno(ifp), CAP_FSTAT | CAP_READ) < 0 &&
> > + errno != ENOSYS) {
> > + err(1, "unable to limit rights for %s", ifn);
> > + }
> > + rights = CAP_FSTAT | CAP_WRITE;
> > if (argc > 1)
> > ofp = file(argv[1], "w");
> > + else
> > + rights |= CAP_IOCTL;
> > + if (cap_rights_limit(fileno(ofp), rights) < 0 && errno != ENOSYS) {
> > + err(1, "unable to limit rights for %s",
> > + argc > 1 ? argv[1] : "stdout");
> > + }
> > + if ((rights & CAP_IOCTL) != 0) {
> > + unsigned long cmd;
> > +
> > + cmd = TIOCGETA; /* required by isatty(3) in printf(3) */
> > +
> > + if (cap_ioctls_limit(fileno(ofp), &cmd, 1) < 0 &&
> > + errno != ENOSYS) {
> > + err(1, "unable to limit ioctls for %s",
> > + argc > 1 ? argv[1] : "stdout");
> > + }
> > + }
>
> Deadcode, found by Coverity Scan, CID 1054780 (please mention in your
> fix-commit). You check for argc > 1 at line 153, only if that is false
> (meaning argc==1) do you set CAP_IOCTL. So on line 169 argc cannot be >1
> and the result is always "stdout".
Interesting. I was aware of this, but left this err() call for
consistency in case the condition changes in the future.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://mobter.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-head/attachments/20130724/0cfdaa81/attachment.sig>
More information about the svn-src-head
mailing list