diff options
author | Eitan Adler <eadler@FreeBSD.org> | 2012-10-22 03:31:22 +0000 |
---|---|---|
committer | Eitan Adler <eadler@FreeBSD.org> | 2012-10-22 03:31:22 +0000 |
commit | 1d1d4a4727577afb8709b756a78e0ab9ee43e9e6 (patch) | |
tree | 3aa86a2f61ac3b57647e44878110dc60da9069e7 /sbin | |
parent | 10d17a3f089f7f8f482ce158c6f8f5d1c342626e (diff) | |
download | src-1d1d4a4727577afb8709b756a78e0ab9ee43e9e6.tar.gz src-1d1d4a4727577afb8709b756a78e0ab9ee43e9e6.zip |
Check the return error of set[ug]id. While this can never fail in the
current version of FreeBSD, this isn't guarenteed by the API. Custom
security modules, or future implementations of the setuid and setgid
may fail.
PR: bin/172289
PR: bin/172290
PR: bin/172291
Submittud by: Erik Cederstrand <erik@cederstrand.dk>
Discussed by: freebsd-security
Approved by: cperciva
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=241852
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ping/ping.c | 3 | ||||
-rw-r--r-- | sbin/ping6/ping6.c | 6 |
2 files changed, 6 insertions, 3 deletions
diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c index f8f62d1f8646..85d03483a5a3 100644 --- a/sbin/ping/ping.c +++ b/sbin/ping/ping.c @@ -255,7 +255,8 @@ main(int argc, char *const *argv) s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); sockerrno = errno; - setuid(getuid()); + if (setuid(getuid()) != 0) + err(EX_NOPERM, "setuid() failed"); uid = getuid(); alarmtimeout = df = preload = tos = 0; diff --git a/sbin/ping6/ping6.c b/sbin/ping6/ping6.c index 711561ebb9ac..8c3e16bbdaa0 100644 --- a/sbin/ping6/ping6.c +++ b/sbin/ping6/ping6.c @@ -702,8 +702,10 @@ main(int argc, char *argv[]) } /* revoke root privilege */ - seteuid(getuid()); - setuid(getuid()); + if (seteuid(getuid()) != 0) + err(1, "seteuid() failed"); + if (setuid(getuid()) != 0) + err(1, "setuid() failed"); if ((options & F_FLOOD) && (options & F_INTERVAL)) errx(1, "-f and -i incompatible options"); |