Date: Sat, 5 Feb 2022 16:27:16 GMT From: Ed Maste <emaste@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: eb32eb2b453d - stable/13 - dma: exit if invoked with invalid (zero) argc Message-ID: <202202051627.215GRGdA038616@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=eb32eb2b453d21534efaea4cfa17043a634e6199 commit eb32eb2b453d21534efaea4cfa17043a634e6199 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2022-01-28 22:15:02 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2022-02-05 16:26:09 +0000 dma: exit if invoked with invalid (zero) argc This was prompted by the recent pkexec vulnerability (CVE-2021-4034). This change is being made on general principle for setuid/setgid binaries and is not in response to an actual issue. Reviewed by: kevans, markj (both earlier) MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34087 (cherry picked from commit 1c91aedf25bce879a8aced6439200e46601eb8a4) --- contrib/dma/dma.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/contrib/dma/dma.c b/contrib/dma/dma.c index 72115ae2b55e..7cad25a214ee 100644 --- a/contrib/dma/dma.c +++ b/contrib/dma/dma.c @@ -428,6 +428,9 @@ main(int argc, char **argv) int nodot = 0, showq = 0, queue_only = 0, newaliases = 0; int recp_from_header = 0; + if (argc == 0) + errx(EX_OSERR, "invalid argc"); + set_username(); /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202202051627.215GRGdA038616>