Date: Mon, 23 Apr 2018 18:40:50 +0000 (UTC) From: Renato Botelho <garga@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r468129 - in head/security/sudo: . files Message-ID: <201804231840.w3NIeouq048584@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: garga Date: Mon Apr 23 18:40:50 2018 New Revision: 468129 URL: https://svnweb.freebsd.org/changeset/ports/468129 Log: Add a patch to fix cryptographic digest in command specification for shell scripts and other interpreted files. Error happens because fexecve() requires /dev/fd to be mounted. This patch detects if /dev/fd/N exists before attempt to use fexecve and workaround the issue. PR: 223587 Submitted by: Todd C. Miller <Todd.Miller@sudo.ws> Reported by: vas@mpeks.tomsk.su Obtained from: https://www.sudo.ws/repos/sudo/rev/30f7c5d64104 MFH: 2018Q2 Sponsored by: Rubicon Communications, LLC (Netgate) Added: head/security/sudo/files/patch-fix-fexecve (contents, props changed) Modified: head/security/sudo/Makefile Modified: head/security/sudo/Makefile ============================================================================== --- head/security/sudo/Makefile Mon Apr 23 18:37:39 2018 (r468128) +++ head/security/sudo/Makefile Mon Apr 23 18:40:50 2018 (r468129) @@ -3,7 +3,7 @@ PORTNAME= sudo PORTVERSION= 1.8.22 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= SUDO Added: head/security/sudo/files/patch-fix-fexecve ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/sudo/files/patch-fix-fexecve Mon Apr 23 18:40:50 2018 (r468129) @@ -0,0 +1,92 @@ + +# HG changeset patch +# User Todd C. Miller <Todd.Miller@sudo.ws> +# Date 1524502491 21600 +# Node ID 30f7c5d64104cdbae5c0a63e57aeec1d188c0f5b +# Parent a786a841f30a60c5f18b4ec476f8a749135d48ec +We can only use fexecve() on a script if /dev/fd/N exists. +Some systems, such as FreeBSD, don't have /dev/fd mounted +by default. Bug #831 + +diff -r a786a841f30a -r 30f7c5d64104 plugins/sudoers/match.c +--- plugins/sudoers/match.c Sun Apr 22 06:58:53 2018 -0600 ++++ plugins/sudoers/match.c Mon Apr 23 10:54:51 2018 -0600 +@@ -487,32 +487,22 @@ + debug_return_bool(stat(path, sb) == 0); + } + ++#ifdef HAVE_FEXECVE + /* +- * On systems with fexecve(2), set the close-on-exec flag on the file +- * descriptor only if the file is not a script. Because scripts need +- * to be executed by an interpreter the fd must remain open for the +- * interpreter to use. ++ * Check whether the fd refers to a shell script with a "#!" shebang. + */ +-static void +-set_cloexec(int fd) ++static bool ++is_script(int fd) + { +- bool is_script = false; +-#ifdef HAVE_FEXECVE ++ bool ret = false; + char magic[2]; + +- /* Check for #! cookie and set is_script. */ + if (read(fd, magic, 2) == 2) { + if (magic[0] == '#' && magic[1] == '!') +- is_script = true; ++ ret = true; + } + (void) lseek(fd, (off_t)0, SEEK_SET); +-#endif /* HAVE_FEXECVE */ +- /* +- * Shell scripts go through namei twice and so we can't set the close +- * on exec flag on the fd for fexecve(2). +- */ +- if (!is_script) +- (void)fcntl(fd, F_SETFD, FD_CLOEXEC); ++ return ret; + } + + /* +@@ -541,10 +531,36 @@ + if (fd == -1) + debug_return_bool(false); + +- set_cloexec(fd); ++ if (is_script(fd)) { ++ char fdpath[PATH_MAX]; ++ struct stat sb; ++ ++ /* We can only use fexecve() on a script if /dev/fd/N exists. */ ++ snprintf(fdpath, sizeof(fdpath), "/dev/fd/%d", fd); ++ if (stat(fdpath, &sb) != 0) { ++ close(fd); ++ debug_return_bool(false); ++ } ++ ++ /* ++ * Shell scripts go through namei twice so we can't set the ++ * close on exec flag on the fd for fexecve(2). ++ */ ++ } else { ++ /* Not a script, close on exec is safe. */ ++ (void)fcntl(fd, F_SETFD, FD_CLOEXEC); ++ } ++ + *fdp = fd; + debug_return_bool(true); + } ++#else /* HAVE_FEXECVE */ ++static bool ++open_cmnd(const char *path, const struct sudo_digest *digest, int *fdp) ++{ ++ return true; ++} ++#endif /* HAVE_FEXECVE */ + + static bool + command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args, +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201804231840.w3NIeouq048584>