From owner-svn-src-head@FreeBSD.ORG Sat Apr 23 14:19:26 2011 Return-Path: <owner-svn-src-head@FreeBSD.ORG> Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6D91C106566C; Sat, 23 Apr 2011 14:19:26 +0000 (UTC) (envelope-from simon@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 584C98FC08; Sat, 23 Apr 2011 14:19:26 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id p3NEJQuQ092699; Sat, 23 Apr 2011 14:19:26 GMT (envelope-from simon@svn.freebsd.org) Received: (from simon@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id p3NEJQp0092697; Sat, 23 Apr 2011 14:19:26 GMT (envelope-from simon@svn.freebsd.org) Message-Id: <201104231419.p3NEJQp0092697@svn.freebsd.org> From: "Simon L. Nielsen" <simon@FreeBSD.org> Date: Sat, 23 Apr 2011 14:19:26 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r220971 - head/usr.bin/finger X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current <svn-src-head.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>, <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head> List-Post: <mailto:svn-src-head@freebsd.org> List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>, <mailto:svn-src-head-request@freebsd.org?subject=subscribe> X-List-Received-Date: Sat, 23 Apr 2011 14:19:26 -0000 Author: simon Date: Sat Apr 23 14:19:26 2011 New Revision: 220971 URL: http://svn.freebsd.org/changeset/base/220971 Log: Check return code of setuid() and setgid() in finger. While they will not fail in normal circumstances, better safe than sorry. MFC after: 1 week Modified: head/usr.bin/finger/finger.c Modified: head/usr.bin/finger/finger.c ============================================================================== --- head/usr.bin/finger/finger.c Sat Apr 23 13:57:12 2011 (r220970) +++ head/usr.bin/finger/finger.c Sat Apr 23 14:19:26 2011 (r220971) @@ -164,11 +164,15 @@ main(int argc, char **argv) if (getuid() == 0 || geteuid() == 0) { invoker_root = 1; if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) { - setgid(pw->pw_gid); - setuid(pw->pw_uid); + if (setgid(pw->pw_gid) != 0) + err(1, "setgid()"); + if (setuid(pw->pw_uid) != 0) + err(1, "setuid()"); } else { - setgid(UNPRIV_UGID); - setuid(UNPRIV_UGID); + if (setgid(UNPRIV_UGID) != 0) + err(1, "setgid()"); + if (setuid(UNPRIV_UGID) != 0) + err(1, "setuid()"); } }