Date: Sun, 19 Aug 2001 16:08:02 -0500 From: "Jacques A. Vidrine" <n@nectar.com> To: Kris Kennaway <kris@obsecurity.org> Cc: audit@FreeBSD.org Subject: Re: Checking issetugid() with getenv() in libraries Message-ID: <20010819160801.A84442@hellblazer.nectar.com> In-Reply-To: <20010818221258.A79194@xor.obsecurity.org>; from kris@obsecurity.org on Sat, Aug 18, 2001 at 10:12:58PM -0700 References: <20010818221258.A79194@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I think this is introducing a few uninitialized pointer bugs. For
example, in this chunk it is clear we're going to crash. Of course,
this particular chunk is probably wrong in other ways -- if you don't
want to look at HOME, I guess you'll need to use getpwuid().
> diff -u -r1.3 ncpl_rcfile.c
> --- libncp/ncpl_rcfile.c 2000/05/26 02:00:20 1.3
> +++ libncp/ncpl_rcfile.c 2001/08/19 04:52:39
> @@ -390,7 +390,8 @@
> char *home, *fn;
> int error;
>
> - home = getenv("HOME");
> + if (issetugid() == 0)
> + home = getenv("HOME");
> if (home) {
> fn = malloc(strlen(home) + 20);
> sprintf(fn, "%s/.nwfsrc", home);
Cheers,
--
Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010819160801.A84442>