Date: Fri, 18 Dec 2020 21:36:41 -0500 From: Pedro Giffuni <pfg@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r368776 - head/usr.bin/login Message-ID: <566e2678-cf2f-abf2-9899-f3a8727e52ce@FreeBSD.org> In-Reply-To: <202012190223.0BJ2NrOI029385@repo.freebsd.org> References: <202012190223.0BJ2NrOI029385@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/18/20 9:23 PM, Pedro F. Giffuni wrote: > Author: pfg > Date: Sat Dec 19 02:23:53 2020 > New Revision: 368776 > URL: https://svnweb.freebsd.org/changeset/base/368776 > > Log: > login(1): when exporting variables check the result of setenv(3) > > When exporting a variable we correctly check all the preconditions that > could make setenv(3) fail. Checking the setenv(3) return value seems > redundant, but given that login(1) is critical, it doesn't hurt to have > a post-check. > > This change is based on the "Principles of Secure Coding" course by > Matthew Bishop, PhD., which specifically discusses this code in FreeBSD. > > Differential Revision: https://reviews.freebsd.org/D26966 > > Modified: > head/usr.bin/login/login.c > > Modified: head/usr.bin/login/login.c > ============================================================================== > --- head/usr.bin/login/login.c Sat Dec 19 01:46:47 2020 (r368775) > +++ head/usr.bin/login/login.c Sat Dec 19 02:23:53 2020 (r368776) > @@ -793,6 +793,7 @@ export(const char *s) > char *p; > const char **pp; > size_t n; > + int rv; > > if (strlen(s) > 1024 || (p = strchr(s, '=')) == NULL) > return (0); > @@ -804,8 +805,10 @@ export(const char *s) > return (0); > } > *p = '\0'; > - (void)setenv(s, p + 1, 1); > + rv = setenv(s, p + 1, 1); > *p = '='; > + if (rv == 1) > + return (0); > return (1); > } > This is wrong .. it should have been -1. I'll revert to make the change clean.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?566e2678-cf2f-abf2-9899-f3a8727e52ce>