From owner-svn-src-all@freebsd.org Sat Dec 19 02:36:42 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AE3254B6FD6; Sat, 19 Dec 2020 02:36:42 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CyVHG4XdLz4WtX; Sat, 19 Dec 2020 02:36:42 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from [192.168.0.4] (unknown [200.118.158.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: pfg) by smtp.freebsd.org (Postfix) with ESMTPSA id 36C624F33; Sat, 19 Dec 2020 02:36:42 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Subject: Re: svn commit: r368776 - head/usr.bin/login From: Pedro Giffuni To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org References: <202012190223.0BJ2NrOI029385@repo.freebsd.org> Organization: FreeBSD Message-ID: <566e2678-cf2f-abf2-9899-f3a8727e52ce@FreeBSD.org> Date: Fri, 18 Dec 2020 21:36:41 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.5.1 MIME-Version: 1.0 In-Reply-To: <202012190223.0BJ2NrOI029385@repo.freebsd.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Dec 2020 02:36:42 -0000 On 12/18/20 9:23 PM, Pedro F. Giffuni wrote: > Author: pfg > Date: Sat Dec 19 02:23:53 2020 > New Revision: 368776 > URL: https://svnweb.freebsd.org/changeset/base/368776 > > Log: > login(1): when exporting variables check the result of setenv(3) > > When exporting a variable we correctly check all the preconditions that > could make setenv(3) fail. Checking the setenv(3) return value seems > redundant, but given that login(1) is critical, it doesn't hurt to have > a post-check. > > This change is based on the "Principles of Secure Coding" course by > Matthew Bishop, PhD., which specifically discusses this code in FreeBSD. > > Differential Revision: https://reviews.freebsd.org/D26966 > > Modified: > head/usr.bin/login/login.c > > Modified: head/usr.bin/login/login.c > ============================================================================== > --- head/usr.bin/login/login.c Sat Dec 19 01:46:47 2020 (r368775) > +++ head/usr.bin/login/login.c Sat Dec 19 02:23:53 2020 (r368776) > @@ -793,6 +793,7 @@ export(const char *s) > char *p; > const char **pp; > size_t n; > + int rv; > > if (strlen(s) > 1024 || (p = strchr(s, '=')) == NULL) > return (0); > @@ -804,8 +805,10 @@ export(const char *s) > return (0); > } > *p = '\0'; > - (void)setenv(s, p + 1, 1); > + rv = setenv(s, p + 1, 1); > *p = '='; > + if (rv == 1) > + return (0); > return (1); > } > This is wrong .. it should have been -1. I'll revert to make the change clean.