Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 22 Oct 2012 03:07:05 +0000 (UTC)
From:      Eitan Adler <eadler@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r241848 - in head: libexec/tftpd sbin/ccdconfig sbin/restore usr.bin/lock usr.bin/msgs usr.bin/wall usr.sbin/edquota usr.sbin/kgmon
Message-ID:  <201210220307.q9M375PN017842@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: eadler
Date: Mon Oct 22 03:07:05 2012
New Revision: 241848
URL: http://svn.freebsd.org/changeset/base/241848

Log:
  Check the return error of set[e][ug]id. While this can never fail in the
  current version of FreeBSD, this isn't guarenteed by the API.
  Custom security modules, or future implementations of the setuid and
  setgid may fail.
  
  Submitted by:	Erik Cederstrand
  Approved by:	cperciva
  MFC after:	3 days

Modified:
  head/libexec/tftpd/tftpd.c
  head/sbin/ccdconfig/ccdconfig.c
  head/sbin/restore/tape.c
  head/usr.bin/lock/lock.c
  head/usr.bin/msgs/msgs.c
  head/usr.bin/wall/wall.c
  head/usr.sbin/edquota/edquota.c
  head/usr.sbin/kgmon/kgmon.c

Modified: head/libexec/tftpd/tftpd.c
==============================================================================
--- head/libexec/tftpd/tftpd.c	Mon Oct 22 03:06:59 2012	(r241847)
+++ head/libexec/tftpd/tftpd.c	Mon Oct 22 03:07:05 2012	(r241848)
@@ -371,7 +371,10 @@ main(int argc, char *argv[])
 		}
 		chdir("/");
 		setgroups(1, &nobody->pw_gid);
-		setuid(nobody->pw_uid);
+		if (setuid(nobody->pw_uid) != 0) {
+			tftp_log(LOG_ERR, "setuid failed");
+			exit(1);
+		}
 	}
 
 	len = sizeof(me_sock);

Modified: head/sbin/ccdconfig/ccdconfig.c
==============================================================================
--- head/sbin/ccdconfig/ccdconfig.c	Mon Oct 22 03:06:59 2012	(r241847)
+++ head/sbin/ccdconfig/ccdconfig.c	Mon Oct 22 03:07:05 2012	(r241848)
@@ -288,13 +288,16 @@ do_all(int action)
 
 	rval = 0;
 	egid = getegid();
-	setegid(getgid());
+	if (setegid(getgid()) != 0)
+		err(1, "setegid failed");
 	if ((f = fopen(ccdconf, "r")) == NULL) {
-		setegid(egid);
+		if (setegid(egid) != 0)
+			err(1, "setegid failed");
 		warn("fopen: %s", ccdconf);
 		return (1);
 	}
-	setegid(egid);
+	if (setegid(egid) != 0)
+		err(1, "setegid failed");
 
 	while (fgets(line, sizeof(line), f) != NULL) {
 		argc = 0;

Modified: head/sbin/restore/tape.c
==============================================================================
--- head/sbin/restore/tape.c	Mon Oct 22 03:06:59 2012	(r241847)
+++ head/sbin/restore/tape.c	Mon Oct 22 03:07:05 2012	(r241848)
@@ -164,7 +164,11 @@ setinput(char *source, int ispipecommand
 		}
 		pipein++;
 	}
-	setuid(getuid());	/* no longer need or want root privileges */
+	/* no longer need or want root privileges */
+	if (setuid(getuid()) != 0) {
+		fprintf(stderr, "setuid failed\n");
+		done(1);
+	}
 	magtape = strdup(source);
 	if (magtape == NULL) {
 		fprintf(stderr, "Cannot allocate space for magtape buffer\n");

Modified: head/usr.bin/lock/lock.c
==============================================================================
--- head/usr.bin/lock/lock.c	Mon Oct 22 03:06:59 2012	(r241847)
+++ head/usr.bin/lock/lock.c	Mon Oct 22 03:07:05 2012	(r241848)
@@ -129,7 +129,9 @@ main(int argc, char **argv)
 		}
 	timeout.tv_sec = sectimeout * 60;
 
-	setuid(getuid());		/* discard privs */
+	/* discard privs */
+	if (setuid(getuid()) != 0)
+		errx(1, "setuid failed");
 
 	if (tcgetattr(0, &tty))		/* get information for header */
 		exit(1);

Modified: head/usr.bin/msgs/msgs.c
==============================================================================
--- head/usr.bin/msgs/msgs.c	Mon Oct 22 03:06:59 2012	(r241847)
+++ head/usr.bin/msgs/msgs.c	Mon Oct 22 03:07:05 2012	(r241848)
@@ -175,7 +175,8 @@ main(int argc, char *argv[])
 	setlocale(LC_ALL, "");
 
 	time(&t);
-	setuid(uid = getuid());
+	if (setuid(uid = getuid()) != 0)
+		err(1, "setuid failed");
 	ruptible = (signal(SIGINT, SIG_IGN) == SIG_DFL);
 	if (ruptible)
 		signal(SIGINT, SIG_DFL);

Modified: head/usr.bin/wall/wall.c
==============================================================================
--- head/usr.bin/wall/wall.c	Mon Oct 22 03:06:59 2012	(r241847)
+++ head/usr.bin/wall/wall.c	Mon Oct 22 03:07:05 2012	(r241848)
@@ -240,7 +240,8 @@ makemsg(char *fname)
 		setegid(getgid());
 		if (freopen(fname, "r", stdin) == NULL)
 			err(1, "can't read %s", fname);
-		setegid(egid);
+		if (setegid(egid) != 0)
+			err(1, "setegid failed");
 	}
 	cnt = 0;
 	while (fgetws(lbuf, sizeof(lbuf)/sizeof(wchar_t), stdin)) {

Modified: head/usr.sbin/edquota/edquota.c
==============================================================================
--- head/usr.sbin/edquota/edquota.c	Mon Oct 22 03:06:59 2012	(r241847)
+++ head/usr.sbin/edquota/edquota.c	Mon Oct 22 03:07:05 2012	(r241848)
@@ -453,8 +453,10 @@ editit(char *tmpf)
 		const char *ed;
 
 		sigsetmask(omask);
-		setgid(getgid());
-		setuid(getuid());
+		if (setgid(getgid()) != 0)
+			err(1, "setgid failed");
+		if (setuid(getuid()) != 0)
+			err(1, "setuid failed");
 		if ((ed = getenv("EDITOR")) == (char *)0)
 			ed = _PATH_VI;
 		execlp(ed, ed, tmpf, (char *)0);

Modified: head/usr.sbin/kgmon/kgmon.c
==============================================================================
--- head/usr.sbin/kgmon/kgmon.c	Mon Oct 22 03:06:59 2012	(r241847)
+++ head/usr.sbin/kgmon/kgmon.c	Mon Oct 22 03:07:05 2012	(r241848)
@@ -90,7 +90,9 @@ main(int argc, char **argv)
 	struct kvmvars kvmvars;
 	char *system, *kmemf;
 
-	seteuid(getuid());
+	if (seteuid(getuid()) != 0) {
+		err(1, "seteuid failed\n");
+	}
 	kmemf = NULL;
 	system = NULL;
 	while ((ch = getopt(argc, argv, "M:N:Bbhpr")) != -1) {



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201210220307.q9M375PN017842>