Date: Tue, 1 Sep 2015 06:05:43 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r287343 - head/usr.bin/netstat Message-ID: <201509010605.t8165hjD026963@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Tue Sep 1 06:05:43 2015 New Revision: 287343 URL: https://svnweb.freebsd.org/changeset/base/287343 Log: Failure of dropping privilege should be fatal, so test and bail out when setgid() fails. Reported by: clang static analyzer MFC after: 2 weeks Modified: head/usr.bin/netstat/main.c Modified: head/usr.bin/netstat/main.c ============================================================================== --- head/usr.bin/netstat/main.c Tue Sep 1 02:42:05 2015 (r287342) +++ head/usr.bin/netstat/main.c Tue Sep 1 06:05:43 2015 (r287343) @@ -498,8 +498,10 @@ main(int argc, char *argv[]) * guys can't print interesting stuff from kernel memory. */ live = (nlistf == NULL && memf == NULL); - if (!live) - setgid(getgid()); + if (!live) { + if (setgid(getgid()) != 0) + xo_err(-1, "setgid"); + } if (xflag && Tflag) xo_errx(1, "-x and -T are incompatible, pick one."); @@ -704,7 +706,8 @@ kvmd_init(void) return (0); kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf); - setgid(getgid()); + if (setgid(getgid()) != 0) + xo_err(-1, "setgid"); if (kvmd == NULL) { xo_warnx("kvm not available: %s", errbuf);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201509010605.t8165hjD026963>