From owner-svn-src-head@FreeBSD.ORG  Wed Jul 24 12:53:35 2013
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 8BE87A6E;
 Wed, 24 Jul 2013 12:53:35 +0000 (UTC) (envelope-from uqs@FreeBSD.org)
Received: from acme.spoerlein.net (acme.spoerlein.net
 [IPv6:2a01:4f8:131:23c2::1])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0A3602E30;
 Wed, 24 Jul 2013 12:53:34 +0000 (UTC)
Received: from localhost (acme.spoerlein.net [IPv6:2a01:4f8:131:23c2::1])
 by acme.spoerlein.net (8.14.7/8.14.7) with ESMTP id r6OCrW16001576
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
 Wed, 24 Jul 2013 14:53:33 +0200 (CEST)
 (envelope-from uqs@FreeBSD.org)
Date: Wed, 24 Jul 2013 14:53:32 +0200
From: Ulrich =?utf-8?B?U3DDtnJsZWlu?= <uqs@FreeBSD.org>
To: Pawel Jakub Dawidek <pjd@FreeBSD.org>
Subject: Re: svn commit: r253457 - head/usr.bin/uniq
Message-ID: <20130724125332.GC9092@acme.spoerlein.net>
Mail-Followup-To: Ulrich =?utf-8?B?U3DDtnJsZWlu?= <uqs@FreeBSD.org>,
 Pawel Jakub Dawidek <pjd@FreeBSD.org>, src-committers@freebsd.org,
 svn-src-all@freebsd.org, svn-src-head@freebsd.org
References: <201307182211.r6IMBRYC091291@svn.freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <201307182211.r6IMBRYC091291@svn.freebsd.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org,
 src-committers@freebsd.org
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2013 12:53:35 -0000

On Thu, 2013-07-18 at 22:11:27 +0000, Pawel Jakub Dawidek wrote:
> Author: pjd
> Date: Thu Jul 18 22:11:27 2013
> New Revision: 253457
> URL: http://svnweb.freebsd.org/changeset/base/253457
> 
> Log:
>   Close uniq(1) in the capability mode sandbox and limit descriptors using
>   capability rights.
> 
> Modified:
>   head/usr.bin/uniq/uniq.c
> 
> Modified: head/usr.bin/uniq/uniq.c
> ==============================================================================
> --- head/usr.bin/uniq/uniq.c	Thu Jul 18 21:56:10 2013	(r253456)
> +++ head/usr.bin/uniq/uniq.c	Thu Jul 18 22:11:27 2013	(r253457)
> @@ -128,8 +145,34 @@ main (int argc, char *argv[])
>  	ofp = stdout;
>  	if (argc > 0 && strcmp(argv[0], "-") != 0)
>  		ifp = file(ifn = argv[0], "r");
> +	if (cap_rights_limit(fileno(ifp), CAP_FSTAT | CAP_READ) < 0 &&
> +	    errno != ENOSYS) {
> +		err(1, "unable to limit rights for %s", ifn);
> +	}
> +	rights = CAP_FSTAT | CAP_WRITE;
>  	if (argc > 1)
>  		ofp = file(argv[1], "w");
> +	else
> +		rights |= CAP_IOCTL;
> +	if (cap_rights_limit(fileno(ofp), rights) < 0 && errno != ENOSYS) {
> +		err(1, "unable to limit rights for %s",
> +		    argc > 1 ? argv[1] : "stdout");
> +	}
> +	if ((rights & CAP_IOCTL) != 0) {
> +		unsigned long cmd;
> +
> +		cmd = TIOCGETA; /* required by isatty(3) in printf(3) */
> +
> +		if (cap_ioctls_limit(fileno(ofp), &cmd, 1) < 0 &&
> +		    errno != ENOSYS) {
> +			err(1, "unable to limit ioctls for %s",
> +			    argc > 1 ? argv[1] : "stdout");
> +		}
> +	}

Deadcode, found by Coverity Scan, CID 1054780 (please mention in your
fix-commit). You check for argc > 1 at line 153, only if that is false
(meaning argc==1) do you set CAP_IOCTL. So on line 169 argc cannot be >1
and the result is always "stdout".

Cheers,
Uli