D45567.id140509.diff
No OneTemporary
Actions

Size

6 KB

Referenced Files

None

Subscribers

None

D45567.id140509.diff
View Options

	diff --git a/lib/libpam/modules/pam_xdg/pam_xdg.c b/lib/libpam/modules/pam_xdg/pam_xdg.c
	--- a/lib/libpam/modules/pam_xdg/pam_xdg.c
	+++ b/lib/libpam/modules/pam_xdg/pam_xdg.c
	@@ -67,7 +67,7 @@

	/* Get user info */
	rv = pam_get_item(pamh, PAM_USER, (const void **)&user);
	- if (rv != PAM_SUCCESS) {
	+ if (rv != PAM_SUCCESS \|\| user == NULL) {
	PAM_VERBOSE_ERROR("Can't get user information");
	goto out;
	}
	@@ -221,7 +221,7 @@

	/* Get user info */
	rv = pam_get_item(pamh, PAM_USER, (const void **)&user);
	- if (rv != PAM_SUCCESS) {
	+ if (rv != PAM_SUCCESS \|\| user == NULL) {
	PAM_VERBOSE_ERROR("Can't get user information");
	goto out;
	}
	diff --git a/usr.bin/wall/ttymsg.h b/usr.bin/wall/ttymsg.h
	--- a/usr.bin/wall/ttymsg.h
	+++ b/usr.bin/wall/ttymsg.h
	@@ -1,4 +1,4 @@

	#define TTYMSG_IOV_MAX 32

	-const char ttymsg(struct iovec , int, const char *, int);
	+const char ttymsg(struct iovec , int, const char *, int, int);
	diff --git a/usr.bin/wall/ttymsg.c b/usr.bin/wall/ttymsg.c
	--- a/usr.bin/wall/ttymsg.c
	+++ b/usr.bin/wall/ttymsg.c
	@@ -30,10 +30,13 @@
	*/


	-
	+#include <sys/procdesc.h>
	#include <sys/types.h>
	#include <sys/uio.h>
	+
	+#include <capsicum_helpers.h>
	#include <dirent.h>
	+#include <err.h>
	#include <errno.h>
	#include <fcntl.h>
	#include <paths.h>
	@@ -53,17 +56,20 @@
	* ignored (exclusive-use, lack of permission, etc.).
	*/
	const char *
	-ttymsg(struct iovec iov, int iovcnt, const char line, int tmout)
	+ttymsg(struct iovec iov, int iovcnt, const char line, int tmout, int fd)
	{
	struct iovec localiov[TTYMSG_IOV_MAX];
	ssize_t left, wret;
	- int cnt, fd;
	+ int cnt;
	char device[MAXNAMLEN] = _PATH_DEV;
	static char errbuf[1024];
	char *p;
	- int forked;
	+ char rel_path[1024];
	+ int fd2;
	+ int pd;
	+ cap_rights_t rights;

	- forked = 0;
	+ strcpy(rel_path,"./");
	if (iovcnt > (int)(sizeof(localiov) / sizeof(localiov[0])))
	return ("too many iov's (change code in wall/ttymsg.c)");

	@@ -82,19 +88,20 @@
	* open will fail on slip lines or exclusive-use lines
	* if not running as root; not an error.
	*/
	- if ((fd = open(device, O_WRONLY\|O_NONBLOCK, 0)) < 0) {
	- if (errno == EBUSY \|\| errno == EACCES)
	- return (NULL);
	- (void) snprintf(errbuf, sizeof(errbuf), "%s: %s", device,
	- strerror(errno));
	- return (errbuf);
	- }
	+ strcat(rel_path, p);
	+ fd2 = openat(fd, rel_path, O_WRONLY\|O_NONBLOCK, O_RDONLY);
	+ if (fd2 < 0)
	+ err(1, "openat(%s)", rel_path);
	+
	+ cap_rights_init(&rights, CAP_WRITE, CAP_FSTAT,CAP_FSTATAT);
	+ if (caph_rights_limit(fd2, &rights) == -1)
	+ err(1, "unable to limit capability rights");

	for (cnt = 0, left = 0; cnt < iovcnt; ++cnt)
	left += iov[cnt].iov_len;

	for (;;) {
	- wret = writev(fd, iov, iovcnt);
	+ wret = writev(fd2, iov, iovcnt);
	if (wret >= left)
	break;
	if (wret >= 0) {
	@@ -118,22 +125,15 @@
	if (errno == EWOULDBLOCK) {
	int cpid;

	- if (forked) {
	- (void) close(fd);
	- _exit(1);
	- }
	- cpid = fork();
	+ cpid = pdfork(&pd, 0);
	if (cpid < 0) {
	(void) snprintf(errbuf, sizeof(errbuf),
	"fork: %s", strerror(errno));
	- (void) close(fd);
	return (errbuf);
	}
	if (cpid) { /* parent */
	- (void) close(fd);
	return (NULL);
	}
	- forked++;
	/* wait at most tmout seconds */
	(void) signal(SIGALRM, SIG_DFL);
	(void) signal(SIGTERM, SIG_DFL); /* XXX */
	@@ -148,16 +148,10 @@
	*/
	if (errno == ENODEV \|\| errno == EIO)
	break;
	- (void) close(fd);
	- if (forked)
	- _exit(1);
	(void) snprintf(errbuf, sizeof(errbuf),
	"%s: %s", device, strerror(errno));
	return (errbuf);
	}

	- (void) close(fd);
	- if (forked)
	- _exit(0);
	return (NULL);
	}
	diff --git a/usr.bin/wall/wall.c b/usr.bin/wall/wall.c
	--- a/usr.bin/wall/wall.c
	+++ b/usr.bin/wall/wall.c
	@@ -36,9 +36,12 @@

	#include <sys/param.h>
	#include <sys/stat.h>
	+#include <sys/types.h>
	#include <sys/uio.h>

	+#include <capsicum_helpers.h>
	#include <ctype.h>
	+#include <dirent.h>
	#include <err.h>
	#include <grp.h>
	#include <locale.h>
	@@ -68,13 +71,27 @@
	static char *mbuf;

	static int
	-ttystat(char *line)
	+ttystat(char *line,int fd)
	{
	struct stat sb;
	char ttybuf[MAXPATHLEN];
	+ int fd2;
	+ char *p;
	+ char device[MAXNAMLEN] = _PATH_DEV;
	+ char rel_path[1024];
	+
	+ strcpy(rel_path,"./");
	+ strlcat(device, line, sizeof(device));
	+ p = device + sizeof(_PATH_DEV) - 1;
	+ if (strncmp(p, "pts/", 4) == 0)
	+ p += 4;
	+ if (strchr(p, '/') != NULL)
	+ return -1;
	+ strcat(rel_path, p);

	(void)snprintf(ttybuf, sizeof(ttybuf), "%s%s", _PATH_DEV, line);
	- if (stat(ttybuf, &sb) == 0) {
	+ fd2 = openat(fd,rel_path,O_RDONLY);
	+ if (fstat(fd2, &sb) == 0) {
	return (0);
	} else
	return (-1);
	@@ -92,9 +109,19 @@
	char **np;
	const char *p;
	struct passwd *pw;
	+ int devfd;

	(void)setlocale(LC_CTYPE, "");
	+ /*
	+ * Cache NLS data, for strerror, for err(3), before entering capability
	+ * mode.
	+ */
	+ caph_cache_catpages();
	+ setutxent();

	+ devfd = open("/dev/pts/", O_RDONLY\|O_NONBLOCK,0);
	+ if (devfd < 0)
	+ err(1, "open(/dev)");
	while ((ch = getopt(argc, argv, "g:n")) != -1)
	switch (ch) {
	case 'n':
	@@ -134,7 +161,7 @@
	while ((utmp = getutxent()) != NULL) {
	if (utmp->ut_type != USER_PROCESS)
	continue;
	- if (ttystat(utmp->ut_line) != 0)
	+ if (ttystat(utmp->ut_line,devfd) != 0)
	continue;
	if (grouplist) {
	ingroup = 0;
	@@ -158,9 +185,10 @@
	if (ingroup == 0)
	continue;
	}
	- if ((p = ttymsg(&iov, 1, utmp->ut_line, 60*5)) != NULL)
	+ if ((p = ttymsg(&iov, 1, utmp->ut_line, 60*5, devfd)) != NULL)
	warnx("%s", p);
	}
	+ (void)close(devfd);
	exit(0);
	}

	@@ -187,12 +215,18 @@
	const char *tty;
	const char *whom;
	gid_t egid;
	+ cap_rights_t rights;

	(void)snprintf(tmpname, sizeof(tmpname), "%s/wall.XXXXXX", _PATH_TMP);
	if ((fd = mkstemp(tmpname)) == -1 \|\| !(fp = fdopen(fd, "r+")))
	err(1, "can't open temporary file");
	(void)unlink(tmpname);

	+ cap_rights_init(&rights, CAP_FSTAT, CAP_IOCTL, CAP_READ,
	+ CAP_SEEK,CAP_WRITE);
	+ if (caph_limit_stdio() < 0\|\|caph_rights_limit(fd, &rights) == -1)
	+ err(1, "unable to limit capability rights");
	+
	if (!nobanner) {
	tty = ttyname(STDERR_FILENO);
	if (tty == NULL)
	@@ -231,6 +265,10 @@
	if (setegid(egid) != 0)
	err(1, "setegid failed");
	}
	+
	+ if (caph_enter() < 0)
	+ err(1, "unable to enter capability mode");
	+
	cnt = 0;
	while (fgetws(lbuf, sizeof(lbuf)/sizeof(wchar_t), stdin)) {
	for (p = lbuf; (ch = *p) != L'\0'; ++p, ++cnt) {

File Metadata

Mime Type: text/plain
Expires: Fri, Nov 28, 10:09 PM (10 h, 27 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 26304750
Default Alt Text: D45567.id140509.diff (6 KB)

D45567.id140509.diffNo OneTemporaryActions

D45567.id140509.diffView Options

File Metadata

Event Timeline

D45567.id140509.diff
No OneTemporary
Actions

D45567.id140509.diff
View Options