git: eb32eb2b453d - stable/13 - dma: exit if invoked with invalid (zero) argc
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 05 Feb 2022 16:27:16 UTC
The branch stable/13 has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=eb32eb2b453d21534efaea4cfa17043a634e6199
commit eb32eb2b453d21534efaea4cfa17043a634e6199
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2022-01-28 22:15:02 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-02-05 16:26:09 +0000
dma: exit if invoked with invalid (zero) argc
This was prompted by the recent pkexec vulnerability (CVE-2021-4034).
This change is being made on general principle for setuid/setgid
binaries and is not in response to an actual issue.
Reviewed by: kevans, markj (both earlier)
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34087
(cherry picked from commit 1c91aedf25bce879a8aced6439200e46601eb8a4)
---
contrib/dma/dma.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/contrib/dma/dma.c b/contrib/dma/dma.c
index 72115ae2b55e..7cad25a214ee 100644
--- a/contrib/dma/dma.c
+++ b/contrib/dma/dma.c
@@ -428,6 +428,9 @@ main(int argc, char **argv)
int nodot = 0, showq = 0, queue_only = 0, newaliases = 0;
int recp_from_header = 0;
+ if (argc == 0)
+ errx(EX_OSERR, "invalid argc");
+
set_username();
/*