svn commit: r253457 - head/usr.bin/uniq
Ulrich Spörlein
uqs at FreeBSD.org
Wed Jul 24 12:53:35 UTC 2013
On Thu, 2013-07-18 at 22:11:27 +0000, Pawel Jakub Dawidek wrote:
> Author: pjd
> Date: Thu Jul 18 22:11:27 2013
> New Revision: 253457
> URL: http://svnweb.freebsd.org/changeset/base/253457
>
> Log:
> Close uniq(1) in the capability mode sandbox and limit descriptors using
> capability rights.
>
> Modified:
> head/usr.bin/uniq/uniq.c
>
> Modified: head/usr.bin/uniq/uniq.c
> ==============================================================================
> --- head/usr.bin/uniq/uniq.c Thu Jul 18 21:56:10 2013 (r253456)
> +++ head/usr.bin/uniq/uniq.c Thu Jul 18 22:11:27 2013 (r253457)
> @@ -128,8 +145,34 @@ main (int argc, char *argv[])
> ofp = stdout;
> if (argc > 0 && strcmp(argv[0], "-") != 0)
> ifp = file(ifn = argv[0], "r");
> + if (cap_rights_limit(fileno(ifp), CAP_FSTAT | CAP_READ) < 0 &&
> + errno != ENOSYS) {
> + err(1, "unable to limit rights for %s", ifn);
> + }
> + rights = CAP_FSTAT | CAP_WRITE;
> if (argc > 1)
> ofp = file(argv[1], "w");
> + else
> + rights |= CAP_IOCTL;
> + if (cap_rights_limit(fileno(ofp), rights) < 0 && errno != ENOSYS) {
> + err(1, "unable to limit rights for %s",
> + argc > 1 ? argv[1] : "stdout");
> + }
> + if ((rights & CAP_IOCTL) != 0) {
> + unsigned long cmd;
> +
> + cmd = TIOCGETA; /* required by isatty(3) in printf(3) */
> +
> + if (cap_ioctls_limit(fileno(ofp), &cmd, 1) < 0 &&
> + errno != ENOSYS) {
> + err(1, "unable to limit ioctls for %s",
> + argc > 1 ? argv[1] : "stdout");
> + }
> + }
Deadcode, found by Coverity Scan, CID 1054780 (please mention in your
fix-commit). You check for argc > 1 at line 153, only if that is false
(meaning argc==1) do you set CAP_IOCTL. So on line 169 argc cannot be >1
and the result is always "stdout".
Cheers,
Uli
More information about the svn-src-all
mailing list