svn commit: r368776 - head/usr.bin/login

Sat Dec 19 02:36:42 UTC 2020

On 12/18/20 9:23 PM, Pedro F. Giffuni wrote:
> Author: pfg
> Date: Sat Dec 19 02:23:53 2020
> New Revision: 368776
> URL: https://svnweb.freebsd.org/changeset/base/368776
>
> Log:
>    login(1): when exporting variables check the result of setenv(3)
>    
>    When exporting a variable we correctly check all the preconditions that
>    could make setenv(3) fail. Checking the setenv(3) return value seems
>    redundant, but given that login(1) is critical, it doesn't hurt to have
>    a post-check.
>    
>    This change is based on the "Principles of Secure Coding" course by
>    Matthew Bishop, PhD., which specifically discusses this code in FreeBSD.
>    
>    Differential Revision:	https://reviews.freebsd.org/D26966
>
> Modified:
>    head/usr.bin/login/login.c
>
> Modified: head/usr.bin/login/login.c
> ==============================================================================
> --- head/usr.bin/login/login.c	Sat Dec 19 01:46:47 2020	(r368775)
> +++ head/usr.bin/login/login.c	Sat Dec 19 02:23:53 2020	(r368776)
> @@ -793,6 +793,7 @@ export(const char *s)
>   	char *p;
>   	const char **pp;
>   	size_t n;
> +	int rv;
>   
>   	if (strlen(s) > 1024 || (p = strchr(s, '=')) == NULL)
>   		return (0);
> @@ -804,8 +805,10 @@ export(const char *s)
>   			return (0);
>   	}
>   	*p = '\0';
> -	(void)setenv(s, p + 1, 1);
> +	rv = setenv(s, p + 1, 1);
>   	*p = '=';
> +	if (rv == 1)
> +		return (0);
>   	return (1);
>   }
>   

This is wrong .. it should have been -1.

I'll revert to make the change clean.