Date: Tue, 2 Oct 2012 21:50:13 GMT From: Erik Cederstrand <erik@cederstrand.dk> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/172289: Check return value of setuid() Message-ID: <201210022150.q92LoDCl046742@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/172289; it has been noted by GNATS. From: Erik Cederstrand <erik@cederstrand.dk> To: bug-followup@FreeBSD.org, Eitan Adler <lists@eitanadler.com> Cc: Subject: Re: bin/172289: Check return value of setuid() Date: Tue, 2 Oct 2012 23:45:58 +0200 --Apple-Mail=_0AED8E4D-0FE1-4ACE-ADA5-9A2452E0E9E1 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii ping6 also lack check on return value, btw. Patch attached. Erik --Apple-Mail=_0AED8E4D-0FE1-4ACE-ADA5-9A2452E0E9E1 Content-Disposition: attachment; filename=ping6.txt Content-Type: text/plain; name="ping6.txt" Content-Transfer-Encoding: 7bit Index: ping6.c =================================================================== --- ping6.c (revision 240960) +++ ping6.c (working copy) @@ -702,8 +702,10 @@ } /* revoke root privilege */ - seteuid(getuid()); - setuid(getuid()); + if (seteuid(getuid()) != 0) + err(1, "seteuid() failed"); + if (setuid(getuid()) != 0) + err(1, "setuid() failed"); if ((options & F_FLOOD) && (options & F_INTERVAL)) errx(1, "-f and -i incompatible options"); --Apple-Mail=_0AED8E4D-0FE1-4ACE-ADA5-9A2452E0E9E1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201210022150.q92LoDCl046742>