Date: Tue, 19 Mar 2019 02:45:32 +0000 (UTC) From: Marcin Wojtas <mw@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r345289 - head/stand/common Message-ID: <201903190245.x2J2jWex089994@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mw Date: Tue Mar 19 02:45:32 2019 New Revision: 345289 URL: https://svnweb.freebsd.org/changeset/base/345289 Log: Add missing boot.4th verification During initialization of the forth interpreter the loader looks for "/boot/boot.4th" and executes any code found there. That file was loaded bypassing verification. Add a call to verify_file to change that. Submitted by: Kornel Duleba <mindal@semihalf.com> Reviewed by: sjg Obtained from: Semihalf Sponsored by: Stormshield Modified: head/stand/common/interp_forth.c Modified: head/stand/common/interp_forth.c ============================================================================== --- head/stand/common/interp_forth.c Tue Mar 19 02:33:58 2019 (r345288) +++ head/stand/common/interp_forth.c Tue Mar 19 02:45:32 2019 (r345289) @@ -283,6 +283,12 @@ bf_init(void) /* try to load and run init file if present */ if ((fd = open("/boot/boot.4th", O_RDONLY)) != -1) { +#ifdef LOADER_VERIEXEC + if (verify_file(fd, "/boot/boot.4th", 0, VE_GUESS) < 0) { + close(fd); + return; + } +#endif (void)ficlExecFD(bf_vm, fd); close(fd); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903190245.x2J2jWex089994>