diff options
| author |   deraadt <deraadt@openbsd.org> | 2019-05-16 06:23:15 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2019-05-16 06:23:15 +0000 |
| commit | f42f1754a5d1f05f2b0f363f7959764cb88c8991 (patch) | |
| tree | 8f2e22f24ad1ad8f572ba07cb042abfaa5107e15 | |
| parent | Do not change router-id on reload if unspecified. (diff) | |
| download | wireguard-openbsd-f42f1754a5d1f05f2b0f363f7959764cb88c8991.tar.xz wireguard-openbsd-f42f1754a5d1f05f2b0f363f7959764cb88c8991.zip | |
unveil "w" on ttys was too strict, introducing a failure condition
that non-root walls would not stat() tty permissions. Pointed out
by Anton Borowka. The stat is intentional to check for biff-compatible
g+w bit, Correct stat+open TOCTOU into open+fstat, which means the
unveil is correct. (once again, application of unveil has exposed
a minor TOCTOU).
ok guenther martijn
| -rw-r--r-- | usr.bin/wall/ttymsg.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/usr.bin/wall/ttymsg.c b/usr.bin/wall/ttymsg.c index f6474778824..2720bdc4f4c 100644 --- a/usr.bin/wall/ttymsg.c +++ b/usr.bin/wall/ttymsg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ttymsg.c,v 1.17 2015/11/05 22:20:11 benno Exp $ */ +/* $OpenBSD: ttymsg.c,v 1.18 2019/05/16 06:23:15 deraadt Exp $ */ /* $NetBSD: ttymsg.c,v 1.3 1994/11/17 07:17:55 jtc Exp $ */ /* @@ -87,13 +87,6 @@ ttymsg(iov, iovcnt, line, tmout) return (errbuf); } - if (getuid()) { - if (stat(device, &st) < 0) - return (NULL); - if ((st.st_mode & S_IWGRP) == 0) - return (NULL); - } - /* * open will fail on slip lines or exclusive-use lines * if not running as root; not an error. @@ -106,6 +99,14 @@ ttymsg(iov, iovcnt, line, tmout) return (errbuf); } + if (getuid()) { + if (fstat(fd, &st) < 0 || + (st.st_mode & S_IWGRP) == 0) { + close(fd); + return (NULL); + } + } + for (cnt = left = 0; cnt < iovcnt; ++cnt) left += iov[cnt].iov_len; |