diff options
author | yasuoka <yasuoka@openbsd.org> | 2019-03-31 03:36:18 +0000 |
---|---|---|
committer | yasuoka <yasuoka@openbsd.org> | 2019-03-31 03:36:18 +0000 |
commit | ef4f5895abd850e5705ba18ff094fe48eb3d06cd (patch) | |
tree | f62d986aaee36319a44d595489a7dad07f385254 /usr.sbin | |
parent | If using retguard, we do not also need the stack protector. (diff) | |
download | wireguard-openbsd-ef4f5895abd850e5705ba18ff094fe48eb3d06cd.tar.xz wireguard-openbsd-ef4f5895abd850e5705ba18ff094fe48eb3d06cd.zip |
Avoid calling dup2(oldd, newd) when oldd == newd. In that case the
descriptor keeps CLOEXEC flag then it will be closed unexpectedly by
exec().
ok tedu florian
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/bgpd/bgpd.c | 7 | ||||
-rw-r--r-- | usr.sbin/eigrpd/eigrpd.c | 8 | ||||
-rw-r--r-- | usr.sbin/ldapd/ldapd.c | 7 | ||||
-rw-r--r-- | usr.sbin/ldpd/ldpd.c | 8 | ||||
-rw-r--r-- | usr.sbin/rad/rad.c | 8 | ||||
-rw-r--r-- | usr.sbin/smtpd/smtpd.c | 9 |
6 files changed, 34 insertions, 13 deletions
diff --git a/usr.sbin/bgpd/bgpd.c b/usr.sbin/bgpd/bgpd.c index 1dd968af069..a198a4f30a9 100644 --- a/usr.sbin/bgpd/bgpd.c +++ b/usr.sbin/bgpd/bgpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bgpd.c,v 1.213 2019/03/07 07:42:36 claudio Exp $ */ +/* $OpenBSD: bgpd.c,v 1.214 2019/03/31 03:36:18 yasuoka Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -414,7 +414,10 @@ start_child(enum bgpd_process p, char *argv0, int fd, int debug, int verbose) return (pid); } - if (dup2(fd, 3) == -1) + if (fd != 3) { + if (dup2(fd, 3) == -1) + fatal("cannot setup imsg fd"); + } else if (fcntl(fd, F_SETFD, 0) == -1) fatal("cannot setup imsg fd"); argv[argc++] = argv0; diff --git a/usr.sbin/eigrpd/eigrpd.c b/usr.sbin/eigrpd/eigrpd.c index fada4d9c8e8..26427d134c2 100644 --- a/usr.sbin/eigrpd/eigrpd.c +++ b/usr.sbin/eigrpd/eigrpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: eigrpd.c,v 1.26 2018/09/26 14:53:34 mestre Exp $ */ +/* $OpenBSD: eigrpd.c,v 1.27 2019/03/31 03:36:18 yasuoka Exp $ */ /* * Copyright (c) 2015 Renato Westphal <renato@openbsd.org> @@ -25,6 +25,7 @@ #include <err.h> #include <errno.h> +#include <fcntl.h> #include <pwd.h> #include <signal.h> #include <stdio.h> @@ -330,7 +331,10 @@ start_child(enum eigrpd_process p, char *argv0, int fd, int debug, int verbose, return (pid); } - if (dup2(fd, 3) == -1) + if (fd != 3) { + if (dup2(fd, 3) == -1) + fatal("cannot setup imsg fd"); + } else if (fcntl(fd, F_SETFD, 0) == -1) fatal("cannot setup imsg fd"); argv[argc++] = argv0; diff --git a/usr.sbin/ldapd/ldapd.c b/usr.sbin/ldapd/ldapd.c index 94df93ee4e6..797a36f89f3 100644 --- a/usr.sbin/ldapd/ldapd.c +++ b/usr.sbin/ldapd/ldapd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ldapd.c,v 1.24 2018/05/15 11:19:21 reyk Exp $ */ +/* $OpenBSD: ldapd.c,v 1.25 2019/03/31 03:36:18 yasuoka Exp $ */ /* * Copyright (c) 2009, 2010 Martin Hedenfalk <martin@bzero.se> @@ -429,7 +429,10 @@ start_child(enum ldapd_process p, char *argv0, int fd, int debug, return (pid); } - if (dup2(fd, PROC_PARENT_SOCK_FILENO) == -1) + if (fd != PROC_PARENT_SOCK_FILENO) { + if (dup2(fd, PROC_PARENT_SOCK_FILENO) == -1) + fatal("cannot setup imsg fd"); + } else if (fcntl(fd, F_SETFD, 0) == -1) fatal("cannot setup imsg fd"); argv[argc++] = argv0; diff --git a/usr.sbin/ldpd/ldpd.c b/usr.sbin/ldpd/ldpd.c index 7425d2030e5..d074b9e2329 100644 --- a/usr.sbin/ldpd/ldpd.c +++ b/usr.sbin/ldpd/ldpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ldpd.c,v 1.63 2019/01/23 02:02:04 dlg Exp $ */ +/* $OpenBSD: ldpd.c,v 1.64 2019/03/31 03:36:18 yasuoka Exp $ */ /* * Copyright (c) 2013, 2016 Renato Westphal <renato@openbsd.org> @@ -23,6 +23,7 @@ #include <sys/wait.h> #include <err.h> #include <errno.h> +#include <fcntl.h> #include <pwd.h> #include <stdio.h> #include <stdlib.h> @@ -330,7 +331,10 @@ start_child(enum ldpd_process p, char *argv0, int fd, int debug, int verbose, return (pid); } - if (dup2(fd, 3) == -1) + if (fd != 3) { + if (dup2(fd, 3) == -1) + fatal("cannot setup imsg fd"); + } else if (fcntl(fd, F_SETFD, 0) == -1) fatal("cannot setup imsg fd"); argv[argc++] = argv0; diff --git a/usr.sbin/rad/rad.c b/usr.sbin/rad/rad.c index d6e139a612f..f4e96ab319e 100644 --- a/usr.sbin/rad/rad.c +++ b/usr.sbin/rad/rad.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rad.c,v 1.19 2019/03/12 18:47:57 pamela Exp $ */ +/* $OpenBSD: rad.c,v 1.20 2019/03/31 03:36:18 yasuoka Exp $ */ /* * Copyright (c) 2018 Florian Obser <florian@openbsd.org> @@ -36,6 +36,7 @@ #include <err.h> #include <errno.h> #include <event.h> +#include <fcntl.h> #include <imsg.h> #include <netdb.h> #include <pwd.h> @@ -361,7 +362,10 @@ start_child(int p, char *argv0, int fd, int debug, int verbose) return (pid); } - if (dup2(fd, 3) == -1) + if (fd != 3) { + if (dup2(fd, 3) == -1) + fatal("cannot setup imsg fd"); + } else if (fcntl(fd, F_SETFD, 0) == -1) fatal("cannot setup imsg fd"); argv[argc++] = argv0; diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c index 66022264cd2..acf0f657031 100644 --- a/usr.sbin/smtpd/smtpd.c +++ b/usr.sbin/smtpd/smtpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.c,v 1.317 2019/01/30 21:31:48 gilles Exp $ */ +/* $OpenBSD: smtpd.c,v 1.318 2019/03/31 03:36:18 yasuoka Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org> @@ -827,8 +827,11 @@ start_child(int save_argc, char **save_argv, char *rexec) return p; } - if (dup2(sp[0], 3) == -1) - fatal("%s: dup2", rexec); + if (sp[0] != 3) { + if (dup2(sp[0], 3) == -1) + fatal("%s: dup2", rexec); + } else if (fcntl(sp[0], F_SETFD, 0) == -1) + fatal("%s: fcntl", rexec); if (closefrom(4) == -1) fatal("%s: closefrom", rexec); |