mirror of
https://git.yoctoproject.org/poky
synced 2026-03-14 19:29:41 +01:00
031dad3c8b
(From OE-Core rev: 211942410ec0fb5ebe906b4fed7f1feb13b7cf39) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
254 lines
6.8 KiB
Diff
254 lines
6.8 KiB
Diff
From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001
|
|
From: Simon Josefsson <simon@josefsson.org>
|
|
Date: Mon, 31 Jul 2023 13:59:05 +0200
|
|
Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit.
|
|
|
|
CVE: CVE-2023-40303
|
|
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d]
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
---
|
|
src/rcp.c | 42 ++++++++++++++++++++++++------------------
|
|
src/rlogin.c | 12 ++++++------
|
|
src/rsh.c | 24 ++++++++++++------------
|
|
src/rshd.c | 24 ++++++++++++------------
|
|
src/uucpd.c | 16 ++++++++--------
|
|
5 files changed, 62 insertions(+), 56 deletions(-)
|
|
|
|
diff --git a/src/rcp.c b/src/rcp.c
|
|
index cdcf8500..652f22e6 100644
|
|
--- a/src/rcp.c
|
|
+++ b/src/rcp.c
|
|
@@ -347,9 +347,10 @@ main (int argc, char *argv[])
|
|
response ();
|
|
|
|
if (setuid (userid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, 0,
|
|
+ "Could not drop privileges (setuid() failed)");
|
|
+ }
|
|
|
|
source (argc, argv);
|
|
exit (errs);
|
|
@@ -358,9 +359,10 @@ main (int argc, char *argv[])
|
|
if (to_option)
|
|
{ /* Receive data. */
|
|
if (setuid (userid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, 0,
|
|
+ "Could not drop privileges (setuid() failed)");
|
|
+ }
|
|
|
|
sink (argc, argv);
|
|
exit (errs);
|
|
@@ -548,9 +550,10 @@ toremote (char *targ, int argc, char *argv[])
|
|
free (bp);
|
|
|
|
if (setuid (userid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, 0,
|
|
+ "Could not drop privileges (setuid() failed)");
|
|
+ }
|
|
}
|
|
source (1, argv + i);
|
|
close (rem);
|
|
@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[])
|
|
}
|
|
|
|
if (seteuid (userid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, 0,
|
|
+ "Could not drop privileges (seteuid() failed)");
|
|
+ }
|
|
|
|
#if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
|
|
sslen = sizeof (ss);
|
|
@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[])
|
|
sink (1, vect);
|
|
|
|
if (seteuid (effuid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, 0,
|
|
+ "Could not drop privileges (seteuid() failed)");
|
|
+ }
|
|
|
|
close (rem);
|
|
rem = -1;
|
|
@@ -1465,9 +1470,10 @@ susystem (char *s, int userid)
|
|
|
|
case 0:
|
|
if (setuid (userid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, 0,
|
|
+ "Could not drop privileges (setuid() failed)");
|
|
+ }
|
|
|
|
execl (PATH_BSHELL, "sh", "-c", s, NULL);
|
|
_exit (127);
|
|
diff --git a/src/rlogin.c b/src/rlogin.c
|
|
index c543de0c..4360202f 100644
|
|
--- a/src/rlogin.c
|
|
+++ b/src/rlogin.c
|
|
@@ -648,14 +648,14 @@ try_connect:
|
|
to get the privileged port that rcmd () uses. We now want, however,
|
|
to run as the real user who invoked us. */
|
|
if (seteuid (uid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
|
|
+ }
|
|
|
|
if (setuid (uid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
|
|
+ }
|
|
|
|
doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */
|
|
|
|
diff --git a/src/rsh.c b/src/rsh.c
|
|
index 6f60667d..179b47cd 100644
|
|
--- a/src/rsh.c
|
|
+++ b/src/rsh.c
|
|
@@ -278,14 +278,14 @@ main (int argc, char **argv)
|
|
*argv = (char *) "rlogin";
|
|
|
|
if (seteuid (getuid ()) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, errno, "seteuid() failed");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, errno, "seteuid() failed");
|
|
+ }
|
|
|
|
if (setuid (getuid ()) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, errno, "setuid() failed");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, errno, "setuid() failed");
|
|
+ }
|
|
|
|
execv (PATH_RLOGIN, argv);
|
|
error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
|
|
@@ -551,14 +551,14 @@ try_connect:
|
|
}
|
|
|
|
if (seteuid (uid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, errno, "seteuid() failed");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, errno, "seteuid() failed");
|
|
+ }
|
|
|
|
if (setuid (uid) == -1)
|
|
- {
|
|
- error (EXIT_FAILURE, errno, "setuid() failed");
|
|
- }
|
|
+ {
|
|
+ error (EXIT_FAILURE, errno, "setuid() failed");
|
|
+ }
|
|
|
|
#ifdef HAVE_SIGACTION
|
|
sigemptyset (&sigs);
|
|
diff --git a/src/rshd.c b/src/rshd.c
|
|
index 707790e7..3a153a18 100644
|
|
--- a/src/rshd.c
|
|
+++ b/src/rshd.c
|
|
@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
|
|
|
|
/* Set the gid, then uid to become the user specified by "locuser" */
|
|
if (setegid ((gid_t) pwd->pw_gid) == -1)
|
|
- {
|
|
- rshd_error ("Cannot drop privileges (setegid() failed)\n");
|
|
- exit (EXIT_FAILURE);
|
|
- }
|
|
+ {
|
|
+ rshd_error ("Cannot drop privileges (setegid() failed)\n");
|
|
+ exit (EXIT_FAILURE);
|
|
+ }
|
|
|
|
if (setgid ((gid_t) pwd->pw_gid) == -1)
|
|
- {
|
|
- rshd_error ("Cannot drop privileges (setgid() failed)\n");
|
|
- exit (EXIT_FAILURE);
|
|
- }
|
|
+ {
|
|
+ rshd_error ("Cannot drop privileges (setgid() failed)\n");
|
|
+ exit (EXIT_FAILURE);
|
|
+ }
|
|
|
|
#ifdef HAVE_INITGROUPS
|
|
initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */
|
|
@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
|
|
#endif /* WITH_PAM */
|
|
|
|
if (setuid ((uid_t) pwd->pw_uid) == -1)
|
|
- {
|
|
- rshd_error ("Cannot drop privileges (setuid() failed)\n");
|
|
- exit (EXIT_FAILURE);
|
|
- }
|
|
+ {
|
|
+ rshd_error ("Cannot drop privileges (setuid() failed)\n");
|
|
+ exit (EXIT_FAILURE);
|
|
+ }
|
|
|
|
/* We'll execute the client's command in the home directory
|
|
* of locuser. Note, that the chdir must be executed after
|
|
diff --git a/src/uucpd.c b/src/uucpd.c
|
|
index 29cfce35..fde7b9c9 100644
|
|
--- a/src/uucpd.c
|
|
+++ b/src/uucpd.c
|
|
@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen)
|
|
dologin (pw, sap, salen);
|
|
|
|
if (setgid (pw->pw_gid) == -1)
|
|
- {
|
|
- fprintf (stderr, "setgid() failed");
|
|
- return;
|
|
- }
|
|
+ {
|
|
+ fprintf (stderr, "setgid() failed");
|
|
+ return;
|
|
+ }
|
|
#ifdef HAVE_INITGROUPS
|
|
initgroups (pw->pw_name, pw->pw_gid);
|
|
#endif
|
|
@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen)
|
|
}
|
|
|
|
if (setuid (pw->pw_uid) == -1)
|
|
- {
|
|
- fprintf (stderr, "setuid() failed");
|
|
- return;
|
|
- }
|
|
+ {
|
|
+ fprintf (stderr, "setuid() failed");
|
|
+ return;
|
|
+ }
|
|
|
|
execl (uucico_location, "uucico", NULL);
|
|
perror ("uucico server: execl");
|