Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh/dist CID 1309355: check error re...
details: https://anonhg.NetBSD.org/src/rev/6f8c35094dac
branches: trunk
changeset: 339235:6f8c35094dac
user: christos <christos%NetBSD.org@localhost>
date: Mon Jul 06 15:09:17 2015 +0000
description:
CID 1309355: check error return from closefrom(3) where appropriate.
diffstat:
crypto/external/bsd/openssh/dist/auth2-pubkey.c | 9 ++++++---
crypto/external/bsd/openssh/dist/readconf.c | 7 ++++---
crypto/external/bsd/openssh/dist/session.c | 8 ++++----
crypto/external/bsd/openssh/dist/ssh.c | 7 ++++---
crypto/external/bsd/openssh/dist/sshconnect2.c | 7 ++++---
crypto/external/bsd/openssh/dist/sshd.c | 10 ++++++----
6 files changed, 28 insertions(+), 20 deletions(-)
diffs (182 lines):
diff -r fa7de254fab6 -r 6f8c35094dac crypto/external/bsd/openssh/dist/auth2-pubkey.c
--- a/crypto/external/bsd/openssh/dist/auth2-pubkey.c Mon Jul 06 12:05:40 2015 +0000
+++ b/crypto/external/bsd/openssh/dist/auth2-pubkey.c Mon Jul 06 15:09:17 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: auth2-pubkey.c,v 1.12 2015/07/03 00:59:59 christos Exp $ */
+/* $NetBSD: auth2-pubkey.c,v 1.13 2015/07/06 15:09:17 christos Exp $ */
/* $OpenBSD: auth2-pubkey.c,v 1.53 2015/06/15 18:44:22 jsing Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth2-pubkey.c,v 1.12 2015/07/03 00:59:59 christos Exp $");
+__RCSID("$NetBSD: auth2-pubkey.c,v 1.13 2015/07/06 15:09:17 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
@@ -474,7 +474,10 @@
error("%s: dup2: %s", tag, strerror(errno));
_exit(1);
}
- closefrom(STDERR_FILENO + 1);
+ if (closefrom(STDERR_FILENO + 1) == -1) {
+ error("closefrom: %s", strerror(errno));
+ _exit(1);
+ }
/* Don't use permanently_set_uid() here to avoid fatal() */
if (setgid(pw->pw_gid) == -1) {
diff -r fa7de254fab6 -r 6f8c35094dac crypto/external/bsd/openssh/dist/readconf.c
--- a/crypto/external/bsd/openssh/dist/readconf.c Mon Jul 06 12:05:40 2015 +0000
+++ b/crypto/external/bsd/openssh/dist/readconf.c Mon Jul 06 15:09:17 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: readconf.c,v 1.14 2015/07/03 01:00:00 christos Exp $ */
+/* $NetBSD: readconf.c,v 1.15 2015/07/06 15:09:17 christos Exp $ */
/* $OpenBSD: readconf.c,v 1.237 2015/06/26 05:13:20 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -14,7 +14,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: readconf.c,v 1.14 2015/07/03 01:00:00 christos Exp $");
+__RCSID("$NetBSD: readconf.c,v 1.15 2015/07/06 15:09:17 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
@@ -467,7 +467,8 @@
fatal("dup2: %s", strerror(errno));
if (devnull > STDERR_FILENO)
close(devnull);
- closefrom(STDERR_FILENO + 1);
+ if (closefrom(STDERR_FILENO + 1) == -1)
+ fatal("closefrom: %s", strerror(errno));
argv[0] = __UNCONST(shell);
argv[1] = __UNCONST("-c");
diff -r fa7de254fab6 -r 6f8c35094dac crypto/external/bsd/openssh/dist/session.c
--- a/crypto/external/bsd/openssh/dist/session.c Mon Jul 06 12:05:40 2015 +0000
+++ b/crypto/external/bsd/openssh/dist/session.c Mon Jul 06 15:09:17 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: session.c,v 1.15 2015/07/03 01:00:00 christos Exp $ */
+/* $NetBSD: session.c,v 1.16 2015/07/06 15:09:17 christos Exp $ */
/* $OpenBSD: session.c,v 1.278 2015/04/24 01:36:00 deraadt Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -35,7 +35,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: session.c,v 1.15 2015/07/03 01:00:00 christos Exp $");
+__RCSID("$NetBSD: session.c,v 1.16 2015/07/06 15:09:17 christos Exp $");
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/un.h>
@@ -1557,7 +1557,7 @@
* initgroups, because at least on Solaris 2.3 it leaves file
* descriptors open.
*/
- closefrom(STDERR_FILENO + 1);
+ (void)closefrom(STDERR_FILENO + 1);
}
/*
@@ -1688,7 +1688,7 @@
exit(1);
}
- closefrom(STDERR_FILENO + 1);
+ (void)closefrom(STDERR_FILENO + 1);
if (!options.use_login)
do_rc_files(s, shell);
diff -r fa7de254fab6 -r 6f8c35094dac crypto/external/bsd/openssh/dist/ssh.c
--- a/crypto/external/bsd/openssh/dist/ssh.c Mon Jul 06 12:05:40 2015 +0000
+++ b/crypto/external/bsd/openssh/dist/ssh.c Mon Jul 06 15:09:17 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ssh.c,v 1.17 2015/07/03 01:00:00 christos Exp $ */
+/* $NetBSD: ssh.c,v 1.18 2015/07/06 15:09:17 christos Exp $ */
/* $OpenBSD: ssh.c,v 1.418 2015/05/04 06:10:48 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -42,7 +42,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: ssh.c,v 1.17 2015/07/03 01:00:00 christos Exp $");
+__RCSID("$NetBSD: ssh.c,v 1.18 2015/07/06 15:09:17 christos Exp $");
#include <sys/types.h>
#include <sys/param.h>
#include <sys/ioctl.h>
@@ -515,7 +515,8 @@
* Discard other fds that are hanging around. These can cause problem
* with backgrounded ssh processes started by ControlPersist.
*/
- closefrom(STDERR_FILENO + 1);
+ if (closefrom(STDERR_FILENO + 1) == -1)
+ fatal("closefrom failed: %.100s", strerror(errno));
/*
* Save the original real uid. It will be needed later (uid-swapping
diff -r fa7de254fab6 -r 6f8c35094dac crypto/external/bsd/openssh/dist/sshconnect2.c
--- a/crypto/external/bsd/openssh/dist/sshconnect2.c Mon Jul 06 12:05:40 2015 +0000
+++ b/crypto/external/bsd/openssh/dist/sshconnect2.c Mon Jul 06 15:09:17 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: sshconnect2.c,v 1.20 2015/07/03 01:00:00 christos Exp $ */
+/* $NetBSD: sshconnect2.c,v 1.21 2015/07/06 15:09:17 christos Exp $ */
/* $OpenBSD: sshconnect2.c,v 1.224 2015/05/04 06:10:48 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -26,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.20 2015/07/03 01:00:00 christos Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.21 2015/07/06 15:09:17 christos Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
@@ -1543,7 +1543,8 @@
/* Close everything but stdio and the socket */
for (i = STDERR_FILENO + 1; i < sock; i++)
close(i);
- closefrom(sock + 1);
+ if (closefrom(sock + 1) < 0)
+ fatal("%s: closefrom: %s", __func__, strerror(errno));
debug3("%s: [child] pid=%ld, exec %s",
__func__, (long)getpid(), _PATH_SSH_KEY_SIGN);
execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *) 0);
diff -r fa7de254fab6 -r 6f8c35094dac crypto/external/bsd/openssh/dist/sshd.c
--- a/crypto/external/bsd/openssh/dist/sshd.c Mon Jul 06 12:05:40 2015 +0000
+++ b/crypto/external/bsd/openssh/dist/sshd.c Mon Jul 06 15:09:17 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: sshd.c,v 1.19 2015/07/03 01:00:00 christos Exp $ */
+/* $NetBSD: sshd.c,v 1.20 2015/07/06 15:09:17 christos Exp $ */
/* $OpenBSD: sshd.c,v 1.450 2015/05/24 23:39:16 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -44,7 +44,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: sshd.c,v 1.19 2015/07/03 01:00:00 christos Exp $");
+__RCSID("$NetBSD: sshd.c,v 1.20 2015/07/06 15:09:17 christos Exp $");
#include <sys/types.h>
#include <sys/param.h>
#include <sys/ioctl.h>
@@ -1572,9 +1572,11 @@
if (!test_flag && (rexec_flag && (av[0] == NULL || *av[0] != '/')))
fatal("sshd re-exec requires execution with an absolute path");
if (rexeced_flag)
- closefrom(REEXEC_MIN_FREE_FD);
+ r = closefrom(REEXEC_MIN_FREE_FD);
else
- closefrom(REEXEC_DEVCRYPTO_RESERVED_FD);
+ r = closefrom(REEXEC_DEVCRYPTO_RESERVED_FD);
+ if (r == -1)
+ fatal("closefrom failed: %.200s", strerror(errno));
#ifdef WITH_OPENSSL
OpenSSL_add_all_algorithms();
Home |
Main Index |
Thread Index |
Old Index