On Thu, 2013-07-18 at 22:11:27 +0000, Pawel Jakub Dawidek wrote: > Author: pjd > Date: Thu Jul 18 22:11:27 2013 > New Revision: 253457 > URL: http://svnweb.freebsd.org/changeset/base/253457 > > Log: > Close uniq(1) in the capability mode sandbox and limit descriptors using > capability rights. > > Modified: > head/usr.bin/uniq/uniq.c > > Modified: head/usr.bin/uniq/uniq.c > ============================================================================== > --- head/usr.bin/uniq/uniq.c Thu Jul 18 21:56:10 2013 (r253456) > +++ head/usr.bin/uniq/uniq.c Thu Jul 18 22:11:27 2013 (r253457) > @@ -128,8 +145,34 @@ main (int argc, char *argv[]) > ofp = stdout; > if (argc > 0 && strcmp(argv[0], "-") != 0) > ifp = file(ifn = argv[0], "r"); > + if (cap_rights_limit(fileno(ifp), CAP_FSTAT | CAP_READ) < 0 && > + errno != ENOSYS) { > + err(1, "unable to limit rights for %s", ifn); > + } > + rights = CAP_FSTAT | CAP_WRITE; > if (argc > 1) > ofp = file(argv[1], "w"); > + else > + rights |= CAP_IOCTL; > + if (cap_rights_limit(fileno(ofp), rights) < 0 && errno != ENOSYS) { > + err(1, "unable to limit rights for %s", > + argc > 1 ? argv[1] : "stdout"); > + } > + if ((rights & CAP_IOCTL) != 0) { > + unsigned long cmd; > + > + cmd = TIOCGETA; /* required by isatty(3) in printf(3) */ > + > + if (cap_ioctls_limit(fileno(ofp), &cmd, 1) < 0 && > + errno != ENOSYS) { > + err(1, "unable to limit ioctls for %s", > + argc > 1 ? argv[1] : "stdout"); > + } > + }
Deadcode, found by Coverity Scan, CID 1054780 (please mention in your fix-commit). You check for argc > 1 at line 153, only if that is false (meaning argc==1) do you set CAP_IOCTL. So on line 169 argc cannot be >1 and the result is always "stdout". Cheers, Uli _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
