Author: delphij
Date: Tue Sep 1 06:05:43 2015
New Revision: 287343
URL: https://svnweb.freebsd.org/changeset/base/287343
Log:
Failure of dropping privilege should be fatal, so test and bail out
when setgid() fails.
Reported by: clang static analyzer
MFC after: 2 weeks
Modified:
head/usr.bin/netstat/main.c
Modified: head/usr.bin/netstat/main.c
==============================================================================
--- head/usr.bin/netstat/main.c Tue Sep 1 02:42:05 2015 (r287342)
+++ head/usr.bin/netstat/main.c Tue Sep 1 06:05:43 2015 (r287343)
@@ -498,8 +498,10 @@ main(int argc, char *argv[])
* guys can't print interesting stuff from kernel memory.
*/
live = (nlistf == NULL && memf == NULL);
- if (!live)
- setgid(getgid());
+ if (!live) {
+ if (setgid(getgid()) != 0)
+ xo_err(-1, "setgid");
+ }
if (xflag && Tflag)
xo_errx(1, "-x and -T are incompatible, pick one.");
@@ -704,7 +706,8 @@ kvmd_init(void)
return (0);
kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf);
- setgid(getgid());
+ if (setgid(getgid()) != 0)
+ xo_err(-1, "setgid");
if (kvmd == NULL) {
xo_warnx("kvm not available: %s", errbuf);
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "[email protected]"
