Based on feedback from others on this list while creating a tmpfs patch
over a month ago, I have fixed some issues with mount_mfs:
1. Print out an error message if the template directory path is too
long rather than just silently trucating it.
2. Call and check issetugid() to ensure the information from getenv()
is safe to use. If not, default to _PATH_TMP.
Index: sbin/newfs/newfs.c
===================================================================
RCS file: /cvs/src/sbin/newfs/newfs.c,v
retrieving revision 1.97
diff -u -p -r1.97 newfs.c
--- sbin/newfs/newfs.c 20 Jul 2014 01:38:40 -0000 1.97
+++ sbin/newfs/newfs.c 16 Nov 2014 01:17:01 -0000
@@ -748,8 +748,11 @@ copy(char *src, char *dst, struct mfs_ar
char *const argv[] = { "pax", "-rw", "-pe", ".", dst, NULL } ;
dir = isdir(src);
- if (dir)
- strlcpy(mountpoint, src, sizeof(mountpoint));
+ if (dir) {
+ size_t n = strlcpy(mountpoint, src, sizeof(mountpoint));
+ if(n >= sizeof(mountpoint))
+ errx(1, "%s: path too long", src);
+ }
else {
created = gettmpmnt(mountpoint, sizeof(mountpoint));
memset(&mount_args, 0, sizeof(mount_args));
@@ -794,7 +797,8 @@ gettmpmnt(char *mountpoint, size_t len)
struct statfs fs;
size_t n;
- tmp = getenv("TMPDIR");
+ if(issetugid() == 0)
+ tmp = getenv("TMPDIR");
if (tmp == NULL || *tmp == '\0')
tmp = _PATH_TMP;
