diff options
| author | Robert Mustacchi <rm@joyent.com> | 2015-04-16 15:01:56 +0000 |
|---|---|---|
| committer | Robert Mustacchi <rm@joyent.com> | 2015-04-22 22:21:00 +0000 |
| commit | 87f66308d9683fb822f1d6c8e594fe8b45fb07be (patch) | |
| tree | 3dae000cf0085068cb96ee8c3138f41ab87aafe5 | |
| parent | 0c3d73e940e1cc8a2daee9fafdc0701d34f363f0 (diff) | |
| download | illumos-joyent-release-20150416.tar.gz | |
5853 pfexec_call() error handling could be improvedrelease-20150416
5854 pfexecd should initialize pfexec response buffers
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Richard Lowe <richlowe@richlowe.net>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Steven Williamson <steve@freeagent.com>
Approved by: Garrett D'Amore <garrett@damore.org>
| -rw-r--r-- | usr/src/cmd/pfexecd/pfexecd.c | 17 | ||||
| -rw-r--r-- | usr/src/uts/common/os/klpd.c | 5 |
2 files changed, 19 insertions, 3 deletions
diff --git a/usr/src/cmd/pfexecd/pfexecd.c b/usr/src/cmd/pfexecd/pfexecd.c index c8ec8a12df..1d25c09188 100644 --- a/usr/src/cmd/pfexecd/pfexecd.c +++ b/usr/src/cmd/pfexecd/pfexecd.c @@ -19,7 +19,7 @@ * CDDL HEADER END * * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. - * + * Copyright 2015, Joyent, Inc. */ #define _POSIX_PTHREAD_SEMANTICS 1 @@ -360,6 +360,21 @@ callback_pfexec(pfexec_arg_t *pap) size_t mysz = repsz - 2 * setsz; char *path = pap->pfa_path; + /* + * Initialize the pfexec_reply_t to a sane state. + */ + res->pfr_vers = pap->pfa_vers; + res->pfr_len = 0; + res->pfr_ruid = PFEXEC_NOTSET; + res->pfr_euid = PFEXEC_NOTSET; + res->pfr_rgid = PFEXEC_NOTSET; + res->pfr_egid = PFEXEC_NOTSET; + res->pfr_setcred = B_FALSE; + res->pfr_scrubenv = B_TRUE; + res->pfr_allowed = B_FALSE; + res->pfr_ioff = 0; + res->pfr_loff = 0; + uuid = pap->pfa_uid; if (getpwuid_r(uuid, &pw, buf, sizeof (buf), &pwd) != 0 || pwd == NULL) diff --git a/usr/src/uts/common/os/klpd.c b/usr/src/uts/common/os/klpd.c index a3cd79c41d..55734ae757 100644 --- a/usr/src/uts/common/os/klpd.c +++ b/usr/src/uts/common/os/klpd.c @@ -21,6 +21,7 @@ /* * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright 2015, Joyent, Inc. */ #include <sys/atomic.h> @@ -847,7 +848,7 @@ pfexec_call(const cred_t *cr, struct pathname *rpnp, cred_t **pfcr, door_arg_t da; int dres; cred_t *ncr = NULL; - int err = -1; + int err = EACCES; priv_set_t *iset; priv_set_t *lset; zone_t *myzone = crgetzone(CRED()); @@ -908,7 +909,7 @@ pfexec_call(const cred_t *cr, struct pathname *rpnp, cred_t **pfcr, prp->pfr_ioff > da.rsize - sizeof (priv_set_t) || prp->pfr_loff > da.rsize - sizeof (priv_set_t) || (prp->pfr_loff & (sizeof (priv_chunk_t) - 1)) != 0 || - (prp->pfr_loff & (sizeof (priv_chunk_t) - 1)) != 0) + (prp->pfr_ioff & (sizeof (priv_chunk_t) - 1)) != 0) goto out; /* |