isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move the code to dup2 the script fds to low numbered descriptors into

Browse Source 
script_duplow() and fix the fd sorting.
This commit is contained in:
Todd C. Miller
2009-09-03 10:36:02 +00:00
parent ad9ab8dab2
commit c57b8bb7b3
3 changed files with 27 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
script.c
View File

@@ -103,7 +103,10 @@ fdcompar(v1, v2)
const void *v1; const void *v1;
const void *v2; const void *v2;
{ {
return(*(int *)v1 - *(int *)v2); int i = *(int *)v1;
int j = *(int *)v2;
return(script_fds[i] - script_fds[j]);
} }
void void
@@ -254,9 +257,28 @@ script_setup()
script_fds[SFD_TIMING] = open(pathbuf, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR|S_IWUSR); script_fds[SFD_TIMING] = open(pathbuf, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR|S_IWUSR);
if (script_fds[SFD_TIMING] == -1) if (script_fds[SFD_TIMING] == -1)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, "Can't create %s", pathbuf);
}
int
script_duplow(fd)
int fd;
{
int i, j, indices[5];
/* sort fds so we can dup them safely */ /* sort fds so we can dup them safely */
qsort(script_fds, 5, sizeof(int), fdcompar); for (i = 0; i < 5; i++)
indices[i] = i;
qsort(indices, 5, sizeof(int), fdcompar);
/* Move pty master/slave and session fds to low numbered fds. */
if (def_script) {
for (i = 0; i < 5; i++) {
j = indices[i];
dup2(script_fds[j], fd);
script_fds[j] = fd++;
}
}
return(fd);
} }
int int

12
sudo.c
View File

@@ -147,7 +147,6 @@ uid_t timestamp_uid;
extern int errorlineno; extern int errorlineno;
extern int parse_error; extern int parse_error;
extern char *errorfile; extern char *errorfile;
extern int script_fds[5];
#if defined(RLIMIT_CORE) && !defined(SUDO_DEVEL) #if defined(RLIMIT_CORE) && !defined(SUDO_DEVEL)
static struct rlimit corelimit; static struct rlimit corelimit;
#endif /* RLIMIT_CORE && !SUDO_DEVEL */ #endif /* RLIMIT_CORE && !SUDO_DEVEL */
@@ -463,7 +462,7 @@ main(argc, argv, envp)
/* Get next session ID so we can log it. */ /* Get next session ID so we can log it. */
if (def_script) if (def_script)
script_nextid(); script_nextid(); /* XXX - only if we will run a command */
log_allowed(validated); log_allowed(validated);
if (ISSET(sudo_mode, MODE_CHECK)) if (ISSET(sudo_mode, MODE_CHECK))
@@ -550,14 +549,7 @@ main(argc, argv, envp)
sudo_endgrent(); sudo_endgrent();
/* Move pty master/slave to low numbered fd and close the rest. */ /* Move pty master/slave to low numbered fd and close the rest. */
fd = def_closefrom; fd = def_script ? script_duplow(def_closefrom) : def_closefrom;
if (def_script) {
int i;
for (i = 0; i < 5; i++) {
dup2(script_fds[i], fd);
script_fds[i] = fd++;
}
}
closefrom(fd); closefrom(fd);
#ifndef PROFILING #ifndef PROFILING

1
sudo.h
View File

@@ -325,6 +325,7 @@ void selinux_exec __P((char *, char *, char **, int));
#ifdef HAVE_GETUSERATTR #ifdef HAVE_GETUSERATTR
void aix_setlimits __P((char *)); void aix_setlimits __P((char *));
#endif #endif
int script_duplow __P((int));
int script_execv __P((const char *, char * const *)); int script_execv __P((const char *, char * const *));
void script_nextid __P((void)); void script_nextid __P((void));
void script_setup __P((void)); void script_setup __P((void));