summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2015-10-25 09:37:09 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2015-10-25 09:37:09 +0000
commit8bc1d31248382ee8e26bcb876ccdf392aa5c43f7 (patch)
treeb89cf1399ee10ffde99787a4064e9828eecbadb0
parent58fece4446dbeff334607ebcdf5feac9e54edb2c (diff)
route flush cannot pledge before sysctl for NET_RT_DUMP; defer the act.
issue spotted by matthieu
-rw-r--r--sbin/route/route.c30
1 files changed, 21 insertions, 9 deletions
diff --git a/sbin/route/route.c b/sbin/route/route.c
index af718c07d0c..89819479127 100644
--- a/sbin/route/route.c
+++ b/sbin/route/route.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: route.c,v 1.178 2015/10/23 15:03:25 deraadt Exp $ */
+/* $OpenBSD: route.c,v 1.179 2015/10/25 09:37:08 deraadt Exp $ */
/* $NetBSD: route.c,v 1.16 1996/04/15 18:27:05 cgd Exp $ */
/*
@@ -76,7 +76,7 @@ u_int tableid;
struct rt_metrics rt_metrics;
-void flushroutes(int, char **);
+int flushroutes(int, char **);
int newroute(int, char **);
int show(int, char *[]);
int keycmp(const void *, const void *);
@@ -216,11 +216,16 @@ main(int argc, char **argv)
&tableid, sizeof(tableid)) == -1)
err(1, "setsockopt(ROUTE_TABLEFILTER)");
- if (kw == K_SHOW) {
+ switch (kw) {
+ case K_SHOW:
uid = 0;
exit(show(argc, argv));
+ break;
+ case K_FLUSH:
+ exit(flushroutes(argc, argv));
+ break;
}
-
+
if (nflag) {
if (pledge("stdio rpath dns", NULL) == -1)
err(1, "pledge");
@@ -241,9 +246,6 @@ main(int argc, char **argv)
case K_MONITOR:
monitor(argc, argv);
break;
- case K_FLUSH:
- flushroutes(argc, argv);
- break;
default:
usage(*argv);
/* NOTREACHED */
@@ -255,7 +257,7 @@ main(int argc, char **argv)
* Purge all entries in the routing tables not
* associated with network interfaces.
*/
-void
+int
flushroutes(int argc, char **argv)
{
size_t needed;
@@ -326,13 +328,22 @@ flushroutes(int argc, char **argv)
lim = buf + needed;
break;
}
+
+ if (nflag) {
+ if (pledge("stdio rpath dns", NULL) == -1)
+ err(1, "pledge");
+ } else {
+ if (pledge("stdio rpath dns", NULL) == -1)
+ err(1, "pledge");
+ }
+
if (verbose) {
printf("Examining routing table from sysctl\n");
if (af)
printf("(address family %s)\n", (*argv + 1));
}
if (buf == NULL)
- return;
+ return (1);
seqno = 0;
for (next = buf; next < lim; next += rtm->rtm_msglen) {
@@ -382,6 +393,7 @@ flushroutes(int argc, char **argv)
}
}
free(buf);
+ return (0);
}
void