src - OpenBSD base system

diff options


context:
space:
mode:

author	Hans Insulander <hin@cvs.openbsd.org>	2000-09-15 19:55:53 +0000
committer	Hans Insulander <hin@cvs.openbsd.org>	2000-09-15 19:55:53 +0000
commit	97a958470865eb18e607830701061d1117107b27 (patch)
tree	d35f7bf5da24beec9766f82ecbb67c2c402fa36e /kerberosIV
parent	56c56911ef330c61835a22f04c9f18aa44ecce91 (diff)

Check the return value from setenv().

(Noted by deraadt)

Diffstat (limited to 'kerberosIV')

-rw-r--r--

kerberosIV/src/appl/afsutil/pagsh.c

-rw-r--r--

kerberosIV/src/appl/bsd/login.c

-rw-r--r--

kerberosIV/src/appl/bsd/su.c

-rw-r--r--

kerberosIV/src/appl/bsd/sysv_environ.c

-rw-r--r--

kerberosIV/src/appl/kauth/kauth.c

-rw-r--r--

kerberosIV/src/appl/telnet/libtelnet/kerberos.c

-rw-r--r--

kerberosIV/src/appl/telnet/telnetd/state.c

-rw-r--r--

kerberosIV/src/appl/telnet/telnetd/telnetd.c

-rw-r--r--

kerberosIV/src/lib/auth/afskauthlib/verify.c

9 files changed, 96 insertions, 46 deletions

diff --git a/kerberosIV/src/appl/afsutil/pagsh.c b/kerberosIV/src/appl/afsutil/pagsh.c
index 0ac6d8a541d..82cc30abc5b 100644
--- a/kerberosIV/src/appl/afsutil/pagsh.c
+++ b/kerberosIV/src/appl/afsutil/pagsh.c

@@ -76,7 +76,8 @@ main(int argc, char **argv)

} while(f < 0);

close(f);

unlink(tf);

- setenv("KRBTKFILE", tf, 1);

+ if(setenv("KRBTKFILE", tf, 1) != 0)

+ errx(1, "cannot set KRBTKFILE");

i = 0;

diff --git a/kerberosIV/src/appl/bsd/login.c b/kerberosIV/src/appl/bsd/login.c
index 55b660e1eae..769bfb46e06 100644
--- a/kerberosIV/src/appl/bsd/login.c
+++ b/kerberosIV/src/appl/bsd/login.c

@@ -45,7 +45,7 @@

#include <sys/capability.h>

#endif

-RCSID("$KTH: login.c,v 1.125 1999/11/30 19:24:01 bg Exp $");

+RCSID("$KTH: login.c,v 1.125.2.2 2000/06/23 02:33:07 assar Exp $");

#ifdef OTP

#include <otp.h>

@@ -596,22 +596,28 @@ main(int argc, char **argv)

if (pwd->pw_change || pwd->pw_expire)

gettimeofday(&tp, (struct timezone *)NULL);

- if (pwd->pw_change)

+ if (pwd->pw_change) {

+ time_t t;

if (tp.tv_sec >= pwd->pw_change) {

printf("Sorry -- your password has expired.\n");

changepass=1;

} else if (pwd->pw_change - tp.tv_sec <

- 2 * DAYSPERWEEK * SECSPERDAY && !quietlog)

+ 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) {

+ t = pwd->pw_change;

printf("Warning: your password expires on %s",

- ctime(&pwd->pw_change));

+ ctime(&t));

+ }

if (pwd->pw_expire)

if (tp.tv_sec >= pwd->pw_expire) {

printf("Sorry -- your account has expired.\n");

sleepexit(1);

} else if (pwd->pw_expire - tp.tv_sec <

- 2 * DAYSPERWEEK * SECSPERDAY && !quietlog)

+ 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) {

+ t = pwd->pw_expire;

printf("Warning: your account expires on %s",

- ctime(&pwd->pw_expire));

+ ctime(&t));

+ }

#endif /* defined(HAVE_PASSWD_CHANGE) && defined(HAVE_PASSWD_EXPIRE) */

/* Nothing else left to fail -- really log in. */

@@ -659,7 +665,8 @@ main(int argc, char **argv)

sysv_newenv(argc, argv, pwd, term, pflag);

#ifdef KERBEROS

if (krbtkfile_env)

- setenv("KRBTKFILE", krbtkfile_env, 1);

+ if(setenv("KRBTKFILE", krbtkfile_env, 1) != 0)

+ errx(1, "cannot set KRBTKFILE");

#endif

if (tty[sizeof("tty")-1] == 'd')

@@ -788,6 +795,11 @@ main(int argc, char **argv)

if(!rootlogin)

exit(1);

}

+ if (uid != 0 && setuid(0) != -1) {

+ syslog(LOG_ALERT | LOG_AUTH,

+ "Failed to drop privileges for user %d", uid);

+ errx(1, "Sorry");

+ }

}

@@ -953,6 +965,7 @@ dolastlog(int quiet)

#if defined(HAVE_LASTLOG_H) || defined(HAVE_LOGIN_H)

struct lastlog ll;

int fd;

+ time_t t;

if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) {

lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), SEEK_SET);

@@ -966,8 +979,8 @@ dolastlog(int quiet)

sleepexit(1);

}

if (!quiet) {

- printf("Last login: %.*s ",

- 24-5, ctime(&ll.ll_time));

+ t = ll.ll_time;

+ printf("Last login: %.*s ", 24-5, ctime(&t));

if (*ll.ll_host != '\0') {

printf("from %.*s\n",

(int)sizeof(ll.ll_host),

@@ -983,8 +996,8 @@ dolastlog(int quiet)

if (!quiet) {

if (read(fd, &ll, sizeof(ll)) == sizeof(ll) &&

ll.ll_time != 0) {

- printf("Last login: %.*s ",

- 24-5, ctime(&ll.ll_time));

+ t = ll.ll_time;

+ printf("Last login: %.*s ", 24-5, ctime(&t));

if (*ll.ll_host != '\0')

printf("from %.*s\n",

(int)sizeof(ll.ll_host),

@@ -998,7 +1011,7 @@ dolastlog(int quiet)

}

#endif /* SYSV_SHADOW */

memset(&ll, 0, sizeof(ll));

- time(&ll.ll_time);

+ ll.ll_time = time(NULL);

strncpy(ll.ll_line, tty, sizeof(ll.ll_line));

if (hostname)

strncpy(ll.ll_host, hostname, sizeof(ll.ll_host));

diff --git a/kerberosIV/src/appl/bsd/su.c b/kerberosIV/src/appl/bsd/su.c
index 6dcc0fbe5ba..e93a2b43ba3 100644
--- a/kerberosIV/src/appl/bsd/su.c
+++ b/kerberosIV/src/appl/bsd/su.c

@@ -33,7 +33,7 @@

#include "bsd_locl.h"

-RCSID ("$KTH: su.c,v 1.70 1999/11/13 06:14:11 assar Exp $");

+RCSID ("$KTH: su.c,v 1.70.2.1 2000/06/23 02:42:28 assar Exp $");

#ifdef SYSV_SHADOW

#include "sysv_shadow.h"

@@ -225,12 +225,22 @@ main (int argc, char **argv)

if (setgid (pwd->pw_gid) < 0)

err (1, "setgid");

- if (initgroups (user, pwd->pw_gid))

- errx (1, "initgroups failed.");

+ if (initgroups (user, pwd->pw_gid)) {

+ if (errno == E2BIG) /* Member of to many groups! */

+ warn("initgroups failed.");

+ else

+ errx(1, "initgroups failed.");

+ }

if (setuid (pwd->pw_uid) < 0)

err (1, "setuid");

+ if (pwd->pw_uid != 0 && setuid(0) != -1) {

+ syslog(LOG_ALERT | LOG_AUTH,

+ "Failed to drop privileges for user %s", pwd->pw_name);

+ errx(1, "Sorry");

+ }

if (!asme) {

if (asthem) {

char *k = getenv ("KRBTKFILE");

@@ -240,18 +250,24 @@ main (int argc, char **argv)

if (environ == NULL)

err (1, "malloc");

environ[0] = NULL;

- setenv ("PATH", _PATH_DEFPATH, 1);

+ if(setenv ("PATH", _PATH_DEFPATH, 1) != 0)

+ errx(1, "cannot set PATH");

if (t)

- setenv ("TERM", t, 1);

+ if(setenv ("TERM", t, 1) != 0)

+ errx(1, "cannot set TERM");

if (k)

- setenv ("KRBTKFILE", k, 1);

+ if(setenv ("KRBTKFILE", k, 1) != 0)

+ errx(1, "cannot set KRBTKFILE");

if (chdir (pwd->pw_dir) < 0)

errx (1, "no directory");

}

if (asthem || pwd->pw_uid)

- setenv ("USER", pwd->pw_name, 1);

- setenv ("HOME", pwd->pw_dir, 1);

- setenv ("SHELL", shell, 1);

+ if(setenv ("USER", pwd->pw_name, 1) != 0)

+ errx(1, "cannot set USER");

+ if(setenv ("HOME", pwd->pw_dir, 1) != 0)

+ errx(1, "cannot set HOME");

+ if(setenv ("SHELL", shell, 1) != 0)

+ errx(1, "cannot set SHELL");

}

if (iscsh == YES) {

if (fastlogin)

@@ -343,7 +359,8 @@ kerberos (char *username, char *user, int uid)

"%s_%s_to_%s_%u", TKT_ROOT, username, user,

(unsigned) getpid ());

- setenv ("KRBTKFILE", krbtkfile, 1);

+ if(setenv ("KRBTKFILE", krbtkfile, 1) != 0)

+ errx(1, "cannot set KRBTKFILE");

krb_set_tkt_string (krbtkfile);

* Set real as well as effective ID to 0 for the moment,

diff --git a/kerberosIV/src/appl/bsd/sysv_environ.c b/kerberosIV/src/appl/bsd/sysv_environ.c
index d1faa0120ad..8e7edce1556 100644
--- a/kerberosIV/src/appl/bsd/sysv_environ.c
+++ b/kerberosIV/src/appl/bsd/sysv_environ.c

@@ -36,7 +36,8 @@ read_etc_environment (void)

if (val == NULL)

continue;

*val = '\0';

- setenv(buf, val + 1, 1);

+ if(setenv(buf, val + 1, 1) != 0)

+ errx(1, "cannot set %s", buf);

}

fclose (f);

}

@@ -110,12 +111,14 @@ void sysv_newenv(int argc, char **argv, struct passwd *pwd,

for (pp = preserved; pp->name; pp++)

if (pp->value)

- setenv(pp->name, pp->value, 1);

+ if(setenv(pp->name, pp->value, 1) != 0)

+ errx(1, "cannot set %s", pp->name);

/* The TERM definition from e.g. rlogind can override an existing one. */

if (term[0])

- setenv("TERM", term, 1);

+ if(setenv("TERM", term, 1) != 0)

+ errx(1, "cannot set TERM");

* Environment definitions from the command line overrule existing ones,

@@ -130,7 +133,8 @@ void sysv_newenv(int argc, char **argv, struct passwd *pwd,

while (argc && *argv) {

if (strchr(*argv, '=') == 0) {

snprintf(buf, sizeof(buf), "L%d", count++);

- setenv(buf, *argv, 1);

+ if(setenv(buf, *argv, 1) != 0)

+ errx(1, "cannot set %s", buf);

} else {

for (cp = censored; cp->prefix; cp++)

if (STREQN(*argv, cp->prefix, cp->length))

@@ -143,20 +147,25 @@ void sysv_newenv(int argc, char **argv, struct passwd *pwd,

/* PATH is always reset. */

- setenv("PATH", pwd->pw_uid ? default_path : default_supath, 1);

+ if(setenv("PATH", pwd->pw_uid ? default_path : default_supath, 1) != 0)

+ errx(1, "cannot set PATH");

/* Undocumented: HOME, MAIL and LOGNAME are always reset (SunOS 5.1). */

- setenv("HOME", pwd->pw_dir, 1);

+ if(setenv("HOME", pwd->pw_dir, 1) != 0)

+ errx(1, "cannot set HOME");

{

char *sep = "/";

if(KRB4_MAILDIR[strlen(KRB4_MAILDIR) - 1] == '/')

sep = "";

roken_concat(buf, sizeof(buf), KRB4_MAILDIR, sep, pwd->pw_name, NULL);

}

- setenv("MAIL", buf, 1);

- setenv("LOGNAME", pwd->pw_name, 1);

- setenv("USER", pwd->pw_name, 1);

+ if(setenv("MAIL", buf, 1) != 0)

+ errx(1, "cannot set MAIL");

+ if(setenv("LOGNAME", pwd->pw_name, 1) != 0)

+ errx(1, "cannot set LOGNAME");

+ if(setenv("USER", pwd->pw_name, 1) != 0)

+ errx(1, "cannot set USER");

* Variables that may be set according to specifications in the defaults

@@ -167,11 +176,14 @@ void sysv_newenv(int argc, char **argv, struct passwd *pwd,

if (strcasecmp(default_altsh, "YES") == 0)

- setenv("SHELL", pwd->pw_shell, 1);

+ if(setenv("SHELL", pwd->pw_shell, 1) != 0)

+ errx(1, "cannot set SHELL");

if (default_hz)

- setenv("HZ", default_hz, 0);

+ if(setenv("HZ", default_hz, 0) != 0)

+ errx(1, "cannot set HZ");

if (default_timezone)

- setenv("TZ", default_timezone, 0);

+ if(setenv("TZ", default_timezone, 0) != 0)

+ errx(1, "cannot set TZ");

/* Non-environment stuff. */

diff --git a/kerberosIV/src/appl/kauth/kauth.c b/kerberosIV/src/appl/kauth/kauth.c
index 91d32e0f39d..b0d64dd0d55 100644
--- a/kerberosIV/src/appl/kauth/kauth.c
+++ b/kerberosIV/src/appl/kauth/kauth.c

@@ -1,5 +1,5 @@

* (Royal Institute of Technology, Stockholm, Sweden).

@@ -41,7 +41,7 @@

#include "kauth.h"

-RCSID("$KTH: kauth.c,v 1.97 1999/12/02 16:58:31 joda Exp $");

+RCSID("$KTH: kauth.c,v 1.97.2.1 2000/02/28 03:42:51 assar Exp $");

krb_principal princ;

static char srvtab[MaxPathLen];

@@ -233,7 +233,6 @@ main(int argc, char **argv)

case 'd':

krb_enable_debug();

_kafs_debug = 1;

- aflag++;

break;

case 'f':

strlcpy(srvtab, optarg, sizeof(srvtab));

@@ -316,7 +315,8 @@ main(int argc, char **argv)

}while(f < 0);

close(f);

unlink(tf);

- setenv("KRBTKFILE", tf, 1);

+ if(setenv("KRBTKFILE", tf, 1) != 0)

+ errx(1, "cannot set KRBTKFILE");

krb_set_tkt_string (tf);

}

diff --git a/kerberosIV/src/appl/telnet/libtelnet/kerberos.c b/kerberosIV/src/appl/telnet/libtelnet/kerberos.c
index b4beb669054..00ca951ecd3 100644
--- a/kerberosIV/src/appl/telnet/libtelnet/kerberos.c
+++ b/kerberosIV/src/appl/telnet/libtelnet/kerberos.c

@@ -331,7 +331,8 @@ kerberos4_is(Authenticator *ap, unsigned char *data, int cnt)

"%s%u",

TKT_ROOT,

(unsigned)pw->pw_uid);

- setenv("KRBTKFILE", ts, 1);

+ if(setenv("KRBTKFILE", ts, 1) != 0)

+ errx(1, "cannot set KRBTKFILE");

if (pw->pw_uid == 0)

syslog(LOG_INFO|LOG_AUTH,

diff --git a/kerberosIV/src/appl/telnet/telnetd/state.c b/kerberosIV/src/appl/telnet/telnetd/state.c
index 64562e136b7..3bd0ff130c2 100644
--- a/kerberosIV/src/appl/telnet/telnetd/state.c
+++ b/kerberosIV/src/appl/telnet/telnetd/state.c

@@ -1016,7 +1016,8 @@ suboption(void)

return;

settimer(xdisplocsubopt);

subpointer[SB_LEN()] = '\0';

- setenv("DISPLAY", (char *)subpointer, 1);

+ if(setenv("DISPLAY", (char *)subpointer, 1) != 0)

+ errx(1, "cannot set DISPLAY");

break;

} /* end of case TELOPT_XDISPLOC */

@@ -1183,7 +1184,8 @@ suboption(void)

case ENV_USERVAR:

*cp = '\0';

if (valp)

- setenv(varp, valp, 1);

+ if(setenv(varp, valp, 1) != 0)

+ errx(1, "cannot set %s", varp);

else

unsetenv(varp);

cp = varp = (char *)subpointer;

@@ -1202,7 +1204,8 @@ suboption(void)

}

*cp = '\0';

if (valp)

- setenv(varp, valp, 1);

+ if(setenv(varp, valp, 1) != 0)

+ errx(1, "cannot set %s", varp);

else

unsetenv(varp);

break;

diff --git a/kerberosIV/src/appl/telnet/telnetd/telnetd.c b/kerberosIV/src/appl/telnet/telnetd/telnetd.c
index 50bd0ec0328..3e627bc2d4c 100644
--- a/kerberosIV/src/appl/telnet/telnetd/telnetd.c
+++ b/kerberosIV/src/appl/telnet/telnetd/telnetd.c

@@ -776,7 +776,8 @@ Please contact your net administrator");

*user_name = 0;

level = getterminaltype(user_name, sizeof(user_name));

- setenv("TERM", terminaltype ? terminaltype : "network", 1);

+ if(setenv("TERM", terminaltype ? terminaltype : "network", 1) != 0)

+ errx(1, "cannot set TERM");

#ifdef _SC_CRAY_SECURE_SYS

if (secflag) {

diff --git a/kerberosIV/src/lib/auth/afskauthlib/verify.c b/kerberosIV/src/lib/auth/afskauthlib/verify.c
index 6f534917e98..272e3016d08 100644
--- a/kerberosIV/src/lib/auth/afskauthlib/verify.c
+++ b/kerberosIV/src/lib/auth/afskauthlib/verify.c

@@ -277,10 +277,12 @@ afs_gettktstring (void)

}

#ifdef KRB5

- setenv("KRB5CCNAME",krb5ccname,1);

+ if(setenv("KRB5CCNAME",krb5ccname,1) != 0)

+ errx(1, "cannot set KRB5CCNAME");

#endif

#ifdef KRB4

- setenv("KRBTKFILE",krbtkfile,1);

+ if(setenv("KRBTKFILE",krbtkfile,1) != 0)

+ errx(1, "cannot set KRBTKFILE");

return krbtkfile;

#else

return "";