diff options
| author | Vadim Zhukov <zhuk@cvs.openbsd.org> | 2015-07-26 19:08:18 +0000 |
|---|---|---|
| committer | Vadim Zhukov <zhuk@cvs.openbsd.org> | 2015-07-26 19:08:18 +0000 |
| commit | b538f3431d3d5ddfb4d840e86084056c22244bfa (patch) | |
| tree | 937d8e34c76fb9176d0d507eca4f1596ba8cbfc0 /usr.bin/doas | |
| parent | 01b6c675dba07ddf4a606e4711cf75c47dff12d8 (diff) | |
Stop exiting on cmdline overflow: it's used only for logging, so aborting
the whole process is stupid, and actually breaks things.
Noticed and analyzed by as well as input from nigel@.
Okay tedu@, espie@ and (if I understood correctly) hall@
Diffstat (limited to 'usr.bin/doas')
| -rw-r--r-- | usr.bin/doas/doas.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/usr.bin/doas/doas.c b/usr.bin/doas/doas.c index d06012a01f7..01895bc6108 100644 --- a/usr.bin/doas/doas.c +++ b/usr.bin/doas/doas.c @@ -1,4 +1,4 @@ -/* $OpenBSD: doas.c,v 1.22 2015/07/26 17:24:02 zhuk Exp $ */ +/* $OpenBSD: doas.c,v 1.23 2015/07/26 19:08:17 zhuk Exp $ */ /* * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org> * @@ -374,16 +374,18 @@ main(int argc, char **argv, char **envp) target)); parseconfig("/etc/doas.conf", 1); - cmd = argv[0]; + /* cmdline is used only for logging, no need to abort on truncate */ + (void) strlcpy(cmdline, argv[0], sizeof(cmdline)) < sizeof(cmdline); if (strlcpy(cmdline, argv[0], sizeof(cmdline)) >= sizeof(cmdline)) errx(1, "command line too long"); for (i = 1; i < argc; i++) { if (strlcat(cmdline, " ", sizeof(cmdline)) >= sizeof(cmdline)) - errx(1, "command line too long"); + break; if (strlcat(cmdline, argv[i], sizeof(cmdline)) >= sizeof(cmdline)) - errx(1, "command line too long"); + break; } + cmd = argv[0]; if (!permit(uid, groups, ngroups, &rule, target, cmd, (const char**)argv + 1)) { syslog(LOG_AUTHPRIV | LOG_NOTICE, |