From f1ffaf1e9ce7307e22846e5ff35d7d974e0c80f4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 3 Jun 2004 19:54:05 +0000 Subject: More changes from Dmitry V. Levin: Check return values for setgid, initgroups and setuid in code we don't compile. Print the correct filename for the at job in mail sent. Add some #if DEBUGGING in cron.c's usage(). Set sunlen each time before using it in accept(). Don't send mail at all if MAILTO is set but empty. --- usr.sbin/cron/atrun.c | 21 ++++++++++++++------- usr.sbin/cron/cron.c | 13 ++++++++++--- usr.sbin/cron/do_command.c | 31 ++++++++++++++++--------------- 3 files changed, 40 insertions(+), 25 deletions(-) diff --git a/usr.sbin/cron/atrun.c b/usr.sbin/cron/atrun.c index d34d56d73e1..c7bb4fa4e98 100644 --- a/usr.sbin/cron/atrun.c +++ b/usr.sbin/cron/atrun.c @@ -1,4 +1,4 @@ -/* $OpenBSD: atrun.c,v 1.11 2004/05/13 14:22:18 millert Exp $ */ +/* $OpenBSD: atrun.c,v 1.12 2004/06/03 19:54:04 millert Exp $ */ /* * Copyright (c) 2002-2003 Todd C. Miller @@ -21,7 +21,7 @@ */ #if !defined(lint) && !defined(LINT) -static const char rcsid[] = "$OpenBSD: atrun.c,v 1.11 2004/05/13 14:22:18 millert Exp $"; +static const char rcsid[] = "$OpenBSD: atrun.c,v 1.12 2004/06/03 19:54:04 millert Exp $"; #endif #include "cron.h" @@ -459,12 +459,19 @@ run_job(atjob *job, char *atfile) login_close(lc); } #else - setgid(pw->pw_gid); - initgroups(pw->pw_name, pw->pw_gid); + if (setgid(pw->pw_gid) || initgroups(pw->pw_name, pw->pw_gid)) { + fprintf(stderr, + "unable to set groups for %s\n", pw->pw_name); + _exit(ERROR_EXIT); + } #if (defined(BSD)) && (BSD >= 199103) setlogin(pw->pw_name); #endif - setuid(pw->pw_uid); + if (setuid(pw->pw_uid)) { + fprintf(stderr, + "unable to set uid to %ld\n", (long)pw->pw_uid); + _exit(ERROR_EXIT); + } #endif /* LOGIN_CAP */ @@ -544,8 +551,8 @@ run_job(atjob *job, char *atfile) #ifdef MAIL_DATE fprintf(mail, "Date: %s\n", arpadate(&StartTime)); #endif /*MAIL_DATE*/ - fprintf(mail, "\nYour \"at\" job on %s\n\"%s/%s\"\n", - hostname, CRONDIR, atfile); + fprintf(mail, "\nYour \"at\" job on %s\n\"%s/%s/%s\"\n", + hostname, CRONDIR, AT_DIR, atfile); fprintf(mail, "\nproduced the following output:\n\n"); /* Pipe the job's output to sendmail. */ diff --git a/usr.sbin/cron/cron.c b/usr.sbin/cron/cron.c index 293f6d1b313..2edcc6f0298 100644 --- a/usr.sbin/cron/cron.c +++ b/usr.sbin/cron/cron.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cron.c,v 1.34 2004/05/13 13:54:52 millert Exp $ */ +/* $OpenBSD: cron.c,v 1.35 2004/06/03 19:54:04 millert Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * All rights reserved @@ -22,7 +22,7 @@ */ #if !defined(lint) && !defined(LINT) -static const char rcsid[] = "$OpenBSD: cron.c,v 1.34 2004/05/13 13:54:52 millert Exp $"; +static const char rcsid[] = "$OpenBSD: cron.c,v 1.35 2004/06/03 19:54:04 millert Exp $"; #endif #define MAIN_PROGRAM @@ -51,11 +51,17 @@ static double batch_maxload = BATCH_MAXLOAD; static void usage(void) { +#if DEBUGGING const char **dflags; +#endif fprintf(stderr, "usage: %s [-l load_avg] [-n] [-x [", ProgramName); +#if DEBUGGING for (dflags = DebugFlagNames; *dflags; dflags++) fprintf(stderr, "%s%s", *dflags, dflags[1] ? "," : "]"); +#else + fprintf(stderr, "debugging flags (none supported in this build)]"); +#endif fprintf(stderr, "]\n"); exit(ERROR_EXIT); } @@ -336,7 +342,7 @@ find_jobs(int vtime, cron_db *db, int doWild, int doNonWild) { ) ) { if ((doNonWild && - !(e->flags & (MIN_STAR|HR_STAR))) || + !(e->flags & (MIN_STAR|HR_STAR))) || (doWild && (e->flags & (MIN_STAR|HR_STAR)))) job_add(e, u); } @@ -405,6 +411,7 @@ cron_sleep(int target) { if (nfds > 0) { Debug(DSCH, ("[%ld] Got a poke on the socket\n", (long)getpid())) + sunlen = sizeof(s_un); fd = accept(cronSock, (struct sockaddr *)&s_un, &sunlen); if (fd >= 0 && fcntl(fd, F_SETFL, O_NONBLOCK) == 0) { (void) read(fd, &poke, 1); diff --git a/usr.sbin/cron/do_command.c b/usr.sbin/cron/do_command.c index c43537341c0..5207bb76ab8 100644 --- a/usr.sbin/cron/do_command.c +++ b/usr.sbin/cron/do_command.c @@ -1,4 +1,4 @@ -/* $OpenBSD: do_command.c,v 1.26 2004/04/26 17:15:37 millert Exp $ */ +/* $OpenBSD: do_command.c,v 1.27 2004/06/03 19:54:04 millert Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * All rights reserved @@ -22,7 +22,7 @@ */ #if !defined(lint) && !defined(LINT) -static char const rcsid[] = "$OpenBSD: do_command.c,v 1.26 2004/04/26 17:15:37 millert Exp $"; +static char const rcsid[] = "$OpenBSD: do_command.c,v 1.27 2004/06/03 19:54:04 millert Exp $"; #endif #include "cron.h" @@ -233,12 +233,19 @@ child_process(entry *e, user *u) { } } #else - setgid(e->pwd->pw_gid); - initgroups(usernm, e->pwd->pw_gid); + if (setgid(e->pwd->pw_gid) || initgroups(usernm, e->pwd->pw_gid) { + fprintf(stderr, + "unable to set groups for %s\n", e->pwd->pw_name); + _exit(ERROR_EXIT); + } #if (defined(BSD)) && (BSD >= 199103) setlogin(usernm); #endif /* BSD */ - setuid(e->pwd->pw_uid); /* we aren't root after this... */ + if (setuid(e->pwd->pw_uid)) { + fprintf(stderr, + "unable to set uid to %ld\n", (long)e->pwd->pw_uid); + _exit(ERROR_EXIT); + } #endif /* LOGIN_CAP */ chdir(env_get("HOME", e->envp)); @@ -375,18 +382,12 @@ child_process(entry *e, user *u) { /* get name of recipient. this is MAILTO if set to a * valid local username; USER otherwise. */ - if (mailto) { - /* MAILTO was present in the environment - */ - if (!*mailto) { - /* ... but it's empty. set to NULL - */ - mailto = NULL; - } - } else { + if (!mailto) { /* MAILTO not present, set to USER. */ mailto = usernm; + } else if (!*mailto || !safe_p(usernm, mailto)) { + mailto = NULL; } /* if we are supposed to be mailing, MAILTO will @@ -394,7 +395,7 @@ child_process(entry *e, user *u) { * up the mail command and subjects and stuff... */ - if (mailto && safe_p(usernm, mailto)) { + if (mailto) { char **env; char mailcmd[MAX_COMMAND]; char hostname[MAXHOSTNAMELEN]; -- cgit v1.2.3