poky/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch - openbmc/openbmc - Gitiles

 From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001
 From: Simon Josefsson <simon@josefsson.org>
 Date: Mon, 31 Jul 2023 13:59:05 +0200
 Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit.

 CVE: CVE-2023-40303
 Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d]
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 ---
  src/rcp.c    | 42 ++++++++++++++++++++++++------------------
  src/rlogin.c | 12 ++++++------
  src/rsh.c    | 24 ++++++++++++------------
  src/rshd.c   | 24 ++++++++++++------------
  src/uucpd.c  | 16 ++++++++--------
  5 files changed, 62 insertions(+), 56 deletions(-)

 diff --git a/src/rcp.c b/src/rcp.c
 index cdcf8500..652f22e6 100644
 --- a/src/rcp.c
 +++ b/src/rcp.c
 @@ -347,9 +347,10 @@ main (int argc, char *argv[])
        response ();

        if (setuid (userid) == -1)
 -      {
 -        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
 -      }
 +	{
 +	  error (EXIT_FAILURE, 0,
 +		 "Could not drop privileges (setuid() failed)");
 +	}

        source (argc, argv);
        exit (errs);
 @@ -358,9 +359,10 @@ main (int argc, char *argv[])
    if (to_option)
      {				/* Receive data. */
        if (setuid (userid) == -1)
 -      {
 -        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
 -      }
 +	{
 +	  error (EXIT_FAILURE, 0,
 +		 "Could not drop privileges (setuid() failed)");
 +	}

        sink (argc, argv);
        exit (errs);
 @@ -548,9 +550,10 @@ toremote (char *targ, int argc, char *argv[])
  	      free (bp);

  	      if (setuid (userid) == -1)
 -              {
 -                error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
 -              }
 +		{
 +		  error (EXIT_FAILURE, 0,
 +			 "Could not drop privileges (setuid() failed)");
 +		}
  	    }
  	  source (1, argv + i);
  	  close (rem);
 @@ -645,9 +648,10 @@ tolocal (int argc, char *argv[])
  	}

        if (seteuid (userid) == -1)
 -      {
 -        error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
 -      }
 +	{
 +	  error (EXIT_FAILURE, 0,
 +		 "Could not drop privileges (seteuid() failed)");
 +	}

  #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
        sslen = sizeof (ss);
 @@ -663,9 +667,10 @@ tolocal (int argc, char *argv[])
        sink (1, vect);

        if (seteuid (effuid) == -1)
 -      {
 -        error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
 -      }
 +	{
 +	  error (EXIT_FAILURE, 0,
 +		 "Could not drop privileges (seteuid() failed)");
 +	}

        close (rem);
        rem = -1;
 @@ -1465,9 +1470,10 @@ susystem (char *s, int userid)

      case 0:
        if (setuid (userid) == -1)
 -      {
 -        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
 -      }
 +	{
 +	  error (EXIT_FAILURE, 0,
 +		 "Could not drop privileges (setuid() failed)");
 +	}

        execl (PATH_BSHELL, "sh", "-c", s, NULL);
        _exit (127);
 diff --git a/src/rlogin.c b/src/rlogin.c
 index c543de0c..4360202f 100644
 --- a/src/rlogin.c
 +++ b/src/rlogin.c
 @@ -648,14 +648,14 @@ try_connect:
       to get the privileged port that rcmd () uses.  We now want, however,
       to run as the real user who invoked us.  */
    if (seteuid (uid) == -1)
 -  {
 -    error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
 -  }
 +    {
 +      error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
 +    }

    if (setuid (uid) == -1)
 -  {
 -    error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
 -  }
 +    {
 +      error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
 +    }

    doit (&osmask);	/* The old mask will activate SIGURG and SIGUSR1!  */

 diff --git a/src/rsh.c b/src/rsh.c
 index 6f60667d..179b47cd 100644
 --- a/src/rsh.c
 +++ b/src/rsh.c
 @@ -278,14 +278,14 @@ main (int argc, char **argv)
  	*argv = (char *) "rlogin";

        if (seteuid (getuid ()) == -1)
 -      {
 -        error (EXIT_FAILURE, errno, "seteuid() failed");
 -      }
 +	{
 +	  error (EXIT_FAILURE, errno, "seteuid() failed");
 +	}

        if (setuid (getuid ()) == -1)
 -      {
 -        error (EXIT_FAILURE, errno, "setuid() failed");
 -      }
 +	{
 +	  error (EXIT_FAILURE, errno, "setuid() failed");
 +	}

        execv (PATH_RLOGIN, argv);
        error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
 @@ -551,14 +551,14 @@ try_connect:
      }

    if (seteuid (uid) == -1)
 -  {
 -    error (EXIT_FAILURE, errno, "seteuid() failed");
 -  }
 +    {
 +      error (EXIT_FAILURE, errno, "seteuid() failed");
 +    }

    if (setuid (uid) == -1)
 -  {
 -    error (EXIT_FAILURE, errno, "setuid() failed");
 -  }
 +    {
 +      error (EXIT_FAILURE, errno, "setuid() failed");
 +    }

  #ifdef HAVE_SIGACTION
    sigemptyset (&sigs);
 diff --git a/src/rshd.c b/src/rshd.c
 index 707790e7..3a153a18 100644
 --- a/src/rshd.c
 +++ b/src/rshd.c
 @@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)

    /* Set the gid, then uid to become the user specified by "locuser" */
    if (setegid ((gid_t) pwd->pw_gid) == -1)
 -  {
 -    rshd_error ("Cannot drop privileges (setegid() failed)\n");
 -    exit (EXIT_FAILURE);
 -  }
 +    {
 +      rshd_error ("Cannot drop privileges (setegid() failed)\n");
 +      exit (EXIT_FAILURE);
 +    }

    if (setgid ((gid_t) pwd->pw_gid) == -1)
 -  {
 -    rshd_error ("Cannot drop privileges (setgid() failed)\n");
 -    exit (EXIT_FAILURE);
 -  }
 +    {
 +      rshd_error ("Cannot drop privileges (setgid() failed)\n");
 +      exit (EXIT_FAILURE);
 +    }

  #ifdef HAVE_INITGROUPS
    initgroups (pwd->pw_name, pwd->pw_gid);	/* BSD groups */
 @@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
  #endif /* WITH_PAM */

    if (setuid ((uid_t) pwd->pw_uid) == -1)
 -  {
 -    rshd_error ("Cannot drop privileges (setuid() failed)\n");
 -    exit (EXIT_FAILURE);
 -  }
 +    {
 +      rshd_error ("Cannot drop privileges (setuid() failed)\n");
 +      exit (EXIT_FAILURE);
 +    }

    /* We'll execute the client's command in the home directory
     * of locuser. Note, that the chdir must be executed after
 diff --git a/src/uucpd.c b/src/uucpd.c
 index 29cfce35..fde7b9c9 100644
 --- a/src/uucpd.c
 +++ b/src/uucpd.c
 @@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen)
    dologin (pw, sap, salen);

    if (setgid (pw->pw_gid) == -1)
 -  {
 -    fprintf (stderr, "setgid() failed");
 -    return;
 -  }
 +    {
 +      fprintf (stderr, "setgid() failed");
 +      return;
 +    }
  #ifdef HAVE_INITGROUPS
    initgroups (pw->pw_name, pw->pw_gid);
  #endif
 @@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen)
      }

    if (setuid (pw->pw_uid) == -1)
 -  {
 -    fprintf (stderr, "setuid() failed");
 -    return;
 -  }
 +    {
 +      fprintf (stderr, "setuid() failed");
 +      return;
 +    }

    execl (uucico_location, "uucico", NULL);
    perror ("uucico server: execl");
	From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001
	From: Simon Josefsson <simon@josefsson.org>
	Date: Mon, 31 Jul 2023 13:59:05 +0200
	Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit.

	CVE: CVE-2023-40303
	Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d]
	Signed-off-by: Khem Raj <raj.khem@gmail.com>
	---
	src/rcp.c \| 42 ++++++++++++++++++++++++------------------
	src/rlogin.c \| 12 ++++++------
	src/rsh.c \| 24 ++++++++++++------------
	src/rshd.c \| 24 ++++++++++++------------
	src/uucpd.c \| 16 ++++++++--------
	5 files changed, 62 insertions(+), 56 deletions(-)

	diff --git a/src/rcp.c b/src/rcp.c
	index cdcf8500..652f22e6 100644
	--- a/src/rcp.c
	+++ b/src/rcp.c
	@@ -347,9 +347,10 @@ main (int argc, char *argv[])
	response ();

	if (setuid (userid) == -1)
	- {
	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	- }
	+ {
	+ error (EXIT_FAILURE, 0,
	+ "Could not drop privileges (setuid() failed)");
	+ }

	source (argc, argv);
	exit (errs);
	@@ -358,9 +359,10 @@ main (int argc, char *argv[])
	if (to_option)
	{ /* Receive data. */
	if (setuid (userid) == -1)
	- {
	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	- }
	+ {
	+ error (EXIT_FAILURE, 0,
	+ "Could not drop privileges (setuid() failed)");
	+ }

	sink (argc, argv);
	exit (errs);
	@@ -548,9 +550,10 @@ toremote (char targ, int argc, char argv[])
	free (bp);

	if (setuid (userid) == -1)
	- {
	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	- }
	+ {
	+ error (EXIT_FAILURE, 0,
	+ "Could not drop privileges (setuid() failed)");
	+ }
	}
	source (1, argv + i);
	close (rem);
	@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[])
	}

	if (seteuid (userid) == -1)
	- {
	- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
	- }
	+ {
	+ error (EXIT_FAILURE, 0,
	+ "Could not drop privileges (seteuid() failed)");
	+ }

	#if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
	sslen = sizeof (ss);
	@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[])
	sink (1, vect);

	if (seteuid (effuid) == -1)
	- {
	- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
	- }
	+ {
	+ error (EXIT_FAILURE, 0,
	+ "Could not drop privileges (seteuid() failed)");
	+ }

	close (rem);
	rem = -1;
	@@ -1465,9 +1470,10 @@ susystem (char *s, int userid)

	case 0:
	if (setuid (userid) == -1)
	- {
	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	- }
	+ {
	+ error (EXIT_FAILURE, 0,
	+ "Could not drop privileges (setuid() failed)");
	+ }

	execl (PATH_BSHELL, "sh", "-c", s, NULL);
	_exit (127);
	diff --git a/src/rlogin.c b/src/rlogin.c
	index c543de0c..4360202f 100644
	--- a/src/rlogin.c
	+++ b/src/rlogin.c
	@@ -648,14 +648,14 @@ try_connect:
	to get the privileged port that rcmd () uses. We now want, however,
	to run as the real user who invoked us. */
	if (seteuid (uid) == -1)
	- {
	- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
	- }
	+ {
	+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
	+ }

	if (setuid (uid) == -1)
	- {
	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	- }
	+ {
	+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	+ }

	doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */

	diff --git a/src/rsh.c b/src/rsh.c
	index 6f60667d..179b47cd 100644
	--- a/src/rsh.c
	+++ b/src/rsh.c
	@@ -278,14 +278,14 @@ main (int argc, char **argv)
	argv = (char ) "rlogin";

	if (seteuid (getuid ()) == -1)
	- {
	- error (EXIT_FAILURE, errno, "seteuid() failed");
	- }
	+ {
	+ error (EXIT_FAILURE, errno, "seteuid() failed");
	+ }

	if (setuid (getuid ()) == -1)
	- {
	- error (EXIT_FAILURE, errno, "setuid() failed");
	- }
	+ {
	+ error (EXIT_FAILURE, errno, "setuid() failed");
	+ }

	execv (PATH_RLOGIN, argv);
	error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
	@@ -551,14 +551,14 @@ try_connect:
	}

	if (seteuid (uid) == -1)
	- {
	- error (EXIT_FAILURE, errno, "seteuid() failed");
	- }
	+ {
	+ error (EXIT_FAILURE, errno, "seteuid() failed");
	+ }

	if (setuid (uid) == -1)
	- {
	- error (EXIT_FAILURE, errno, "setuid() failed");
	- }
	+ {
	+ error (EXIT_FAILURE, errno, "setuid() failed");
	+ }

	#ifdef HAVE_SIGACTION
	sigemptyset (&sigs);
	diff --git a/src/rshd.c b/src/rshd.c
	index 707790e7..3a153a18 100644
	--- a/src/rshd.c
	+++ b/src/rshd.c
	@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)

	/* Set the gid, then uid to become the user specified by "locuser" */
	if (setegid ((gid_t) pwd->pw_gid) == -1)
	- {
	- rshd_error ("Cannot drop privileges (setegid() failed)\n");
	- exit (EXIT_FAILURE);
	- }
	+ {
	+ rshd_error ("Cannot drop privileges (setegid() failed)\n");
	+ exit (EXIT_FAILURE);
	+ }

	if (setgid ((gid_t) pwd->pw_gid) == -1)
	- {
	- rshd_error ("Cannot drop privileges (setgid() failed)\n");
	- exit (EXIT_FAILURE);
	- }
	+ {
	+ rshd_error ("Cannot drop privileges (setgid() failed)\n");
	+ exit (EXIT_FAILURE);
	+ }

	#ifdef HAVE_INITGROUPS
	initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */
	@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
	#endif /* WITH_PAM */

	if (setuid ((uid_t) pwd->pw_uid) == -1)
	- {
	- rshd_error ("Cannot drop privileges (setuid() failed)\n");
	- exit (EXIT_FAILURE);
	- }
	+ {
	+ rshd_error ("Cannot drop privileges (setuid() failed)\n");
	+ exit (EXIT_FAILURE);
	+ }

	/* We'll execute the client's command in the home directory
	* of locuser. Note, that the chdir must be executed after
	diff --git a/src/uucpd.c b/src/uucpd.c
	index 29cfce35..fde7b9c9 100644
	--- a/src/uucpd.c
	+++ b/src/uucpd.c
	@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen)
	dologin (pw, sap, salen);

	if (setgid (pw->pw_gid) == -1)
	- {
	- fprintf (stderr, "setgid() failed");
	- return;
	- }
	+ {
	+ fprintf (stderr, "setgid() failed");
	+ return;
	+ }
	#ifdef HAVE_INITGROUPS
	initgroups (pw->pw_name, pw->pw_gid);
	#endif
	@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen)
	}

	if (setuid (pw->pw_uid) == -1)
	- {
	- fprintf (stderr, "setuid() failed");
	- return;
	- }
	+ {
	+ fprintf (stderr, "setuid() failed");
	+ return;
	+ }

	execl (uucico_location, "uucico", NULL);
	perror ("uucico server: execl");