Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / refs/heads/mickledore / . / poky / meta / recipes-connectivity / inetutils / inetutils / 0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
blob: f4252b5f34f4ab30754946504dd58fdd953dbedc [file] [log] [blame]
Andrew Geissler1e488cd2023-10-03 09:44:52 -0500[diff] [blame]1From 9122999252c7e21eb7774de11d539748e7bdf46d Mon Sep 17 00:00:00 2001
2From: Simon Josefsson <simon@josefsson.org>
3Date: Tue, 29 Aug 2023 06:42:11 +0000
4Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit.
5
6CVE: CVE-2023-40303
7
8Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d]
9
10Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
11---
12 src/rcp.c | 42 ++++++++++++++++++++++++------------------
13 src/rlogin.c | 12 ++++++------
14 src/rsh.c | 26 +++++++++++++-------------
15 src/rshd.c | 24 ++++++++++++------------
16 src/uucpd.c | 16 ++++++++--------
17 5 files changed, 63 insertions(+), 57 deletions(-)
18
19diff --git a/src/rcp.c b/src/rcp.c
20index 7018e35..e504f8a 100644
21--- a/src/rcp.c
22+++ b/src/rcp.c
23@@ -347,9 +347,10 @@ main (int argc, char *argv[])
24 response ();
25
26 if (setuid (userid) == -1)
27- {
28- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
29- }
30+ {
31+ error (EXIT_FAILURE, 0,
32+ "Could not drop privileges (setuid() failed)");
33+ }
34
35 source (argc, argv);
36 exit (errs);
37@@ -358,9 +359,10 @@ main (int argc, char *argv[])
38 if (to_option)
39 { /* Receive data. */
40 if (setuid (userid) == -1)
41- {
42- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
43- }
44+ {
45+ error (EXIT_FAILURE, 0,
46+ "Could not drop privileges (setuid() failed)");
47+ }
48
49 sink (argc, argv);
50 exit (errs);
51@@ -548,9 +550,10 @@ toremote (char *targ, int argc, char *argv[])
52 free (bp);
53
54 if (setuid (userid) == -1)
55- {
56- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
57- }
58+ {
59+ error (EXIT_FAILURE, 0,
60+ "Could not drop privileges (setuid() failed)");
61+ }
62 }
63 source (1, argv + i);
64 close (rem);
65@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[])
66 }
67
68 if (seteuid (userid) == -1)
69- {
70- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
71- }
72+ {
73+ error (EXIT_FAILURE, 0,
74+ "Could not drop privileges (seteuid() failed)");
75+ }
76
77 #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
78 sslen = sizeof (ss);
79@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[])
80 sink (1, vect);
81
82 if (seteuid (effuid) == -1)
83- {
84- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
85- }
86+ {
87+ error (EXIT_FAILURE, 0,
88+ "Could not drop privileges (seteuid() failed)");
89+ }
90
91 close (rem);
92 rem = -1;
93@@ -1465,9 +1470,10 @@ susystem (char *s, int userid)
94
95 case 0:
96 if (setuid (userid) == -1)
97- {
98- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
99- }
100+ {
101+ error (EXIT_FAILURE, 0,
102+ "Could not drop privileges (setuid() failed)");
103+ }
104
105 execl (PATH_BSHELL, "sh", "-c", s, NULL);
106 _exit (127);
107diff --git a/src/rlogin.c b/src/rlogin.c
108index 9bf9645..a0c1237 100644
109--- a/src/rlogin.c
110+++ b/src/rlogin.c
111@@ -648,14 +648,14 @@ try_connect:
112 to get the privileged port that rcmd () uses. We now want, however,
113 to run as the real user who invoked us. */
114 if (seteuid (uid) == -1)
115- {
116- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
117- }
118+ {
119+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
120+ }
121
122 if (setuid (uid) == -1)
123- {
124- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
125- }
126+ {
127+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
128+ }
129
130 doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */
131
132diff --git a/src/rsh.c b/src/rsh.c
133index 7b9cf22..c8f50d3 100644
134--- a/src/rsh.c
135+++ b/src/rsh.c
136@@ -278,14 +278,14 @@ main (int argc, char **argv)
137 *argv = (char *) "rlogin";
138
139 if (seteuid (getuid ()) == -1)
140- {
141- error (EXIT_FAILURE, errno, "seteuid() failed");
142- }
143-
144+ {
145+ error (EXIT_FAILURE, errno, "seteuid() failed");
146+ }
147+
148 if (setuid (getuid ()) == -1)
149- {
150- error (EXIT_FAILURE, errno, "setuid() failed");
151- }
152+ {
153+ error (EXIT_FAILURE, errno, "setuid() failed");
154+ }
155
156 execv (PATH_RLOGIN, argv);
157 error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
158@@ -551,14 +551,14 @@ try_connect:
159 }
160
161 if (seteuid (uid) == -1)
162- {
163- error (EXIT_FAILURE, errno, "seteuid() failed");
164- }
165+ {
166+ error (EXIT_FAILURE, errno, "seteuid() failed");
167+ }
168
169 if (setuid (uid) == -1)
170- {
171- error (EXIT_FAILURE, errno, "setuid() failed");
172- }
173+ {
174+ error (EXIT_FAILURE, errno, "setuid() failed");
175+ }
176
177 #ifdef HAVE_SIGACTION
178 sigemptyset (&sigs);
179diff --git a/src/rshd.c b/src/rshd.c
180index 707790e..df43edf 100644
181--- a/src/rshd.c
182+++ b/src/rshd.c
183@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
184
185 /* Set the gid, then uid to become the user specified by "locuser" */
186 if (setegid ((gid_t) pwd->pw_gid) == -1)
187- {
188- rshd_error ("Cannot drop privileges (setegid() failed)\n");
189- exit (EXIT_FAILURE);
190- }
191+ {
192+ rshd_error ("Cannot drop privileges (setegid() failed)\n");
193+ exit (EXIT_FAILURE);
194+ }
195
196 if (setgid ((gid_t) pwd->pw_gid) == -1)
197- {
198- rshd_error ("Cannot drop privileges (setgid() failed)\n");
199- exit (EXIT_FAILURE);
200- }
201+ {
202+ rshd_error ("Cannot drop privileges (setgid() failed)\n");
203+ exit (EXIT_FAILURE);
204+ }
205
206 #ifdef HAVE_INITGROUPS
207 initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */
208@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
209 #endif /* WITH_PAM */
210
211 if (setuid ((uid_t) pwd->pw_uid) == -1)
212- {
213- rshd_error ("Cannot drop privileges (setuid() failed)\n");
214- exit (EXIT_FAILURE);
215- }
216+ {
217+ rshd_error ("Cannot drop privileges (setuid() failed)\n");
218+ exit (EXIT_FAILURE);
219+ }
220
221 /* We'll execute the client's command in the home directory
222 * of locuser. Note, that the chdir must be executed after
223diff --git a/src/uucpd.c b/src/uucpd.c
224index 29cfce3..afe24f3 100644
225--- a/src/uucpd.c
226+++ b/src/uucpd.c
227@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen)
228 dologin (pw, sap, salen);
229
230 if (setgid (pw->pw_gid) == -1)
231- {
232- fprintf (stderr, "setgid() failed");
233- return;
234- }
235+ {
236+ fprintf (stderr, "setgid() failed");
237+ return;
238+ }
239 #ifdef HAVE_INITGROUPS
240 initgroups (pw->pw_name, pw->pw_gid);
241 #endif
242@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen)
243 }
244
245 if (setuid (pw->pw_uid) == -1)
246- {
247- fprintf (stderr, "setuid() failed");
248- return;
249- }
250+ {
251+ fprintf (stderr, "setuid() failed");
252+ return;
253+ }
254
255 execl (uucico_location, "uucico", NULL);
256 perror ("uucico server: execl");
257--
2582.40.0