diff options
author | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2022-01-02 04:08:11 +0100 |
---|---|---|
committer | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2022-01-04 01:14:41 +0100 |
commit | 0e298448aad6fabf455923e72e0d1a3c56e9ab9e (patch) | |
tree | 0d38518e66bb5c59cf9aa8518d05a6d4996aa741 /hurd | |
parent | 8df0def7a4e852058e85af8493265c9ebb49bd08 (diff) | |
download | glibc-0e298448aad6fabf455923e72e0d1a3c56e9ab9e.zip glibc-0e298448aad6fabf455923e72e0d1a3c56e9ab9e.tar.gz glibc-0e298448aad6fabf455923e72e0d1a3c56e9ab9e.tar.bz2 |
hurd: Fix auth port leak
If access() was used before exec, _hurd_id.rid_auth would cache an
"effective" auth port. We do not want this to leak into the executed
program.
Diffstat (limited to 'hurd')
-rw-r--r-- | hurd/hurdexec.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/hurd/hurdexec.c b/hurd/hurdexec.c index 3dc6143..5b27f18 100644 --- a/hurd/hurdexec.c +++ b/hurd/hurdexec.c @@ -229,6 +229,14 @@ retry: reflects that our whole ID set differs from what we've set it to. */ __mutex_lock (&_hurd_id.lock); err = _hurd_check_ids (); + + /* Avoid leaking the rid_auth port reference to the new progam */ + if (_hurd_id.rid_auth != MACH_PORT_NULL) + { + __mach_port_deallocate (__mach_task_self (), _hurd_id.rid_auth); + _hurd_id.rid_auth = MACH_PORT_NULL; + } + if (err == 0 && ((_hurd_id.aux.nuids >= 2 && _hurd_id.gen.nuids >= 1 && _hurd_id.aux.uids[1] != _hurd_id.gen.uids[0]) || (_hurd_id.aux.ngids >= 2 && _hurd_id.gen.ngids >= 1 @@ -244,11 +252,6 @@ retry: _hurd_id.aux.uids[1] = _hurd_id.gen.uids[0]; _hurd_id.aux.gids[1] = _hurd_id.gen.gids[0]; _hurd_id.valid = 0; - if (_hurd_id.rid_auth != MACH_PORT_NULL) - { - __mach_port_deallocate (__mach_task_self (), _hurd_id.rid_auth); - _hurd_id.rid_auth = MACH_PORT_NULL; - } err = __auth_makeauth (ports[INIT_PORT_AUTH], NULL, MACH_MSG_TYPE_COPY_SEND, 0, |