Check return values from setuid, prompted by MIT

advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17878 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-08-08 21:43:58 +00:00
parent cd67e721c3
commit 847a99a0ec
2 changed files with 8 additions and 4 deletions
--- a/appl/rcp/util.c
+++ b/appl/rcp/util.c
@@ -112,7 +112,8 @@ susystem(s, userid)
 		return (127);

 	case 0:
-		(void)setuid(userid);
+		if (setuid(userid) < 0)
+			_exit(127);
 		execl(_PATH_BSHELL, "sh", "-c", s, NULL);
 		_exit(127);
 	}