Changeset be8de0ff in rtems


Ignore:
Timestamp:
Oct 5, 2018, 1:16:46 PM (14 months ago)
Author:
Sebastian Huber <sebastian.huber@…>
Branches:
master
Children:
2f784d7
Parents:
df97c4d2
Message:

ftpd: Fix insecure chroot() handling

Ensure that the rtems_libio_set_private_env() was successful before the
chroot().

Update #3530.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • cpukit/ftpd/ftpd.c

    rdf97c4d2 rbe8de0ff  
    18801880{
    18811881  FTPD_SessionInfo_t  *const info = (FTPD_SessionInfo_t  *)arg;
    1882   int chroot_made = 0;
    1883 
    1884   rtems_libio_set_private_env();
    1885 
    1886   /* chroot() can fail here because the directory may not exist yet. */
    1887   chroot_made = chroot(ftpd_root) == 0;
    1888 
    1889   while(1)
     1882  bool chroot_made = false;
     1883
     1884  while (1)
    18901885  {
    18911886    rtems_event_set set;
     
    18951890      &set);
    18961891
    1897     chroot_made = chroot_made || chroot(ftpd_root) == 0;
    1898 
     1892    chroot_made = chroot_made
     1893      || (rtems_libio_set_private_env() == RTEMS_SUCCESSFUL
     1894        && chroot(ftpd_root) == 0);
     1895
     1896    /*
     1897     * The chdir() must immediatly follow the chroot(), otherwise static
     1898     * analysis tools may complain about a security issue.
     1899    */
    18991900    rv = chroot_made ? chdir("/") : -1;
    19001901
Note: See TracChangeset for help on using the changeset viewer.