diff options
| author | alexei.volkov.bugs%sun.com <devnull@localhost> | 2006-09-08 00:00:01 +0000 |
|---|---|---|
| committer | alexei.volkov.bugs%sun.com <devnull@localhost> | 2006-09-08 00:00:01 +0000 |
| commit | ececd0e62c30934a83ace58d4765112bba6091e8 (patch) | |
| tree | 45ccadda09570182cdf837074f72e76a5172391e | |
| parent | fd776a527fab17cacab1a8f24da6931e7ea0b875 (diff) | |
| download | nspr-hg-ececd0e62c30934a83ace58d4765112bba6091e8.tar.gz | |
351470: setuid root programs linked with NSPR allow elevation of privilege. patches #1 and #2. r=nelson, sr=wtc
| -rw-r--r-- | pr/src/io/prfdcach.c | 8 | ||||
| -rw-r--r-- | pr/src/io/prlog.c | 8 | ||||
| -rw-r--r-- | pr/src/misc/pratom.c | 2 | ||||
| -rw-r--r-- | pr/src/misc/prtrace.c | 16 |
4 files changed, 25 insertions, 9 deletions
diff --git a/pr/src/io/prfdcach.c b/pr/src/io/prfdcach.c index aea19dff..d1277fcd 100644 --- a/pr/src/io/prfdcach.c +++ b/pr/src/io/prfdcach.c @@ -277,6 +277,14 @@ void _PR_InitFdCache(void) if (NULL != low) _pr_fd_cache.limit_low = atoi(low); if (NULL != high) _pr_fd_cache.limit_high = atoi(high); + if (_pr_fd_cache.limit_low < 0) + _pr_fd_cache.limit_low = 0; + if (_pr_fd_cache.limit_low > FD_SETSIZE) + _pr_fd_cache.limit_low = FD_SETSIZE; + + if (_pr_fd_cache.limit_high > FD_SETSIZE) + _pr_fd_cache.limit_high = FD_SETSIZE; + if (_pr_fd_cache.limit_high < _pr_fd_cache.limit_low) _pr_fd_cache.limit_high = _pr_fd_cache.limit_low; diff --git a/pr/src/io/prlog.c b/pr/src/io/prlog.c index ab348d4f..56573f2f 100644 --- a/pr/src/io/prlog.c +++ b/pr/src/io/prlog.c @@ -255,6 +255,12 @@ void _PR_InitLog(void) } PR_SetLogBuffering(isSync ? bufSize : 0); +#ifdef XP_UNIX + if (getuid() != geteuid()) { + return; + } +#endif /* XP_UNIX */ + ev = PR_GetEnv("NSPR_LOG_FILE"); if (ev && ev[0]) { if (!PR_SetLogFile(ev)) { @@ -293,10 +299,12 @@ void _PR_LogCleanup(void) #endif ) { fclose(logFile); + logFile = NULL; } #else if (logFile && logFile != _pr_stdout && logFile != _pr_stderr) { PR_Close(logFile); + logFile = NULL; } #endif diff --git a/pr/src/misc/pratom.c b/pr/src/misc/pratom.c index 24028e56..35b86c0d 100644 --- a/pr/src/misc/pratom.c +++ b/pr/src/misc/pratom.c @@ -120,6 +120,8 @@ int index; if (num_atomic_locks > MAX_ATOMIC_LOCKS) num_atomic_locks = MAX_ATOMIC_LOCKS; + else if (num_atomic_locks < 1) + num_atomic_locks = 1; else { num_atomic_locks = PR_FloorLog2(num_atomic_locks); num_atomic_locks = 1L << num_atomic_locks; diff --git a/pr/src/misc/prtrace.c b/pr/src/misc/prtrace.c index d26f5027..628e0f83 100644 --- a/pr/src/misc/prtrace.c +++ b/pr/src/misc/prtrace.c @@ -45,15 +45,7 @@ */ #include <string.h> -#include "prtrace.h" -#include "prclist.h" -#include "prlock.h" -#include "prcvar.h" -#include "prio.h" -#include "prlog.h" -#include "prenv.h" -#include "prmem.h" -#include "prerror.h" +#include "primpl.h" #define DEFAULT_TRACE_BUFSIZE ( 1024 * 1024 ) @@ -697,6 +689,12 @@ static PRFileDesc * InitializeRecording( void ) logLostData = 0; /* reset at entry */ logState = LogReset; +#ifdef XP_UNIX + if (getuid() != geteuid()) { + return NULL; + } +#endif /* XP_UNIX */ + /* Get the filename for the logfile from the environment */ logFileName = PR_GetEnv( "NSPR_TRACE_LOG" ); if ( logFileName == NULL ) |