dma: exit if invoked with invalid (zero) argc
This was prompted by the recent pkexec vulnerability (CVE-2021-4034). This change is being made on general principle for setuid/setgid binaries and is not in response to an actual issue. Reviewed by: kevans, markj (both earlier) MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34087
This commit is contained in:
parent
8d8b9b560a
commit
1c91aedf25
@ -428,6 +428,9 @@ main(int argc, char **argv)
|
||||
int nodot = 0, showq = 0, queue_only = 0, newaliases = 0;
|
||||
int recp_from_header = 0;
|
||||
|
||||
if (argc == 0)
|
||||
errx(EX_OSERR, "invalid argc");
|
||||
|
||||
set_username();
|
||||
|
||||
/*
|
||||
|
Loading…
Reference in New Issue
Block a user