From 4cb085f3618e5781b969f3121b57d086b4cdd1ab Mon Sep 17 00:00:00 2001 From: Ed Schouten Date: Sat, 17 Jan 2009 15:56:38 +0000 Subject: [PATCH] Fix handling of pts(4) device names in comsat(8). Also catch fork() errors. Pseudo-terminals allocated with posix_openpt(2) will have more slashes in their path names than comsat(8) allows, so allow slashes when the character device name starts with "pts/". This patch is loosely based on NetBSD's changes, revision 1.33. Because it also included the changes to fork(), I imported them here as well. Maybe we could import even more fixes from the other BSD's? Original commit message from the NetBSD folks: PR/30170: Markus W Kilbinger: src/libexec/comsat complains about: '/' in "/dev/pts/1" Reported by: Robert Huff --- libexec/comsat/comsat.c | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/libexec/comsat/comsat.c b/libexec/comsat/comsat.c index ed14b1a2d2bc..fd7cc8d4dc36 100644 --- a/libexec/comsat/comsat.c +++ b/libexec/comsat/comsat.c @@ -203,21 +203,32 @@ notify(struct utmp *utp, char file[], off_t offset, int folder) struct stat stb; struct termios tio; char tty[20], name[sizeof(utmp[0].ut_name) + 1]; + const char *cr = utp->ut_line; - (void)snprintf(tty, sizeof(tty), "%s%.*s", - _PATH_DEV, (int)sizeof(utp->ut_line), utp->ut_line); - if (strchr(tty + sizeof(_PATH_DEV) - 1, '/')) { + if (strncmp(cr, "pts/", 4) == 0) + cr += 4; + if (strchr(cr, '/')) { /* A slash is an attempt to break security... */ - syslog(LOG_AUTH | LOG_NOTICE, "'/' in \"%s\"", tty); + syslog(LOG_AUTH | LOG_NOTICE, "Unexpected `/' in `%s'", + utp->ut_line); return; } - if (stat(tty, &stb) || !(stb.st_mode & (S_IXUSR | S_IXGRP))) { + (void)snprintf(tty, sizeof(tty), "%s%.*s", + _PATH_DEV, (int)sizeof(utp->ut_line), utp->ut_line); + if (stat(tty, &stb) == -1 || !(stb.st_mode & (S_IXUSR | S_IXGRP))) { dsyslog(LOG_DEBUG, "%s: wrong mode on %s", utp->ut_name, tty); return; } dsyslog(LOG_DEBUG, "notify %s on %s\n", utp->ut_name, tty); - if (fork()) + switch (fork()) { + case -1: + syslog(LOG_NOTICE, "fork failed (%m)"); return; + case 0: + break; + default: + return; + } (void)signal(SIGALRM, SIG_DFL); (void)alarm((u_int)30); if ((tp = fopen(tty, "w")) == NULL) {