Attachment #209942 for bug #241684




#include <unistd.h>

#include "mntopts.h"
#include "mount_msdosfs.h"

static gid_t	a_gid(char *);
static uid_t	a_uid(char *);

	struct iovec *iov = NULL;
	int iovlen = 0;
	struct stat sb;
	FILE *fp;
	int c, set_gid, set_uid, set_mask, set_dirmask;
	char *dev, *dir, mntpath[MAXPATHLEN], *csp;
	char fstype[] = "msdosfs";
	char errmsg[255] = {0};
	char *cs_dos = NULL;
	char *cs_local = NULL;
	char	*confp = NULL, *tok = NULL, flags[FLAGS_MAX_LEN + 1];
	char	*local_argv[ARG_MAX];
	int	local_argc = 1;
	mode_t mask = 0, dirmask = 0;
	uid_t uid = 0;
	gid_t gid = 0;

	set_gid = set_uid = set_mask = set_dirmask = 0;

	/* Insert flags from conf before argv[1] */
	local_argv[0] = argv[0];
	if ( secure_conf(CONF_FILE, &sb, argv) != -1 )
	{
		if ( (fp = fopen(CONF_FILE, "r")) != NULL )
		{
			fgets(flags, FLAGS_MAX_LEN, fp);
			flags[strlen(flags)-1] = '\0';
			for (c = 1, confp = flags;
				(tok = strsep(&confp, " \t")) != NULL; ++c)
			{
				local_argv[c] = tok;
			}
			local_argc = c;
			fclose(fp);
		}
	}
	for (c = 1; c <= argc; ++c)
	{
		local_argv[local_argc + c - 1] = argv[c];
	}
	local_argc += argc - 1;
	for (c = 0; c <= local_argc; ++c)
		printf("argv[%d] = %s\n", c, local_argv[c]);

	while ((c = getopt(local_argc, local_argv, "sl9u:g:m:M:o:L:D:W:")) != -1) {
		switch (c) {
		case 's':
			build_iovec(&iov, &iovlen, "shortnames", NULL, (size_t)-1);

		}
	}

	if (optind + 2 != local_argc)
		usage();

	if (set_mask && !set_dirmask) {

		set_mask = 1;
	}

	dev = local_argv[optind];
	dir = local_argv[optind + 1];

	if (cs_local != NULL) {
		if (set_charset(&iov, &iovlen, cs_local, cs_dos) == -1)

			err(1, "%s", dev);
	}

	exit (EX_OK);
}

gid_t

	}

	return (0);
}


int	secure_conf(const char *filename, struct stat *sb, char *argv[])

{
	int	status;

	if ( (status = stat(filename, sb)) != -1 )
	{
		if ( (sb->st_uid != 0) || (sb->st_gid != 0) )
		{
			fprintf(stderr, "%s: Security issue: %s must be owned by root/wheel!\n", argv[0], CONF_FILE);
			exit(EX_OSFILE);
		}
		if ( sb->st_mode &(S_IWGRP|S_IWOTH) )
		{
			fprintf(stderr, "%s: Security issue: %s cannot be group or world writable!\n", argv[0], CONF_FILE);
			exit(EX_OSFILE);
		}
	}
	return status;
}

Return to bug 241684

Lines 58-63 Link Here

(-)mount_msdosfs.c (-5 / +57 lines)
58	#include <unistd.h>	58	#include <unistd.h>
59		59
60	#include "mntopts.h"	60	#include "mntopts.h"
		61	#include "mount_msdosfs.h"
61		62
62	static gid_t a_gid(char *);	63	static gid_t a_gid(char *);
63	static uid_t a_uid(char *);	64	static uid_t a_uid(char *);
Lines 71-89 Link Here
71	struct iovec *iov = NULL;	72	struct iovec *iov = NULL;
72	int iovlen = 0;	73	int iovlen = 0;
73	struct stat sb;	74	struct stat sb;
		75	FILE *fp;
74	int c, set_gid, set_uid, set_mask, set_dirmask;	76	int c, set_gid, set_uid, set_mask, set_dirmask;
75	char dev, dir, mntpath[MAXPATHLEN], *csp;	77	char dev, dir, mntpath[MAXPATHLEN], *csp;
76	char fstype[] = "msdosfs";	78	char fstype[] = "msdosfs";
77	char errmsg[255] = {0};	79	char errmsg[255] = {0};
78	char *cs_dos = NULL;	80	char *cs_dos = NULL;
79	char *cs_local = NULL;	81	char *cs_local = NULL;
		82	char confp = NULL, tok = NULL, flags[FLAGS_MAX_LEN + 1];
		83	char *local_argv[ARG_MAX];
		84	int local_argc = 1;
80	mode_t mask = 0, dirmask = 0;	85	mode_t mask = 0, dirmask = 0;
81	uid_t uid = 0;	86	uid_t uid = 0;
82	gid_t gid = 0;	87	gid_t gid = 0;
83		88
84	set_gid = set_uid = set_mask = set_dirmask = 0;	89	set_gid = set_uid = set_mask = set_dirmask = 0;
85		90
86	while ((c = getopt(argc, argv, "sl9u:g:m:M:o:L:D:W:")) != -1) {	91	/* Insert flags from conf before argv[1] */
		92	local_argv[0] = argv[0];
		93	if ( secure_conf(CONF_FILE, &sb, argv) != -1 )
		94	{
		95	if ( (fp = fopen(CONF_FILE, "r")) != NULL )
		96	{
		97	fgets(flags, FLAGS_MAX_LEN, fp);
		98	flags[strlen(flags)-1] = '\0';
		99	for (c = 1, confp = flags;
		100	(tok = strsep(&confp, " \t")) != NULL; ++c)
		101	{
		102	local_argv[c] = tok;
		103	}
		104	local_argc = c;
		105	fclose(fp);
		106	}
		107	}
		108	for (c = 1; c <= argc; ++c)
		109	{
		110	local_argv[local_argc + c - 1] = argv[c];
		111	}
		112	local_argc += argc - 1;
		113	for (c = 0; c <= local_argc; ++c)
		114	printf("argv[%d] = %s\n", c, local_argv[c]);
		115
		116	while ((c = getopt(local_argc, local_argv, "sl9u:g:m:M:o:L:D:W:")) != -1) {
87	switch (c) {	117	switch (c) {
88	case 's':	118	case 's':
89	build_iovec(&iov, &iovlen, "shortnames", NULL, (size_t)-1);	119	build_iovec(&iov, &iovlen, "shortnames", NULL, (size_t)-1);
Lines 164-170 Link Here
164	}	194	}
165	}	195	}
166		196
167	if (optind + 2 != argc)	197	if (optind + 2 != local_argc)
168	usage();	198	usage();
169		199
170	if (set_mask && !set_dirmask) {	200	if (set_mask && !set_dirmask) {
Lines 176-183 Link Here
176	set_mask = 1;	206	set_mask = 1;
177	}	207	}
178		208
179	dev = argv[optind];	209	dev = local_argv[optind];
180	dir = argv[optind + 1];	210	dir = local_argv[optind + 1];
181		211
182	if (cs_local != NULL) {	212	if (cs_local != NULL) {
183	if (set_charset(&iov, &iovlen, cs_local, cs_dos) == -1)	213	if (set_charset(&iov, &iovlen, cs_local, cs_dos) == -1)
Lines 227-233 Link Here
227	err(1, "%s", dev);	257	err(1, "%s", dev);
228	}	258	}
229		259
230	exit (0);	260	exit (EX_OK);
231	}	261	}
232		262
233	gid_t	263	gid_t
Lines 323-326 Link Here
323	}	353	}
324		354
325	return (0);	355	return (0);
		356	}
		357
		358
		359	int secure_conf(const char filename, struct stat sb, char *argv[])
		360
		361	{
		362	int status;
		363
		364	if ( (status = stat(filename, sb)) != -1 )
		365	{
		366	if ( (sb->st_uid != 0) \|\| (sb->st_gid != 0) )
		367	{
		368	fprintf(stderr, "%s: Security issue: %s must be owned by root/wheel!\n", argv[0], CONF_FILE);
		369	exit(EX_OSFILE);
		370	}
		371	if ( sb->st_mode &(S_IWGRP\|S_IWOTH) )
		372	{
		373	fprintf(stderr, "%s: Security issue: %s cannot be group or world writable!\n", argv[0], CONF_FILE);
		374	exit(EX_OSFILE);
		375	}
		376	}
		377	return status;
326	}	378	}