diff options
| author | Todd C. Miller <Todd.Miller@courtesan.com> | 2017-05-30 10:44:11 -0600 |
|---|---|---|
| committer | Todd C. Miller <Todd.Miller@courtesan.com> | 2017-05-30 10:44:11 -0600 |
| commit | 5d03d461606c43654cb3c82cd5673590b6516a37 (patch) | |
| tree | 7d5e519f34c60d2907b32992d8716caa48c08632 /src/selinux.c | |
| parent | 5741810f3009ba98797b93712f095d96312e10e2 (diff) | |
| download | sudo-5d03d461606c43654cb3c82cd5673590b6516a37.tar.gz | |
After opening a tty device, fstat() and error out if it is not
a character device.
Diffstat (limited to 'src/selinux.c')
| -rw-r--r-- | src/selinux.c | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/src/selinux.c b/src/selinux.c index c63869a46..71bba949f 100644 --- a/src/selinux.c +++ b/src/selinux.c @@ -29,6 +29,7 @@ #ifdef HAVE_SELINUX #include <sys/types.h> +#include <sys/stat.h> #include <sys/wait.h> #include <stdio.h> #include <stdlib.h> @@ -149,6 +150,7 @@ relabel_tty(const char *ttyn, int ptyfd) { security_context_t tty_con = NULL; security_context_t new_tty_con = NULL; + struct stat sb; int fd; debug_decl(relabel_tty, SUDO_DEBUG_SELINUX) @@ -161,10 +163,15 @@ relabel_tty(const char *ttyn, int ptyfd) /* If sudo is not allocating a pty for the command, open current tty. */ if (ptyfd == -1) { se_state.ttyfd = open(ttyn, O_RDWR|O_NOCTTY|O_NONBLOCK); - if (se_state.ttyfd == -1) { + if (se_state.ttyfd == -1 || fstat(se_state.ttyfd, &sb) == -1) { sudo_warn(U_("unable to open %s, not relabeling tty"), ttyn); goto bad; } + if (!S_ISCHR(sb.st_mode)) { + sudo_warn(U_("%s is not a character device, not relabeling tty"), + ttyn); + goto bad; + } (void)fcntl(se_state.ttyfd, F_SETFL, fcntl(se_state.ttyfd, F_GETFL, 0) & ~O_NONBLOCK); } @@ -197,10 +204,15 @@ relabel_tty(const char *ttyn, int ptyfd) if (ptyfd != -1) { /* Reopen pty that was relabeled, std{in,out,err} are reset later. */ se_state.ttyfd = open(ttyn, O_RDWR|O_NOCTTY, 0); - if (se_state.ttyfd == -1) { + if (se_state.ttyfd == -1 || fstat(se_state.ttyfd, &sb) == -1) { sudo_warn(U_("unable to open %s"), ttyn); goto bad; } + if (!S_ISCHR(sb.st_mode)) { + sudo_warn(U_("%s is not a character device, not relabeling tty"), + ttyn); + goto bad; + } if (dup2(se_state.ttyfd, ptyfd) == -1) { sudo_warn("dup2"); goto bad; @@ -209,10 +221,15 @@ relabel_tty(const char *ttyn, int ptyfd) /* Re-open tty to get new label and reset std{in,out,err} */ close(se_state.ttyfd); se_state.ttyfd = open(ttyn, O_RDWR|O_NOCTTY|O_NONBLOCK); - if (se_state.ttyfd == -1) { + if (se_state.ttyfd == -1 || fstat(se_state.ttyfd, &sb) == -1) { sudo_warn(U_("unable to open %s"), ttyn); goto bad; } + if (!S_ISCHR(sb.st_mode)) { + sudo_warn(U_("%s is not a character device, not relabeling tty"), + ttyn); + goto bad; + } (void)fcntl(se_state.ttyfd, F_SETFL, fcntl(se_state.ttyfd, F_GETFL, 0) & ~O_NONBLOCK); for (fd = STDIN_FILENO; fd <= STDERR_FILENO; fd++) { |