| File: | xdmshell/xdmshell.c |
| Location: | line 77, column 19 |
| Description: | Call to function 'vfork' is insecure as it can lead to denial of service situations in the parent process. Replace calls to vfork with calls to the safer 'posix_spawn' function |
| 1 | /* |
| 2 | * xdmshell - simple program for running xdm from login |
| 3 | * |
| 4 | * |
| 5 | Copyright 1988, 1998 The Open Group |
| 6 | |
| 7 | Permission to use, copy, modify, distribute, and sell this software and its |
| 8 | documentation for any purpose is hereby granted without fee, provided that |
| 9 | the above copyright notice appear in all copies and that both that |
| 10 | copyright notice and this permission notice appear in supporting |
| 11 | documentation. |
| 12 | |
| 13 | The above copyright notice and this permission notice shall be included in |
| 14 | all copies or substantial portions of the Software. |
| 15 | |
| 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
| 17 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| 18 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| 19 | OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN |
| 20 | AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN |
| 21 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
| 22 | |
| 23 | Except as contained in this notice, the name of The Open Group shall not be |
| 24 | used in advertising or otherwise to promote the sale, use or other dealings |
| 25 | in this Software without prior written authorization from The Open Group. |
| 26 | * * |
| 27 | * Author: Jim Fulton, MIT X Consortium |
| 28 | * |
| 29 | * This program should probably be setuid to root. |
| 30 | * |
| 31 | * WARNING: Make sure that you tailor your Xresources file to have a |
| 32 | * way of invoking the abort-display() action. Otherwise, you won't be able |
| 33 | * bring down X when you are finished. |
| 34 | */ |
| 35 | |
| 36 | |
| 37 | #include <stdio.h> |
| 38 | #include "dm.h" |
| 39 | #include <errno(*__error()).h> |
| 40 | #include <unistd.h> |
| 41 | |
| 42 | #ifndef BINDIR"/Users/jeremy/src/freedesktop/jhbuild/build/bin" |
| 43 | # define BINDIR"/Users/jeremy/src/freedesktop/jhbuild/build/bin" "/usr/bin/X11" |
| 44 | #endif |
| 45 | |
| 46 | /* |
| 47 | * HP-UX does have vfork, but A/UX doesn't |
| 48 | */ |
| 49 | #ifdef HAVE_WORKING_VFORK1 /* autoconf's preferred name */ |
| 50 | # define HAS_VFORK |
| 51 | #endif |
| 52 | |
| 53 | #ifndef HAS_VFORK |
| 54 | # define vfork() fork() |
| 55 | #endif |
| 56 | |
| 57 | static char *ProgramName; |
| 58 | |
| 59 | static int exec_args ( |
| 60 | char *filename, |
| 61 | char **args) |
| 62 | { |
| 63 | pid_t pid; |
| 64 | waitType status; |
| 65 | |
| 66 | if (!filename) return -1; |
| 67 | |
| 68 | if (filename[0] != '/') { |
| 69 | fprintf (stderr__stderrp, |
| 70 | "%s: attempt to execute program with relative pathname: %s\n", |
| 71 | ProgramName, filename); |
| 72 | return -1; |
| 73 | } |
| 74 | |
| 75 | if (access (filename, X_OK(1<<0)) != 0) return -1; |
| 76 | |
| 77 | switch (pid = vfork ()) { |
Call to function 'vfork' is insecure as it can lead to denial of service situations in the parent process. Replace calls to vfork with calls to the safer 'posix_spawn' function | |
| 78 | case -1: /* error */ |
| 79 | return -1; |
| 80 | case 0: /* child */ |
| 81 | execv (filename, args); |
| 82 | _exit (1); |
| 83 | /* NOTREACHED */ |
| 84 | default: /* parent */ |
| 85 | while (wait (&status) != pid) ; |
| 86 | } |
| 87 | return waitCode (status)((((*(int *)&(status)) & 0177) == 0) ? (((*(int *)& (status)) >> 8) & 0x000000ff) : 0); |
| 88 | } |
| 89 | |
| 90 | #if defined(sun) |
| 91 | static int exec_one_arg ( |
| 92 | char *filename, |
| 93 | char *arg) |
| 94 | { |
| 95 | char *argv[3]; |
| 96 | |
| 97 | argv[0] = filename; |
| 98 | argv[1] = arg; |
| 99 | argv[2] = NULL((void*)0); |
| 100 | return exec_args (filename, argv); |
| 101 | } |
| 102 | #endif |
| 103 | |
| 104 | int |
| 105 | main ( |
| 106 | int argc, |
| 107 | char *argv[]) |
| 108 | { |
| 109 | int ttyfd; |
| 110 | char cmdbuf[256]; |
| 111 | char *args[10]; |
| 112 | |
| 113 | ProgramName = argv[0]; |
| 114 | |
| 115 | if (argc > 1) { |
| 116 | fprintf (stderr__stderrp, "usage: %s\r\n", ProgramName); |
| 117 | exit (1); |
| 118 | } |
| 119 | |
| 120 | ttyfd = open ("/dev/tty", O_RDWR0x0002, 0); |
| 121 | if (ttyfd < 3) { /* stdin = 0, stdout = 1, stderr = 2 */ |
| 122 | fprintf (stderr__stderrp, |
| 123 | "%s: must be run directly from the console.\r\n", |
| 124 | ProgramName); |
| 125 | exit (1); |
| 126 | } |
| 127 | (void) close (ttyfd); |
| 128 | |
| 129 | /* make xdm run in a non-setuid environment */ |
| 130 | if (setuid (geteuid()) == -1) { |
| 131 | fprintf(stderr__stderrp, "%s: cannot setuid (error %d, %s)\r\n", |
| 132 | ProgramName, errno(*__error()), strerror(errno(*__error()))); |
| 133 | exit(1); |
| 134 | } |
| 135 | |
| 136 | /* |
| 137 | * exec /usr/bin/X11/xdm -nodaemon -udpPort 0 |
| 138 | */ |
| 139 | strcpy (cmdbuf, BINDIR)__builtin___strcpy_chk (cmdbuf, "/Users/jeremy/src/freedesktop/jhbuild/build/bin" , __builtin_object_size (cmdbuf, 2 > 1 ? 1 : 0)); |
| 140 | strcat (cmdbuf, "/xdm")__builtin___strcat_chk (cmdbuf, "/xdm", __builtin_object_size (cmdbuf, 2 > 1 ? 1 : 0)); |
| 141 | args[0] = cmdbuf; |
| 142 | args[1] = "-nodaemon"; |
| 143 | args[2] = "-udpPort"; |
| 144 | args[3] = "0"; |
| 145 | args[4] = NULL((void*)0); |
| 146 | if (exec_args (cmdbuf, args) == -1) { |
| 147 | fprintf (stderr__stderrp, "%s: unable to execute %s (error %d, %s)\r\n", |
| 148 | ProgramName, cmdbuf, errno(*__error()), strerror(errno(*__error()))); |
| 149 | exit (1); |
| 150 | } |
| 151 | |
| 152 | #ifdef sun |
| 153 | strcpy (cmdbuf, BINDIR)__builtin___strcpy_chk (cmdbuf, "/Users/jeremy/src/freedesktop/jhbuild/build/bin" , __builtin_object_size (cmdbuf, 2 > 1 ? 1 : 0)); |
| 154 | strcat (cmdbuf, "/kbd_mode")__builtin___strcat_chk (cmdbuf, "/kbd_mode", __builtin_object_size (cmdbuf, 2 > 1 ? 1 : 0)); |
| 155 | (void) exec_one_arg (cmdbuf, "-a"); |
| 156 | #endif |
| 157 | |
| 158 | exit (0); |
| 159 | /*NOTREACHED*/ |
| 160 | } |