diff options
author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-10-05 15:16:46 +0200 |
---|---|---|
committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-10-05 15:16:46 +0200 |
commit | be8de0ff46d3ad9e5facda7eb215fa1d545b1010 (patch) | |
tree | bc8b1545063c3026ecdc71e0c3739135291888c8 /cpukit/ftpd/ftpd.c | |
parent | ftpd: Avoid resource leak (diff) | |
download | rtems-be8de0ff46d3ad9e5facda7eb215fa1d545b1010.tar.bz2 |
ftpd: Fix insecure chroot() handling
Ensure that the rtems_libio_set_private_env() was successful before the
chroot().
Update #3530.
Diffstat (limited to 'cpukit/ftpd/ftpd.c')
-rw-r--r-- | cpukit/ftpd/ftpd.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/cpukit/ftpd/ftpd.c b/cpukit/ftpd/ftpd.c index b319dae9ed..08c39da31f 100644 --- a/cpukit/ftpd/ftpd.c +++ b/cpukit/ftpd/ftpd.c @@ -1879,14 +1879,9 @@ static void session(rtems_task_argument arg) { FTPD_SessionInfo_t *const info = (FTPD_SessionInfo_t *)arg; - int chroot_made = 0; + bool chroot_made = false; - rtems_libio_set_private_env(); - - /* chroot() can fail here because the directory may not exist yet. */ - chroot_made = chroot(ftpd_root) == 0; - - while(1) + while (1) { rtems_event_set set; int rv; @@ -1894,8 +1889,14 @@ session(rtems_task_argument arg) rtems_event_receive(FTPD_RTEMS_EVENT, RTEMS_EVENT_ANY, RTEMS_NO_TIMEOUT, &set); - chroot_made = chroot_made || chroot(ftpd_root) == 0; + chroot_made = chroot_made + || (rtems_libio_set_private_env() == RTEMS_SUCCESSFUL + && chroot(ftpd_root) == 0); + /* + * The chdir() must immediatly follow the chroot(), otherwise static + * analysis tools may complain about a security issue. + */ rv = chroot_made ? chdir("/") : -1; errno = 0; |