diff options
| author | Mark Johnston <markj@FreeBSD.org> | 2019-01-21 03:48:30 +0000 |
|---|---|---|
| committer | Mark Johnston <markj@FreeBSD.org> | 2019-01-21 03:48:30 +0000 |
| commit | 4a9b0811d2eb842e0994ce08bc863005396b0917 (patch) | |
| tree | 1ee7bba7407645d6e29b08fc78ec1e50aff272ed /usr.bin/cmp | |
| parent | da265c176f13c47723b6ee537f2f54d42e025820 (diff) | |
Notes
Diffstat (limited to 'usr.bin/cmp')
| -rw-r--r-- | usr.bin/cmp/cmp.c | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/usr.bin/cmp/cmp.c b/usr.bin/cmp/cmp.c index c48a444b7c38..0c417abaae23 100644 --- a/usr.bin/cmp/cmp.c +++ b/usr.bin/cmp/cmp.c @@ -116,16 +116,14 @@ main(int argc, char *argv[]) if (argc < 2 || argc > 4) usage(); - if (caph_limit_stdio() == -1) - err(ERR_EXIT, "failed to limit stdio"); - /* Backward compatibility -- handle "-" meaning stdin. */ special = 0; if (strcmp(file1 = argv[0], "-") == 0) { special = 1; - fd1 = STDIN_FILENO; + fd1 = 0; file1 = "stdin"; - } else if ((fd1 = open(file1, oflag, 0)) < 0 && errno != EMLINK) { + } + else if ((fd1 = open(file1, oflag, 0)) < 0 && errno != EMLINK) { if (!sflag) err(ERR_EXIT, "%s", file1); else @@ -136,9 +134,10 @@ main(int argc, char *argv[]) errx(ERR_EXIT, "standard input may only be specified once"); special = 1; - fd2 = STDIN_FILENO; + fd2 = 0; file2 = "stdin"; - } else if ((fd2 = open(file2, oflag, 0)) < 0 && errno != EMLINK) { + } + else if ((fd2 = open(file2, oflag, 0)) < 0 && errno != EMLINK) { if (!sflag) err(ERR_EXIT, "%s", file2); else @@ -176,6 +175,16 @@ main(int argc, char *argv[]) if (cap_fcntls_limit(fd2, fcntls) < 0 && errno != ENOSYS) err(ERR_EXIT, "unable to limit fcntls for %s", file2); + if (!special) { + cap_rights_init(&rights); + if (caph_rights_limit(STDIN_FILENO, &rights) < 0) { + err(ERR_EXIT, "unable to limit stdio"); + } + } + + if (caph_limit_stdout() == -1 || caph_limit_stderr() == -1) + err(ERR_EXIT, "unable to limit stdio"); + caph_cache_catpages(); if (caph_enter() < 0) |