From fd6168c16c215c69869f078920ee7ffd69606c49 Mon Sep 17 00:00:00 2001 From: dtucker Date: Mon, 3 Oct 2005 08:11:24 +0000 Subject: [PATCH] - djm@cvs.openbsd.org 2005/09/13 23:40:07 [sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c] ensure that stdio fds are attached; ok deraadt@ --- ChangeLog | 4 ++++ misc.c | 22 +++++++++++++++++++++- misc.h | 3 ++- scp.c | 5 ++++- sftp-server.c | 6 +++++- sftp.c | 5 ++++- ssh-add.c | 5 ++++- ssh-agent.c | 5 ++++- ssh-keygen.c | 5 ++++- ssh-keyscan.c | 5 ++++- ssh-keysign.c | 9 ++++++++- ssh.c | 5 ++++- sshd.c | 5 ++++- 13 files changed, 72 insertions(+), 12 deletions(-) diff --git a/ChangeLog b/ChangeLog index db5a67c2..bab6e22f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,10 @@ - markus@cvs.openbsd.org 2005/09/09 19:18:05 [clientloop.c] typo; from mark at mcs.vuw.ac.nz, bug #1082 + - djm@cvs.openbsd.org 2005/09/13 23:40:07 + [sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c + scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c] + ensure that stdio fds are attached; ok deraadt@ 20050930 - (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype diff --git a/misc.c b/misc.c index 2dd8ae6e..27b947f0 100644 --- a/misc.c +++ b/misc.c @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.34 2005/07/08 09:26:18 dtucker Exp $"); +RCSID("$OpenBSD: misc.c,v 1.35 2005/09/13 23:40:07 djm Exp $"); #include "misc.h" #include "log.h" @@ -507,6 +507,26 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, return -1; } +void +sanitise_stdfd(void) +{ + int nullfd; + + if ((nullfd = open(_PATH_DEVNULL, O_RDWR)) == -1) { + fprintf(stderr, "Couldn't open /dev/null: %s", strerror(errno)); + exit(1); + } + while (nullfd < 2) { + if (dup2(nullfd, nullfd + 1) == -1) { + fprintf(stderr, "dup2: %s", strerror(errno)); + exit(1); + } + nullfd++; + } + if (nullfd > 2) + close(nullfd); +} + char * tohex(const u_char *d, u_int l) { diff --git a/misc.h b/misc.h index 2d630feb..51541336 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.25 2005/07/14 04:00:43 dtucker Exp $ */ +/* $OpenBSD: misc.h,v 1.26 2005/09/13 23:40:07 djm Exp $ */ /* * Author: Tatu Ylonen @@ -27,6 +27,7 @@ long convtime(const char *); char *tilde_expand_filename(const char *, uid_t); char *percent_expand(const char *, ...) __attribute__((__sentinel__)); char *tohex(const u_char *, u_int); +void sanitise_stdfd(void); struct passwd *pwcopy(struct passwd *); diff --git a/scp.c b/scp.c index 1407aa71..58c00442 100644 --- a/scp.c +++ b/scp.c @@ -71,7 +71,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: scp.c,v 1.125 2005/07/27 10:39:03 dtucker Exp $"); +RCSID("$OpenBSD: scp.c,v 1.126 2005/09/13 23:40:07 djm Exp $"); #include "xmalloc.h" #include "atomicio.h" @@ -222,6 +222,9 @@ main(int argc, char **argv) extern char *optarg; extern int optind; + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + __progname = ssh_get_progname(argv[0]); args.list = NULL; diff --git a/sftp-server.c b/sftp-server.c index 6870e773..e7d000cf 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -14,13 +14,14 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "includes.h" -RCSID("$OpenBSD: sftp-server.c,v 1.48 2005/06/17 02:44:33 djm Exp $"); +RCSID("$OpenBSD: sftp-server.c,v 1.49 2005/09/13 23:40:07 djm Exp $"); #include "buffer.h" #include "bufaux.h" #include "getput.h" #include "log.h" #include "xmalloc.h" +#include "misc.h" #include "sftp.h" #include "sftp-common.h" @@ -1036,6 +1037,9 @@ main(int ac, char **av) int in, out, max; ssize_t len, olen, set_size; + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + /* XXX should use getopt */ __progname = ssh_get_progname(av[0]); diff --git a/sftp.c b/sftp.c index f98ed7d2..f29927c0 100644 --- a/sftp.c +++ b/sftp.c @@ -16,7 +16,7 @@ #include "includes.h" -RCSID("$OpenBSD: sftp.c,v 1.66 2005/08/08 13:22:48 jaredy Exp $"); +RCSID("$OpenBSD: sftp.c,v 1.67 2005/09/13 23:40:07 djm Exp $"); #ifdef USE_LIBEDIT #include @@ -1447,6 +1447,9 @@ main(int argc, char **argv) extern int optind; extern char *optarg; + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + __progname = ssh_get_progname(argv[0]); args.list = NULL; addargs(&args, "ssh"); /* overwritten with ssh_program */ diff --git a/ssh-add.c b/ssh-add.c index a3428769..749a7682 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-add.c,v 1.72 2005/07/17 07:17:55 djm Exp $"); +RCSID("$OpenBSD: ssh-add.c,v 1.73 2005/09/13 23:40:07 djm Exp $"); #include @@ -312,6 +312,9 @@ main(int argc, char **argv) char *sc_reader_id = NULL; int i, ch, deleting = 0, ret = 0; + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + __progname = ssh_get_progname(argv[0]); init_rng(); seed_rng(); diff --git a/ssh-agent.c b/ssh-agent.c index dd7e22ad..6f0ba130 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include "openbsd-compat/sys-queue.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.122 2004/10/29 22:53:56 djm Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.123 2005/09/13 23:40:07 djm Exp $"); #include #include @@ -1008,6 +1008,9 @@ main(int ac, char **av) pid_t pid; char pidstrbuf[1 + 3 * sizeof pid]; + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + /* drop */ setegid(getgid()); setgid(getgid()); diff --git a/ssh-keygen.c b/ssh-keygen.c index b1785194..92803da4 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.128 2005/07/17 07:17:55 djm Exp $"); +RCSID("$OpenBSD: ssh-keygen.c,v 1.129 2005/09/13 23:40:07 djm Exp $"); #include #include @@ -1018,6 +1018,9 @@ main(int ac, char **av) extern int optind; extern char *optarg; + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + __progname = ssh_get_progname(av[0]); SSLeay_add_all_algorithms(); diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 46f06368..8ac97bd3 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -7,7 +7,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keyscan.c,v 1.55 2005/06/17 02:44:33 djm Exp $"); +RCSID("$OpenBSD: ssh-keyscan.c,v 1.56 2005/09/13 23:40:07 djm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -712,6 +712,9 @@ main(int argc, char **argv) seed_rng(); TAILQ_INIT(&tq); + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + if (argc <= 1) usage(); diff --git a/ssh-keysign.c b/ssh-keysign.c index 04597a91..dae3a2e8 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -22,7 +22,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: ssh-keysign.c,v 1.18 2004/08/23 14:29:23 dtucker Exp $"); +RCSID("$OpenBSD: ssh-keysign.c,v 1.19 2005/09/13 23:40:07 djm Exp $"); #include #include @@ -148,6 +148,13 @@ main(int argc, char **argv) u_int slen, dlen; u_int32_t rnd[256]; + /* Ensure that stdin and stdout are connected */ + if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2) + exit(1); + /* Leave /dev/null fd iff it is attached to stderr */ + if (fd > 2) + close(fd); + key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); diff --git a/ssh.c b/ssh.c index c9e5aac7..31d09b1b 100644 --- a/ssh.c +++ b/ssh.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.249 2005/07/30 01:26:16 djm Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.250 2005/09/13 23:40:07 djm Exp $"); #include #include @@ -188,6 +188,9 @@ main(int ac, char **av) struct servent *sp; Forward fwd; + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + __progname = ssh_get_progname(av[0]); init_rng(); diff --git a/sshd.c b/sshd.c index e9125a22..ceb85dd5 100644 --- a/sshd.c +++ b/sshd.c @@ -42,7 +42,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.312 2005/07/25 11:59:40 markus Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.313 2005/09/13 23:40:07 djm Exp $"); #include #include @@ -924,6 +924,9 @@ main(int ac, char **av) if (geteuid() == 0 && setgroups(0, NULL) == -1) debug("setgroups(): %.200s", strerror(errno)); + /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ + sanitise_stdfd(); + /* Initialize configuration options to their default values. */ initialize_server_options(&options); -- 2.45.2