On Fri, Jun 09, 2017 at 11:55:26PM +0200, Adam Wolk wrote:
> On Fri, Jun 09, 2017 at 11:54:03PM +0200, Adam Wolk wrote:
> > On Fri, Jun 09, 2017 at 09:28:29PM +0000, ra...@openmailbox.org wrote:
> > > Hello!
> > >
> > > Here is a patch with a pledge bugfix in netcat and some minor style
> > > improvements.
> > >
> > > An example of how to trigger the bug:
> > >
> > > $ nc -Ptest -v -c blog.tintagel.pl 443
> > > nc: pledge: Operation not permitted
> > >
> > > credits to
> > > * awolk@ for drawing attention to netcat.
> > > * Juuso Lapinlampi for suggesting to alphabetically order the #includes.
> > > * rajak for pointing out the missing space in the error message.
> > > * brynet for pledge style improvements.
> > >
> > >
> >
> > OK awolk@ for the updated diff (I'm attaching it inline).
>
> forgot the diff
I'm ok with the diff, although I really wish there was a way to simplify
the convoluted mess that is the pledge logic in this program.
How many codepaths are there in which the second group of pledge calls
actually does anything? Are there any?
> Index: usr.bin/nc/netcat.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/nc/netcat.c,v
> retrieving revision 1.178
> diff -u -p -u -p -r1.178 netcat.c
> --- usr.bin/nc/netcat.c 9 Mar 2017 13:58:00 -0000 1.178
> +++ usr.bin/nc/netcat.c 9 Jun 2017 21:16:25 -0000
> @@ -53,8 +53,8 @@
> #include <stdlib.h>
> #include <string.h>
> #include <time.h>
> -#include <unistd.h>
> #include <tls.h>
> +#include <unistd.h>
> #include "atomicio.h"
>
> #define PORT_MAX 65535
> @@ -340,7 +340,7 @@ main(int argc, char *argv[])
> } else if (pledge("stdio inet dns sendfd", NULL) == -1)
> err(1, "pledge");
> } else if (Pflag) {
> - if (pledge("stdio inet dns tty", NULL) == -1)
> + if (pledge("stdio rpath inet dns tty", NULL) == -1)
> err(1, "pledge");
> } else if (usetls) {
> if (pledge("stdio rpath inet dns", NULL) == -1)
> @@ -461,9 +461,9 @@ main(int argc, char *argv[])
>
> if (usetls) {
> if (Pflag) {
> - if (pledge("stdio inet dns tty rpath", NULL) == -1)
> + if (pledge("stdio rpath inet dns tty", NULL) == -1)
> err(1, "pledge");
> - } else if (pledge("stdio inet dns rpath", NULL) == -1)
> + } else if (pledge("stdio rpath inet dns", NULL) == -1)
> err(1, "pledge");
>
> if (tls_init() == -1)
> @@ -492,7 +492,7 @@ main(int argc, char *argv[])
> if (TLSopt & TLS_NOVERIFY) {
> if (tls_expecthash != NULL)
> errx(1, "-H and -T noverify may not be used"
> - "together");
> + " together");
> tls_config_insecure_noverifycert(tls_cfg);
> }
> if (TLSopt & TLS_MUSTSTAPLE)
