Looks good.
Ricardo Mestre <[email protected]> wrote:
> Hi,
>
> pcidump(8) only opens devices in O_RDONLY from /dev, and additionally writes a
> `romfile' if -r is used, but since I'm only unveiling after that file is
> actually opened there's no need to unveil it as well.
>
> All combination of parameters were tested, comments, OK?
>
> Index: pcidump.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/pcidump/pcidump.c,v
> retrieving revision 1.55
> diff -u -p -u -r1.55 pcidump.c
> --- pcidump.c 28 Jun 2019 13:32:49 -0000 1.55
> +++ pcidump.c 29 Nov 2019 14:54:32 -0000
> @@ -188,6 +188,9 @@ main(int argc, char *argv[])
> err(1, "%s", romfile);
> }
>
> + if (unveil("/dev", "r") == -1)
> + err(1, "unveil");
> +
> if (hex > 1)
> size = 256;
> if (hex > 2)
