Check the return error of set[e][ug]id. While this can never fail in the

current version of FreeBSD, this isn't guarenteed by the API. Custom security modules, or future implementations of the setuid and setgid may fail. Submitted by: Erik Cederstrand Approved by: cperciva MFC after: 3 days
author: eadler <eadler@FreeBSD.org> 2012-10-22 03:07:05 +0000
committer: eadler <eadler@FreeBSD.org> 2012-10-22 03:07:05 +0000
commit: a603c87b0251c5b6077c28864b1aeb21c40f4086 (patch)
tree: 90ec7fe4bf0dae506d699603babb4917082f098a /sbin/ccdconfig
parent: b55c76b1b0ad13886a22eb6abb2363bb324bc7cb (diff)
download: FreeBSD-src-a603c87b0251c5b6077c28864b1aeb21c40f4086.zip
FreeBSD-src-a603c87b0251c5b6077c28864b1aeb21c40f4086.tar.gz
1 files changed, 6 insertions, 3 deletions
diff --git a/sbin/ccdconfig/ccdconfig.c b/sbin/ccdconfig/ccdconfig.c
index 6324150..76867ba 100644
--- a/sbin/ccdconfig/ccdconfig.c
+++ b/sbin/ccdconfig/ccdconfig.c
@@ -288,13 +288,16 @@ do_all(int action)
 
 	rval = 0;
 	egid = getegid();
-	setegid(getgid());
+	if (setegid(getgid()) != 0)
+		err(1, "setegid failed");
 	if ((f = fopen(ccdconf, "r")) == NULL) {
-		setegid(egid);
+		if (setegid(egid) != 0)
+			err(1, "setegid failed");
 		warn("fopen: %s", ccdconf);
 		return (1);
 	}
-	setegid(egid);
+	if (setegid(egid) != 0)
+		err(1, "setegid failed");
 
 	while (fgets(line, sizeof(line), f) != NULL) {
 		argc = 0;
author	eadler <eadler@FreeBSD.org>	2012-10-22 03:07:05 +0000
committer	eadler <eadler@FreeBSD.org>	2012-10-22 03:07:05 +0000
commit	a603c87b0251c5b6077c28864b1aeb21c40f4086 (patch)
tree	90ec7fe4bf0dae506d699603babb4917082f098a /sbin/ccdconfig
parent	b55c76b1b0ad13886a22eb6abb2363bb324bc7cb (diff)
download	FreeBSD-src-a603c87b0251c5b6077c28864b1aeb21c40f4086.zip FreeBSD-src-a603c87b0251c5b6077c28864b1aeb21c40f4086.tar.gz