o pcred-removal changes included modifications to optimize the setting of

  the saved uid and gid during execve().  Unfortunately, the optimizations
  were incorrect in the case where the credential was updated, skipping
  the setting of the saved uid and gid when new credentials were generated.
  This change corrects that problem by handling the newcred!=NULL case
  correctly.

Reported/tested by:	David Malone <dwmalone@maths.tcd.ie>

Obtained from:	TrustedBSD Project

1 files changed, 8 insertions, 7 deletions

diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index e3ae485..0d7da41 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -334,17 +334,18 @@ interpret:
 	 * (replaced) euid and egid as the source, which may or may not be
 	 * the right ones to use.
 	 */
-	if (oldcred->cr_svuid != oldcred->cr_uid ||
-	    oldcred->cr_svgid != oldcred->cr_gid) {
-		/*
-		 * Avoid allocating a newcred if we don't have one yet and
-		 * the saved uid/gid update would be a noop.
-		 */
-		if (newcred == NULL)
+	if (newcred == NULL) {
+		if (oldcred->cr_svuid != oldcred->cr_uid ||
+		    oldcred->cr_svgid != oldcred->cr_gid) {
 			newcred = crdup(oldcred);
+			change_svuid(newcred, newcred->cr_uid);
+			change_svgid(newcred, newcred->cr_gid);
+		}
+	} else {
 		change_svuid(newcred, newcred->cr_uid);
 		change_svgid(newcred, newcred->cr_gid);
 	}
+
 	if (newcred != NULL) {
 		PROC_LOCK(p);
 		p->p_ucred = newcred;