Use setuid/seteuid around dangerous operations. Also a few buffer

overflow patches that were "near" to where these operations are taking
place.  The buffer overflows are from OpenBSD.  The setuid/seteuid patches
are from NetBSD by way of OpenBSD (they changed them a little), at least from
my read of the tree.

This is the first of a series of OpenBSD lpr/et al merges.  It (and them)
should be merged back into 2.2 and/or 2.1 (if requested) branches when they
have been shaken out in -current.
Obtained from: OpenBSD

1 files changed, 11 insertions, 6 deletions

diff --git a/usr.sbin/lpr/lpd/lpd.c b/usr.sbin/lpr/lpd/lpd.c
index 65c8891..1a7448a 100644
--- a/usr.sbin/lpr/lpd/lpd.c
+++ b/usr.sbin/lpr/lpd/lpd.c
@@ -107,6 +107,8 @@ static void       startup __P((void));
 static void       chkhost __P((struct sockaddr_in *));
 static int	  ckqueue __P((char *));
 
+uid_t	uid, euid;
+
 int
 main(argc, argv)
 	int argc;
@@ -118,9 +120,17 @@ main(argc, argv)
 	struct sockaddr_in sin, frominet;
 	int omask, lfd;
 
+	euid = geteuid();	/* these shouldn't be different */
+	uid = getuid();
 	options = 0;
 	gethostname(host, sizeof(host));
-	name = argv[0];
+
+	name = "lpd";
+
+	if (euid != 0) {
+		fprintf(stderr,"lpd: must run as root\n");
+		exit(1);
+	}
 
 	while (--argc > 0) {
 		argv++;
@@ -532,11 +542,6 @@ chkhost(f)
 	int first = 1;
 	int good = 0;
 
-	f->sin_port = ntohs(f->sin_port);
-	if (f->sin_family != AF_INET || f->sin_port >= IPPORT_RESERVED ||
-	    f->sin_port == htons(20))
-		fatal("Malformed from address");
-
 	/* Need real hostname for temporary filenames */
 	hp = gethostbyaddr((char *)&f->sin_addr,
 	    sizeof(struct in_addr), f->sin_family);