Greetings all -
It was suggested that I send this diff here.
Looking at the sourcest this morning at:
https://github.com/openssh/openssh-portable/blob/master/sandbox-capsicum.c
It appears this issue is still present in the current
openssh sources.
Thanks.
-Kurt
-------- Forwarded Message --------
Received: from torb.pix.net (torb.pix.net [192.168.16.32])
(authenticated bits=0) by hydra.pix.net (8.15.2/8.15.2) with ESMTPA id
u6SEq3nf099212; Thu, 28 Jul 2016 10:52:03 -0400 (EDT) (envelope-from
lidl@xxxxxxxxxxx)
Reply-To: lidl@xxxxxxxxxxx
From: Kurt Lidl <lidl@xxxxxxxxxxx>
Subject: Fix calls to fatal with %m
Date: Thu, 28 Jul 2016 10:52:03 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0)
Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="------------DCB06C229DDEDAE6995F142E"
When working on the blacklist support patch rework,
I came across the following bug. Namely, the use
of %m in the messages sent to fatal(). The fatal()
function does not support %m.
Do you approve of this diff, and if so, may I commit it?
-Kurt
From b3b86d390c662c2e8e52bcd5a844a497d9697cd4 Mon Sep 17 00:00:00 2001
From: Kurt Lidl <lidl@xxxxxxxxxxx>
Date: Thu, 28 Jul 2016 10:45:49 -0400
Subject: [PATCH] Fix usages of %m in fatal() function
Unlike syslog(), fatal() does not support a %m modifier.
Do the conversion of the errno to a string via strerror().
---
crypto/openssh/sandbox-capsicum.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/crypto/openssh/sandbox-capsicum.c b/crypto/openssh/sandbox-capsicum.c
index 5f41d52..1782832 100644
--- a/crypto/openssh/sandbox-capsicum.c
+++ b/crypto/openssh/sandbox-capsicum.c
@@ -88,11 +88,11 @@ ssh_sandbox_child(struct ssh_sandbox *box)
cap_rights_init(&rights);
if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS)
- fatal("can't limit stdin: %m");
+ fatal("can't limit stdin: %s", strerror(errno));
if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS)
- fatal("can't limit stdout: %m");
+ fatal("can't limit stdout: %s", strerror(errno));
if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS)
- fatal("can't limit stderr: %m");
+ fatal("can't limit stderr: %s", strerror(errno));
cap_rights_init(&rights, CAP_READ, CAP_WRITE);
if (cap_rights_limit(box->monitor->m_recvfd, &rights) < 0 &&
--
2.9.2
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev