CVE-2016-7545

author: Aleksey Manevich <manevich.aleksey@gmail.com> 2016-09-26 21:33:39 +0300
committer: Aleksey Manevich <manevich.aleksey@gmail.com> 2016-09-26 21:33:39 +0300
commit: bde9fae007dd3c4b802c1652a7d7cbabf0aec237 (patch)
tree: 9e8796f53dddea0241df9ebf7bde7e42979069ee
parent: CVE-2016-7545 (diff)
download: firejail-bde9fae007dd3c4b802c1652a7d7cbabf0aec237.tar.gz
firejail-bde9fae007dd3c4b802c1652a7d7cbabf0aec237.tar.zst
firejail-bde9fae007dd3c4b802c1652a7d7cbabf0aec237.zip
2 files changed, 32 insertions, 3 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 135ff17d8..81765e3ff 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -143,7 +143,17 @@ static void myexit(int rv) {
        EUID_ROOT();
        clear_run_files(sandbox_pid);
        appimage_clear();
-        ioctl(0, TCFLSH, TCIFLUSH);
+        int fd = open("/dev/tty", O_RDWR);
+        if (fd != -1) {
+                ioctl(fd, TCFLSH, TCIFLUSH);
+                close(fd);
+        } else {
+                fprintf(stderr, "Warning: can't open /dev/tty, flushing stdin, stdout and stderr file descriptors instead\n");
+                ioctl(0, TCFLSH, TCIFLUSH);
+                ioctl(1, TCFLSH, TCIFLUSH);
+                ioctl(2, TCFLSH, TCIFLUSH);
+        }
                
        exit(rv); 
 }
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 08296d823..272737c06 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -30,6 +30,7 @@
 #include <errno.h>
 #include <sys/ioctl.h>
 #include <termios.h>
+#include <fcntl.h>
 #include <sched.h>
 #ifndef CLONE_NEWUSER
@@ -85,7 +86,16 @@ static void sandbox_handler(int sig){
        // broadcast a SIGKILL
        kill(-1, SIGKILL);
-        ioctl(0, TCFLSH, TCIFLUSH);
+        int fd = open("/dev/tty", O_RDWR);
+        if (fd != -1) {
+                ioctl(fd, TCFLSH, TCIFLUSH);
+                close(fd);
+        } else {
+                fprintf(stderr, "Warning: can't open /dev/tty, flushing stdin, stdout and stderr file descriptors instead\n");
+                ioctl(0, TCFLSH, TCIFLUSH);
+                ioctl(1, TCFLSH, TCIFLUSH);
+                ioctl(2, TCFLSH, TCIFLUSH);
+        }
        exit(sig);
 }
@@ -896,7 +906,16 @@ int sandbox(void* sandbox_arg) {
        }
        int status = monitor_application(app_pid);      // monitor application
-        ioctl(0, TCFLSH, TCIFLUSH);
+        int fd = open("/dev/tty", O_RDWR);
+        if (fd != -1) {
+                ioctl(fd, TCFLSH, TCIFLUSH);
+                close(fd);
+        } else {
+                fprintf(stderr, "Warning: can't open /dev/tty, flushing stdin, stdout and stderr file descriptors instead\n");
+                ioctl(0, TCFLSH, TCIFLUSH);
+                ioctl(1, TCFLSH, TCIFLUSH);
+                ioctl(2, TCFLSH, TCIFLUSH);
+        }
        if (WIFEXITED(status)) {
                // if we had a proper exit, return that exit status
author	Aleksey Manevich <manevich.aleksey@gmail.com>	2016-09-26 21:33:39 +0300
committer	Aleksey Manevich <manevich.aleksey@gmail.com>	2016-09-26 21:33:39 +0300
commit	bde9fae007dd3c4b802c1652a7d7cbabf0aec237 (patch)
tree	9e8796f53dddea0241df9ebf7bde7e42979069ee
parent	CVE-2016-7545 (diff)
download	firejail-bde9fae007dd3c4b802c1652a7d7cbabf0aec237.tar.gz firejail-bde9fae007dd3c4b802c1652a7d7cbabf0aec237.tar.zst firejail-bde9fae007dd3c4b802c1652a7d7cbabf0aec237.zip

diff --git a/src/firejail/main.c b/src/firejail/main.c index 135ff17d8..81765e3ff 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -143,7 +143,17 @@ static void myexit(int rv) {
143	EUID_ROOT();	143	EUID_ROOT();
144	clear_run_files(sandbox_pid);	144	clear_run_files(sandbox_pid);
145	appimage_clear();	145	appimage_clear();
146	ioctl(0, TCFLSH, TCIFLUSH);	146
		147	int fd = open("/dev/tty", O_RDWR);
		148	if (fd != -1) {
		149	ioctl(fd, TCFLSH, TCIFLUSH);
		150	close(fd);
		151	} else {
		152	fprintf(stderr, "Warning: can't open /dev/tty, flushing stdin, stdout and stderr file descriptors instead\n");
		153	ioctl(0, TCFLSH, TCIFLUSH);
		154	ioctl(1, TCFLSH, TCIFLUSH);
		155	ioctl(2, TCFLSH, TCIFLUSH);
		156	}
147		157
148	exit(rv);	158	exit(rv);
149	}	159	}


diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 08296d823..272737c06 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c
@@ -30,6 +30,7 @@
30	#include <errno.h>	30	#include <errno.h>
31	#include <sys/ioctl.h>	31	#include <sys/ioctl.h>
32	#include <termios.h>	32	#include <termios.h>
		33	#include <fcntl.h>
33		34
34	#include <sched.h>	35	#include <sched.h>
35	#ifndef CLONE_NEWUSER	36	#ifndef CLONE_NEWUSER
@@ -85,7 +86,16 @@ static void sandbox_handler(int sig){
85		86
86	// broadcast a SIGKILL	87	// broadcast a SIGKILL
87	kill(-1, SIGKILL);	88	kill(-1, SIGKILL);
88	ioctl(0, TCFLSH, TCIFLUSH);	89	int fd = open("/dev/tty", O_RDWR);
		90	if (fd != -1) {
		91	ioctl(fd, TCFLSH, TCIFLUSH);
		92	close(fd);
		93	} else {
		94	fprintf(stderr, "Warning: can't open /dev/tty, flushing stdin, stdout and stderr file descriptors instead\n");
		95	ioctl(0, TCFLSH, TCIFLUSH);
		96	ioctl(1, TCFLSH, TCIFLUSH);
		97	ioctl(2, TCFLSH, TCIFLUSH);
		98	}
89	exit(sig);	99	exit(sig);
90	}	100	}
91		101
@@ -896,7 +906,16 @@ int sandbox(void* sandbox_arg) {
896	}	906	}
897		907
898	int status = monitor_application(app_pid); // monitor application	908	int status = monitor_application(app_pid); // monitor application
899	ioctl(0, TCFLSH, TCIFLUSH);	909	int fd = open("/dev/tty", O_RDWR);
		910	if (fd != -1) {
		911	ioctl(fd, TCFLSH, TCIFLUSH);
		912	close(fd);
		913	} else {
		914	fprintf(stderr, "Warning: can't open /dev/tty, flushing stdin, stdout and stderr file descriptors instead\n");
		915	ioctl(0, TCFLSH, TCIFLUSH);
		916	ioctl(1, TCFLSH, TCIFLUSH);
		917	ioctl(2, TCFLSH, TCIFLUSH);
		918	}
900		919
901	if (WIFEXITED(status)) {	920	if (WIFEXITED(status)) {
902	// if we had a proper exit, return that exit status	921	// if we had a proper exit, return that exit status