diff options
| author |  smitsohu <smitsohu@gmail.com> | 2021-06-07 22:59:41 +0200 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2021-06-07 22:59:41 +0200 |
| commit | 4098cb437d822f802cc44e217a1f72f73960b797 (patch) | |
| tree | c57a20c0fa45ea03630e6e420320d0d750929499 | |
| parent | fix OOB (diff) | |
| download | firejail-4098cb437d822f802cc44e217a1f72f73960b797.tar.gz firejail-4098cb437d822f802cc44e217a1f72f73960b797.tar.zst firejail-4098cb437d822f802cc44e217a1f72f73960b797.zip | |
misc
| -rw-r--r-- | src/firejail/dhcp.c | 9 | ||||
| -rw-r--r-- | src/firejail/main.c | 10 |
2 files changed, 9 insertions, 10 deletions
diff --git a/src/firejail/dhcp.c b/src/firejail/dhcp.c index 5bcdcad37..47dd39ac0 100644 --- a/src/firejail/dhcp.c +++ b/src/firejail/dhcp.c | |||
| @@ -153,14 +153,11 @@ void dhcp_start(void) { | |||
| 153 | if (!any_dhcp()) | 153 | if (!any_dhcp()) |
| 154 | return; | 154 | return; |
| 155 | 155 | ||
| 156 | char *dhclient_path = RUN_MNT_DIR "/dhclient";; | 156 | char *dhclient_path = RUN_MNT_DIR "/dhclient"; |
| 157 | struct stat s; | 157 | struct stat s; |
| 158 | if (stat(dhclient_path, &s) == -1) { | 158 | if (stat(dhclient_path, &s) == -1) { |
| 159 | dhclient_path = "/usr/sbin/dhclient"; | 159 | fprintf(stderr, "Error: %s was not found.\n", dhclient_path); |
| 160 | if (stat(dhclient_path, &s) == -1) { | 160 | exit(1); |
| 161 | fprintf(stderr, "Error: dhclient was not found.\n"); | ||
| 162 | exit(1); | ||
| 163 | } | ||
| 164 | } | 161 | } |
| 165 | 162 | ||
| 166 | sbox_run(SBOX_ROOT| SBOX_SECCOMP, 4, PATH_FCOPY, "--follow-link", dhclient_path, RUN_MNT_DIR); | 163 | sbox_run(SBOX_ROOT| SBOX_SECCOMP, 4, PATH_FCOPY, "--follow-link", dhclient_path, RUN_MNT_DIR); |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 7ec2d6114..12ac01de7 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -862,12 +862,11 @@ static void run_cmd_and_exit(int i, int argc, char **argv) { | |||
| 862 | char *guess_shell(void) { | 862 | char *guess_shell(void) { |
| 863 | const char *shell; | 863 | const char *shell; |
| 864 | char *retval; | 864 | char *retval; |
| 865 | struct stat s; | ||
| 866 | 865 | ||
| 867 | shell = env_get("SHELL"); | 866 | shell = env_get("SHELL"); |
| 868 | if (shell) { | 867 | if (shell) { |
| 869 | invalid_filename(shell, 0); // no globbing | 868 | invalid_filename(shell, 0); // no globbing |
| 870 | if (!is_dir(shell) && strstr(shell, "..") == NULL && stat(shell, &s) == 0 && access(shell, X_OK) == 0 && | 869 | if (access(shell, X_OK) == 0 && !is_dir(shell) && strstr(shell, "..") == NULL && |
| 871 | strcmp(shell, PATH_FIREJAIL) != 0) | 870 | strcmp(shell, PATH_FIREJAIL) != 0) |
| 872 | goto found; | 871 | goto found; |
| 873 | } | 872 | } |
| @@ -878,12 +877,15 @@ char *guess_shell(void) { | |||
| 878 | int i = 0; | 877 | int i = 0; |
| 879 | while (shells[i] != NULL) { | 878 | while (shells[i] != NULL) { |
| 880 | // access call checks as real UID/GID, not as effective UID/GID | 879 | // access call checks as real UID/GID, not as effective UID/GID |
| 881 | if (stat(shells[i], &s) == 0 && access(shells[i], X_OK) == 0) { | 880 | if (access(shells[i], X_OK) == 0) { |
| 882 | shell = shells[i]; | 881 | shell = shells[i]; |
| 883 | break; | 882 | goto found; |
| 884 | } | 883 | } |
| 885 | i++; | 884 | i++; |
| 886 | } | 885 | } |
| 886 | |||
| 887 | return NULL; | ||
| 888 | |||
| 887 | found: | 889 | found: |
| 888 | retval = strdup(shell); | 890 | retval = strdup(shell); |
| 889 | if (!retval) | 891 | if (!retval) |