diff options
author | smitsohu <smitsohu@gmail.com> | 2021-06-07 22:59:41 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2021-06-07 22:59:41 +0200 |
commit | 4098cb437d822f802cc44e217a1f72f73960b797 (patch) | |
tree | c57a20c0fa45ea03630e6e420320d0d750929499 | |
parent | fix OOB (diff) | |
download | firejail-4098cb437d822f802cc44e217a1f72f73960b797.tar.gz firejail-4098cb437d822f802cc44e217a1f72f73960b797.tar.zst firejail-4098cb437d822f802cc44e217a1f72f73960b797.zip |
misc
-rw-r--r-- | src/firejail/dhcp.c | 9 | ||||
-rw-r--r-- | src/firejail/main.c | 10 |
2 files changed, 9 insertions, 10 deletions
diff --git a/src/firejail/dhcp.c b/src/firejail/dhcp.c index 5bcdcad37..47dd39ac0 100644 --- a/src/firejail/dhcp.c +++ b/src/firejail/dhcp.c | |||
@@ -153,14 +153,11 @@ void dhcp_start(void) { | |||
153 | if (!any_dhcp()) | 153 | if (!any_dhcp()) |
154 | return; | 154 | return; |
155 | 155 | ||
156 | char *dhclient_path = RUN_MNT_DIR "/dhclient";; | 156 | char *dhclient_path = RUN_MNT_DIR "/dhclient"; |
157 | struct stat s; | 157 | struct stat s; |
158 | if (stat(dhclient_path, &s) == -1) { | 158 | if (stat(dhclient_path, &s) == -1) { |
159 | dhclient_path = "/usr/sbin/dhclient"; | 159 | fprintf(stderr, "Error: %s was not found.\n", dhclient_path); |
160 | if (stat(dhclient_path, &s) == -1) { | 160 | exit(1); |
161 | fprintf(stderr, "Error: dhclient was not found.\n"); | ||
162 | exit(1); | ||
163 | } | ||
164 | } | 161 | } |
165 | 162 | ||
166 | sbox_run(SBOX_ROOT| SBOX_SECCOMP, 4, PATH_FCOPY, "--follow-link", dhclient_path, RUN_MNT_DIR); | 163 | sbox_run(SBOX_ROOT| SBOX_SECCOMP, 4, PATH_FCOPY, "--follow-link", dhclient_path, RUN_MNT_DIR); |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 7ec2d6114..12ac01de7 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -862,12 +862,11 @@ static void run_cmd_and_exit(int i, int argc, char **argv) { | |||
862 | char *guess_shell(void) { | 862 | char *guess_shell(void) { |
863 | const char *shell; | 863 | const char *shell; |
864 | char *retval; | 864 | char *retval; |
865 | struct stat s; | ||
866 | 865 | ||
867 | shell = env_get("SHELL"); | 866 | shell = env_get("SHELL"); |
868 | if (shell) { | 867 | if (shell) { |
869 | invalid_filename(shell, 0); // no globbing | 868 | invalid_filename(shell, 0); // no globbing |
870 | if (!is_dir(shell) && strstr(shell, "..") == NULL && stat(shell, &s) == 0 && access(shell, X_OK) == 0 && | 869 | if (access(shell, X_OK) == 0 && !is_dir(shell) && strstr(shell, "..") == NULL && |
871 | strcmp(shell, PATH_FIREJAIL) != 0) | 870 | strcmp(shell, PATH_FIREJAIL) != 0) |
872 | goto found; | 871 | goto found; |
873 | } | 872 | } |
@@ -878,12 +877,15 @@ char *guess_shell(void) { | |||
878 | int i = 0; | 877 | int i = 0; |
879 | while (shells[i] != NULL) { | 878 | while (shells[i] != NULL) { |
880 | // access call checks as real UID/GID, not as effective UID/GID | 879 | // access call checks as real UID/GID, not as effective UID/GID |
881 | if (stat(shells[i], &s) == 0 && access(shells[i], X_OK) == 0) { | 880 | if (access(shells[i], X_OK) == 0) { |
882 | shell = shells[i]; | 881 | shell = shells[i]; |
883 | break; | 882 | goto found; |
884 | } | 883 | } |
885 | i++; | 884 | i++; |
886 | } | 885 | } |
886 | |||
887 | return NULL; | ||
888 | |||
887 | found: | 889 | found: |
888 | retval = strdup(shell); | 890 | retval = strdup(shell); |
889 | if (!retval) | 891 | if (!retval) |