From cf1e38c210b12a504bebf4b63b2a0abfd7d023e0 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Mon, 26 Sep 2016 12:27:27 -0400
Subject: CVE-2016-7545

---
 src/firejail/main.c    | 3 +++
 src/firejail/sandbox.c | 7 +++++++
 2 files changed, 10 insertions(+)

(limited to 'src')

diff --git a/src/firejail/main.c b/src/firejail/main.c
index 1f2ee9573..135ff17d8 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -35,6 +35,8 @@
 #include <signal.h>
 #include <time.h>
 #include <net/if.h>
+#include <sys/ioctl.h>
+#include <termios.h>
 
 #if 0
 #include <sys/times.h>
@@ -141,6 +143,7 @@ static void myexit(int rv) {
 	EUID_ROOT();
 	clear_run_files(sandbox_pid);
 	appimage_clear();
+	ioctl(0, TCFLSH, TCIFLUSH);
 		
 	exit(rv); 
 }
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index cc5483c08..08296d823 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -28,6 +28,8 @@
 #include <sys/types.h>
 #include <dirent.h>
 #include <errno.h>
+#include <sys/ioctl.h>
+#include <termios.h>
 
 #include <sched.h>
 #ifndef CLONE_NEWUSER
@@ -80,8 +82,10 @@ static void sandbox_handler(int sig){
 		
 	}
 
+
 	// broadcast a SIGKILL
 	kill(-1, SIGKILL);
+	ioctl(0, TCFLSH, TCIFLUSH);
 	exit(sig);
 }
 
@@ -290,6 +294,8 @@ void start_audit(void) {
 }
 
 void start_application(void) {
+//if (setsid() == -1)
+//errExit("setsid");
 	//****************************************
 	// audit
 	//****************************************
@@ -890,6 +896,7 @@ int sandbox(void* sandbox_arg) {
 	}
 
 	int status = monitor_application(app_pid);	// monitor application
+	ioctl(0, TCFLSH, TCIFLUSH);
 
 	if (WIFEXITED(status)) {
 		// if we had a proper exit, return that exit status
-- 
cgit v1.2.3-70-g09d2