nsenter / switch_root: fix insecure chroot [coverity scan]

If a call to chroot is not followed by a call to chdir("/") the chroot jail confinement can be violated. See also CWE-243. CID: 360718 CID: 360800 Reference: http://cwe.mitre.org/data/definitions/243.html Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2020-08-09 12:51:11 +01:00 · 2020-08-09 12:51:11 +01:00 · 12558a4c47
parent d2ab69ff61
commit 12558a4c47
2 changed files with 8 additions and 0 deletions
--- a/sys-utils/nsenter.c
+++ b/sys-utils/nsenter.c
@ -457,6 +457,8 @@ int main(int argc, char *argv[])

 		if (chroot(".") < 0)
 			err(EXIT_FAILURE, _("chroot failed"));
+		if (chdir("/"))
+			err(EXIT_FAILURE, _("cannot change directory to %s"), "/");

 		close(root_fd);
 		root_fd = -1;
--- a/sys-utils/switch_root.c
+++ b/sys-utils/switch_root.c
@ -180,6 +180,12 @@ static int switchroot(const char *newroot)
 		return -1;
 	}

+	if (chdir("/")) {
+		close(cfd);
+		warn(_("cannot change directory to %s"), "/");
+		return -1;
+	}
+
 	pid = fork();
 	if (pid <= 0) {
 		struct statfs stfs;