nsenter / switch_root: fix insecure chroot [coverity scan]
If a call to chroot is not followed by a call to chdir("/") the chroot jail confinement can be violated. See also CWE-243. CID: 360718 CID: 360800 Reference: http://cwe.mitre.org/data/definitions/243.html Signed-off-by: Sami Kerola <kerolasa@iki.fi>
This commit is contained in:
parent
d2ab69ff61
commit
12558a4c47
|
@ -457,6 +457,8 @@ int main(int argc, char *argv[])
|
|||
|
||||
if (chroot(".") < 0)
|
||||
err(EXIT_FAILURE, _("chroot failed"));
|
||||
if (chdir("/"))
|
||||
err(EXIT_FAILURE, _("cannot change directory to %s"), "/");
|
||||
|
||||
close(root_fd);
|
||||
root_fd = -1;
|
||||
|
|
|
@ -180,6 +180,12 @@ static int switchroot(const char *newroot)
|
|||
return -1;
|
||||
}
|
||||
|
||||
if (chdir("/")) {
|
||||
close(cfd);
|
||||
warn(_("cannot change directory to %s"), "/");
|
||||
return -1;
|
||||
}
|
||||
|
||||
pid = fork();
|
||||
if (pid <= 0) {
|
||||
struct statfs stfs;
|
||||
|
|
Loading…
Reference in New Issue