Commit | Line | Data |
---|---|---|
0c0c20aa AM |
1 | From a1f36d86760def10138c1053eb3b1882b281fcd9 Mon Sep 17 00:00:00 2001 |
2 | From: Qualys Security Advisory <qsa@qualys.com> | |
3 | Date: Sun, 21 Feb 2021 21:53:55 -0800 | |
4 | Subject: [PATCH 14/29] CVE-2020-28012: Missing close-on-exec flag for | |
5 | privileged pipe | |
6 | ||
7 | --- | |
8 | src/rda.c | 4 ++++ | |
9 | 1 file changed, 4 insertions(+) | |
10 | ||
11 | diff --git a/src/rda.c b/src/rda.c | |
12 | index 13f570928..c27e073a3 100644 | |
13 | --- a/src/rda.c | |
14 | +++ b/src/rda.c | |
15 | @@ -623,9 +623,13 @@ search_tidyup(); | |
16 | if ((pid = fork()) == 0) | |
17 | { | |
18 | header_line *waslast = header_last; /* Save last header */ | |
19 | + int fd_flags = -1; | |
20 | ||
21 | fd = pfd[pipe_write]; | |
22 | (void)close(pfd[pipe_read]); | |
23 | + | |
24 | + if ((fd_flags = fcntl(fd, F_GETFD)) == -1) goto bad; | |
25 | + if (fcntl(fd, F_SETFD, fd_flags | FD_CLOEXEC) == -1) goto bad; | |
26 | exim_setugid(ugid->uid, ugid->gid, FALSE, rname); | |
27 | ||
28 | /* Addresses can get rewritten in filters; if we are not root or the exim | |
29 | -- | |
30 | 2.30.2 | |
31 |