diff options
author | Ted Gould <ted@gould.cx> | 2012-08-30 08:12:48 +0000 |
---|---|---|
committer | Tarmac <> | 2012-08-30 08:12:48 +0000 |
commit | 0160c961eb0e5a1ead77bf18d75df56aba34022a (patch) | |
tree | 68008a85702e841141662d78ae3d51a44c38179f | |
parent | 3c0dce874eeb33720f8b136e661035598689d302 (diff) | |
parent | e2d8b821e5047519f673462b6301e8d19ad170ce (diff) | |
download | lightdm-remote-session-arctica-0160c961eb0e5a1ead77bf18d75df56aba34022a.tar.gz lightdm-remote-session-arctica-0160c961eb0e5a1ead77bf18d75df56aba34022a.tar.bz2 lightdm-remote-session-arctica-0160c961eb0e5a1ead77bf18d75df56aba34022a.zip |
Checking return values and enabling PIE to increase security. Fixes: https://bugs.launchpad.net/bugs/1039636. Approved by Albert Astals Cid, jenkins.
-rw-r--r-- | Makefile.am | 5 | ||||
-rw-r--r-- | socket-sucker.c | 14 |
2 files changed, 16 insertions, 3 deletions
diff --git a/Makefile.am b/Makefile.am index df8fa8e..bf4b300 100644 --- a/Makefile.am +++ b/Makefile.am @@ -22,6 +22,11 @@ pkglibexec_PROGRAMS = \ socket-sucker socket_sucker_SOURCES = \ socket-sucker.c +socket_sucker_CFLAGS = \ + -Wall -Werror \ + -fPIE +socket_sucker_LDFLAGS = \ + -pie EXTRA_DIST = \ $(pam_session_DATA) \ diff --git a/socket-sucker.c b/socket-sucker.c index 7a1e82f..35424a6 100644 --- a/socket-sucker.c +++ b/socket-sucker.c @@ -41,7 +41,12 @@ main (int argc, char * argv[]) } serv_addr.sun_family = AF_UNIX; - snprintf(serv_addr.sun_path, sizeof(serv_addr.sun_path), "%s/%s", home, ".freerdp-socket"); + + int printsize = snprintf(serv_addr.sun_path, sizeof(serv_addr.sun_path) - 1, "%s/%s", home, ".freerdp-socket"); + if (printsize > sizeof(serv_addr.sun_path) - 1 || printsize < 0) { + return -1; + } + servlen = strlen(serv_addr.sun_path) + sizeof(serv_addr.sun_family); if ((socket_fd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) { @@ -57,11 +62,14 @@ main (int argc, char * argv[]) int out = 0; in = read(socket_fd, buffer, BUFFER_SIZE); - out = write(1, buffer, in); + + if (in > 0) { + out = write(1, buffer, in); + } close(socket_fd); - if (in == 0) { + if (in > 0 && out > 0) { return 0; } else { return -1; |