]> granicus.if.org Git - shadow/commit
projects / shadow / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c07711d) | patch
Reset pid_child only if waitpid was successful.
authorTobias Stoeckmann <tobias@stoeckmann.org>
Sun, 14 May 2017 15:58:10 +0000 (17:58 +0200)
committerTobias Stoeckmann <tobias@stoeckmann.org>
Sun, 14 May 2017 15:58:10 +0000 (17:58 +0200)
commit7d82f203eeec881c584b2fa06539b39e82985d97
treef8cd807f3bdc2771b6fa7381e17c094e4d02d5f0tree | snapshot
parentc07711de1d072cd43c1aab5755883e202e99fe57commit | diff
Reset pid_child only if waitpid was successful.

Do not reset the pid_child to 0 if the child process is still
running. This else-condition can be reached with pid being -1,
therefore explicitly test this condition.

This is a regression fix for CVE-2017-2616. If su receives a
signal like SIGTERM, it is not propagated to the child.

Reported-by: Radu Duta <raduduta@gmail.com>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
src/su.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.