in fuser mode with -k or -s mode, kill(2) might be called and

route lookups won't be needed; so expand the pledge setup to handle
3 codepaths.
from theo buehler

diff --git a/usr.bin/fstat/fstat.c b/usr.bin/fstat/fstat.c
index becb6f6..bfc4d0f 100644 (file)
--- a/usr.bin/fstat/fstat.c
+++ b/usr.bin/fstat/fstat.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: fstat.c,v 1.81 2015/10/10 14:29:05 deraadt Exp $      */
+/*     $OpenBSD: fstat.c,v 1.82 2015/10/12 14:09:32 deraadt Exp $      */
 
 /*
  * Copyright (c) 2009 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -275,8 +275,18 @@ main(int argc, char *argv[])
        if ((kf = kvm_getfiles(kd, what, arg, sizeof(*kf), &cnt)) == NULL)
                errx(1, "%s", kvm_geterr(kd));
 
-       if (pledge("stdio rpath route", NULL) == -1)
-               err(1, "pledge");
+       if (fuser) {
+               if (sflg) { /* fuser might call kill(2) */
+                       if (pledge("stdio rpath proc", NULL) == -1)
+                               err(1, "pledge");
+               } else {
+                       if (pledge("stdio rpath", NULL) == -1)
+                               err(1, "pledge");
+               }
+       } else {
+               if (pledge("stdio rpath route", NULL) == -1)
+                       err(1, "pledge");
+       }
 
        find_splices(kf, cnt);
        if (!fuser)