From 44b1ca154554d96714322370da269fde9cb6c6b5 Mon Sep 17 00:00:00 2001 From: deraadt Date: Fri, 3 Aug 2018 15:01:28 +0000 Subject: [PATCH] pledge() a little later, after getopt operation, in case -f option changes the filename. We can then unveil that file, pledge() as before, and proceed to parsing. --- usr.bin/last/last.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/usr.bin/last/last.c b/usr.bin/last/last.c index b6f8f55fa5b..99f850222b3 100644 --- a/usr.bin/last/last.c +++ b/usr.bin/last/last.c @@ -1,4 +1,4 @@ -/* $OpenBSD: last.c,v 1.50 2015/10/29 03:00:31 deraadt Exp $ */ +/* $OpenBSD: last.c,v 1.51 2018/08/03 15:01:28 deraadt Exp $ */ /* $NetBSD: last.c,v 1.6 1994/12/24 16:49:02 cgd Exp $ */ /* @@ -98,9 +98,6 @@ main(int argc, char *argv[]) const char *errstr; int ch, lastch = '\0', newarg = 1, prevoptind = 1; - if (pledge("stdio rpath", NULL) == -1) - err(1, "pledge"); - while ((ch = getopt(argc, argv, "0123456789cf:h:n:st:d:T")) != -1) { switch (ch) { case '0': case '1': case '2': case '3': case '4': @@ -155,6 +152,11 @@ main(int argc, char *argv[]) if (maxrec == 0) exit(0); + if (unveil(file, "r") == -1) + err(1, "unveil"); + if (pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); + if (argc) { setvbuf(stdout, NULL, _IOLBF, 0); for (argv += optind; *argv; ++argv) { -- 2.20.1