From 51d1e1a472c39c0aff11487fe3768a94f227251d Mon Sep 17 00:00:00 2001 From: deraadt Date: Fri, 9 Oct 2015 05:30:03 +0000 Subject: [PATCH] shortcircuit TIOCGETA to directly return ENOTTY for non-ttys. It could be called against a non-tty fd, so as to test "is this a tty". Discovered by sthen and rob pierce at the same time. --- sys/kern/kern_pledge.c | 8 +++++++- sys/kern/sys_generic.c | 5 +++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index 4fc20914294..bf11c1962dc 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.3 2015/10/09 02:44:22 deraadt Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.4 2015/10/09 05:30:03 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -1016,6 +1016,9 @@ pledge_ioctl_check(struct proc *p, long com, void *v) case FIOGETOWN: return (0); case TIOCGETA: + if (fp->f_type == DTYPE_VNODE && (vp->v_flag & VISTTY)) + return (0); + return (ENOTTY); case TIOCGPGRP: case TIOCGWINSZ: /* various programs */ if (fp->f_type == DTYPE_VNODE && (vp->v_flag & VISTTY)) @@ -1059,6 +1062,9 @@ pledge_ioctl_check(struct proc *p, long com, void *v) break; /* FALTHROUGH */ case TIOCGETA: + if (fp->f_type == DTYPE_VNODE && (vp->v_flag & VISTTY)) + return (0); + return (ENOTTY); case TIOCGPGRP: case TIOCGWINSZ: /* various programs */ #if notyet diff --git a/sys/kern/sys_generic.c b/sys/kern/sys_generic.c index 2c5ea05e8e0..df247485079 100644 --- a/sys/kern/sys_generic.c +++ b/sys/kern/sys_generic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sys_generic.c,v 1.104 2015/10/09 01:17:21 deraadt Exp $ */ +/* $OpenBSD: sys_generic.c,v 1.105 2015/10/09 05:30:03 deraadt Exp $ */ /* $NetBSD: sys_generic.c,v 1.24 1996/03/29 00:25:32 cgd Exp $ */ /* @@ -404,7 +404,8 @@ sys_ioctl(struct proc *p, void *v, register_t *retval) fdp = p->p_fd; fp = fd_getfile_mode(fdp, SCARG(uap, fd), FREAD|FWRITE); - if (pledge_ioctl_check(p, com, fp)) + error = pledge_ioctl_check(p, com, fp)) + if (error) return (pledge_fail(p, EPERM, PLEDGE_IOCTL)); if (fp == NULL) -- 2.20.1