From 5c17cc015cbf5bf9cfba519a8af2da49bb63bc91 Mon Sep 17 00:00:00 2001 From: deraadt Date: Sun, 11 Oct 2015 03:08:20 +0000 Subject: [PATCH] fix a regression spotted by chris@. the -f and -I arguments fetch process arguments using kvm_getargs, after the pledge() has been made. someone brave should refactor this, hoisting the argument fetching to between kvm_getprocs() and pledge() - storing the argument data as neccessary. the current situation is also a race -- it fetches the data twice. --- usr.bin/pkill/pkill.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/usr.bin/pkill/pkill.c b/usr.bin/pkill/pkill.c index 4cc99b3649f..5df4fd44329 100644 --- a/usr.bin/pkill/pkill.c +++ b/usr.bin/pkill/pkill.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkill.c,v 1.37 2015/10/10 14:25:42 deraadt Exp $ */ +/* $OpenBSD: pkill.c,v 1.38 2015/10/11 03:08:20 deraadt Exp $ */ /* $NetBSD: pkill.c,v 1.5 2002/10/27 11:49:34 kleink Exp $ */ /*- @@ -83,7 +83,6 @@ int pgrep; int signum = SIGTERM; int newest; int oldest; -char *pledge_choice = "stdio proc"; int quiet; int inverse; int longfmt; @@ -155,7 +154,6 @@ main(int argc, char **argv) if (strcmp(__progname, "pgrep") == 0) { action = grepact; - pledge_choice = "stdio"; pgrep = 1; } else { action = killact; @@ -275,8 +273,15 @@ main(int argc, char **argv) if (plist == NULL) errx(STATUS_ERROR, "kvm_getprocs() failed"); - if (pledge(pledge_choice, NULL) == -1) - err(1, "pledge"); + if (matchargs == 0 && confirmkill == 0) { + if (action == killact) { + if (pledge("stdio proc", NULL) == -1) + err(1, "pledge"); + } else if (action == grepact) { + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); + } + } /* * Allocate memory which will be used to keep track of the -- 2.20.1