From a1ab19720752c38121e115066103953b607466d3 Mon Sep 17 00:00:00 2001 From: deraadt Date: Wed, 28 Jun 2017 15:40:54 +0000 Subject: [PATCH] perform an initial pledge very early on, and drop tzset to later. ok nicm brynet --- usr.bin/file/file.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/usr.bin/file/file.c b/usr.bin/file/file.c index 07082aeadda..4e17c26502f 100644 --- a/usr.bin/file/file.c +++ b/usr.bin/file/file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: file.c,v 1.60 2017/06/28 13:37:56 brynet Exp $ */ +/* $OpenBSD: file.c,v 1.61 2017/06/28 15:40:54 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -104,12 +104,13 @@ main(int argc, char **argv) int opt, idx; char *home, *magicpath; struct passwd *pw; - FILE *magicfp; + FILE *magicfp = NULL; struct magic *m; struct input_file *inf = NULL; size_t len, width = 0; - tzset(); + if (pledge("stdio rpath getpw id", NULL) == -1) + err(1, "pledge"); for (;;) { opt = getopt_long(argc, argv, "bchiLsW", longopts, NULL); @@ -149,7 +150,6 @@ main(int argc, char **argv) } else if (argc == 0) usage(); - magicfp = NULL; if (geteuid() != 0 && !issetugid()) { home = getenv("HOME"); if (home == NULL || *home == '\0') { @@ -183,6 +183,8 @@ main(int argc, char **argv) } } + tzset(); + if (pledge("stdio getpw id", NULL) == -1) err(1, "pledge"); -- 2.20.1