From cba617ef13800c2866adf599deb2e5adfeb31a72 Mon Sep 17 00:00:00 2001 From: deraadt Date: Wed, 7 Oct 2015 06:00:33 +0000 Subject: [PATCH] tame "stdio rpath wpath cpath" or a more mundane "stdio rpath", depending on which arguments the programs are run under. ok doug --- usr.bin/uudecode/uudecode.c | 10 +++++++++- usr.bin/uuencode/uuencode.c | 10 +++++++++- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/usr.bin/uudecode/uudecode.c b/usr.bin/uudecode/uudecode.c index 65801e1093b..355917f3af9 100644 --- a/usr.bin/uudecode/uudecode.c +++ b/usr.bin/uudecode/uudecode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uudecode.c,v 1.20 2015/01/16 06:40:13 deraadt Exp $ */ +/* $OpenBSD: uudecode.c,v 1.21 2015/10/07 06:00:33 deraadt Exp $ */ /* $FreeBSD: uudecode.c,v 1.49 2003/05/03 19:44:46 obrien Exp $ */ /*- @@ -126,6 +126,14 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; + if (oflag || pflag == 0) { + if (tame("stdio rpath wpath cpath", NULL) == -1) + err(1, "tame"); + } else { + if (tame("stdio rpath", NULL) == -1) + err(1, "tame"); + } + if (*argv) { rval = 0; do { diff --git a/usr.bin/uuencode/uuencode.c b/usr.bin/uuencode/uuencode.c index 6e203fb456c..c3dfe3a79c5 100644 --- a/usr.bin/uuencode/uuencode.c +++ b/usr.bin/uuencode/uuencode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uuencode.c,v 1.11 2015/01/16 06:40:13 deraadt Exp $ */ +/* $OpenBSD: uuencode.c,v 1.12 2015/10/07 06:00:33 deraadt Exp $ */ /* $FreeBSD: uuencode.c,v 1.18 2004/01/22 07:23:35 grehan Exp $ */ /*- @@ -98,6 +98,14 @@ main(int argc, char *argv[]) argv += optind; argc -= optind; + if (argc == 2 || outfile) { + if (tame("stdio rpath wpath cpath", NULL) == -1) + err(1, "tame"); + } else { + if (tame("stdio", NULL) == -1) + err(1, "tame"); + } + switch(argc) { case 2: /* optional first argument is input file */ if (!freopen(*argv, "r", stdin) || fstat(fileno(stdin), &sb)) -- 2.20.1