diff --git a/ChangeLog b/ChangeLog index 08c2183d8..a994dcb07 100644 --- a/ChangeLog +++ b/ChangeLog @@ -29,6 +29,12 @@ - jmc@cvs.openbsd.org 2006/01/04 19:50:09 [ssh.1] -.Xr gzip 1 , + - djm@cvs.openbsd.org 2006/01/05 23:43:53 + [misc.c] + check that stdio file descriptors are actually closed before clobbering + them in sanitise_stdfd(). problems occurred when a lower numbered fd was + closed, but higher ones weren't. spotted by, and patch tested by + Frédéric Olivié 20060103 - (djm) [channels.c] clean up harmless merge error, from reyk@ @@ -3663,4 +3669,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.4081 2006/01/06 03:50:26 djm Exp $ +$Id: ChangeLog,v 1.4082 2006/01/06 03:50:44 djm Exp $ diff --git a/misc.c b/misc.c index 0339cede4..b876c0030 100644 --- a/misc.c +++ b/misc.c @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.40 2006/01/02 07:53:44 reyk Exp $"); +RCSID("$OpenBSD: misc.c,v 1.41 2006/01/05 23:43:53 djm Exp $"); #ifdef SSH_TUN_OPENBSD #include @@ -616,18 +616,20 @@ tun_open(int tun, int mode) void sanitise_stdfd(void) { - int nullfd; + int nullfd, dupfd; - if ((nullfd = open(_PATH_DEVNULL, O_RDWR)) == -1) { + if ((nullfd = dupfd = open(_PATH_DEVNULL, O_RDWR)) == -1) { fprintf(stderr, "Couldn't open /dev/null: %s", strerror(errno)); exit(1); } - while (nullfd < 2) { - if (dup2(nullfd, nullfd + 1) == -1) { + while (++dupfd <= 2) { + /* Only clobber closed fds */ + if (fcntl(dupfd, F_GETFL, 0) >= 0) + continue; + if (dup2(nullfd, dupfd) == -1) { fprintf(stderr, "dup2: %s", strerror(errno)); exit(1); } - nullfd++; } if (nullfd > 2) close(nullfd);