aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVadim Zhukov <zhuk@openbsd.org>2015-07-26 19:08:17 +0000
committerVadim Zhukov <zhuk@openbsd.org>2015-07-26 19:08:17 +0000
commit02339203a07f4f9a6b794728f753214e13f8e170 (patch)
tree3adc4fad752c61be0a3bbb95846f6d9f24b8424a
parent26edde87e46f2601656361736472e216e8acf707 (diff)
downloadopendoas-02339203a07f4f9a6b794728f753214e13f8e170.tar.gz
Stop exiting on cmdline overflow: it's used only for logging, so aborting
the whole process is stupid, and actually breaks things. Noticed and analyzed by as well as input from nigel@. Okay tedu@, espie@ and (if I understood correctly) hall@
-rw-r--r--doas.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/doas.c b/doas.c
index 7963926..618027b 100644
--- a/doas.c
+++ b/doas.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: doas.c,v 1.21 2015/07/24 06:36:42 zhuk Exp $ */
+/* $OpenBSD: doas.c,v 1.22 2015/07/26 17:24:02 zhuk Exp $ */
/*
* Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
*
@@ -374,16 +374,18 @@ main(int argc, char **argv, char **envp)
target));
parseconfig("/etc/doas.conf", 1);
- cmd = argv[0];
+ /* cmdline is used only for logging, no need to abort on truncate */
+ (void) strlcpy(cmdline, argv[0], sizeof(cmdline)) < sizeof(cmdline);
if (strlcpy(cmdline, argv[0], sizeof(cmdline)) >= sizeof(cmdline))
errx(1, "command line too long");
for (i = 1; i < argc; i++) {
if (strlcat(cmdline, " ", sizeof(cmdline)) >= sizeof(cmdline))
- errx(1, "command line too long");
+ break;
if (strlcat(cmdline, argv[i], sizeof(cmdline)) >= sizeof(cmdline))
- errx(1, "command line too long");
+ break;
}
+ cmd = argv[0];
if (!permit(uid, groups, ngroups, &rule, target, cmd,
(const char**)argv + 1)) {
syslog(LOG_AUTHPRIV | LOG_NOTICE,