No need to copy path to a local buffer, use it directly.

Since path is a pointer to a constant string we can make it
point to a different constant string ("/").
This commit is contained in:
Florian Obser 2020-12-06 11:37:32 +01:00 committed by Solene Rapenne
parent 5a238e8666
commit fa328268e2

13
main.c
View file

@ -27,9 +27,6 @@ void
drop_privileges(const char *user, const char *path) drop_privileges(const char *user, const char *path)
{ {
struct passwd *pw; struct passwd *pw;
char chroot_dir[BUFF_LEN_2];
strlcpy(chroot_dir, path, sizeof(chroot_dir));
/* /*
* use chroot() if an user is specified requires root user to be * use chroot() if an user is specified requires root user to be
@ -48,8 +45,8 @@ drop_privileges(const char *user, const char *path)
err(1, "finding user"); err(1, "finding user");
} }
/* chroot worked? */ /* chroot worked? */
if (chroot(chroot_dir) != 0) { if (chroot(path) != 0) {
syslog(LOG_DAEMON, "the chroot_dir %s can't be used for chroot", chroot_dir); syslog(LOG_DAEMON, "the chroot_dir %s can't be used for chroot", path);
err(1, "chroot"); err(1, "chroot");
} }
if (chdir("/") == -1) { if (chdir("/") == -1) {
@ -64,14 +61,14 @@ drop_privileges(const char *user, const char *path)
user, pw->pw_uid); user, pw->pw_uid);
err(1, "Can't drop privileges"); err(1, "Can't drop privileges");
} }
strlcpy(chroot_dir, "/", sizeof(chroot_dir)); path = "/";
} }
#ifdef __OpenBSD__ #ifdef __OpenBSD__
/* /*
* prevent access to files other than the one in path * prevent access to files other than the one in path
*/ */
if (unveil(chroot_dir, "r") == -1) { if (unveil(path, "r") == -1) {
syslog(LOG_DAEMON, "unveil on %s failed", chroot_dir); syslog(LOG_DAEMON, "unveil on %s failed", path);
err(1, "unveil"); err(1, "unveil");
} }
/* /*