[PATCH 2/2] If fork fails in System(), don't fallthrough to exec()
Matthieu Herrb
matthieu at herrb.eu
Thu Oct 9 06:25:30 PDT 2014
On Thu, Oct 09, 2014 at 05:42:09AM -0700, Alan Coopersmith wrote:
> In the unlikely event of a failure in creating processes, signal
> masks will fall from the panels above you. Secure your mask before
> telling your child what to do, since it won't exist, and you will
> instead cause the server itself to be replaced by a shell running
> the target program.
>
> Found by Coverity #53397: Missing break in switch
> Execution falls through to the next case statement or default;
> this might indicate a common typo.
> In System: Missing break statement between cases in switch statement (CWE-484)
>
> Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
Reviewed-by: Matthieu Herrb <matthieu at herrb.eu>
> ---
> os/utils.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/os/utils.c b/os/utils.c
> index 80415c4..75769f1 100644
> --- a/os/utils.c
> +++ b/os/utils.c
> @@ -1373,6 +1373,7 @@ System(const char *command)
> switch (pid = fork()) {
> case -1: /* error */
> p = -1;
> + break;
> case 0: /* child */
> if (setgid(getgid()) == -1)
> _exit(127);
> --
> 1.7.9.2
>
> _______________________________________________
> xorg-devel at lists.x.org: X.Org development
> Archives: http://lists.x.org/archives/xorg-devel
> Info: http://lists.x.org/mailman/listinfo/xorg-devel
--
Matthieu Herrb
More information about the xorg-devel
mailing list