$OpenBSD: patch-pwsafe_cpp,v 1.2 2005/10/20 09:02:52 mbalmer Exp $ --- pwsafe.cpp.orig Fri Sep 30 12:30:56 2005 +++ pwsafe.cpp Sat Oct 8 22:53:08 2005 @@ -371,8 +371,8 @@ secstring operator+(const secstring& t1, // The name the program was run with, stripped of any leading path const char *program_name = "pwsafe"; // make sure program_name always points to something valid so we can use it in constructors of globals -uid_t saved_uid; -gid_t saved_gid; +// uid_t saved_uid; +// gid_t saved_gid; // database version enum Version { VERSION_UNKNOWN, VERSION_1_7, VERSION_2_0 }; @@ -893,14 +893,14 @@ int main(int argc, char **argv) { try { try { - saved_uid = geteuid(); - saved_gid = getegid(); + // saved_uid = geteuid(); + // saved_gid = getegid(); // if we are running suid, drop privileges now; we use seteuid() instead of setuid() so the saved uid remains root and we can become root again in order to mlock() - if (saved_uid != getuid() || saved_gid != getgid()) { - setegid(getgid()); - seteuid(getuid()); - } + // if (saved_uid != getuid() || saved_gid != getgid()) { + // setegid(getgid()); + // seteuid(getuid()); + // } #if WITH_READLINE rl_readline_name = const_cast<char*>(program_name); // so readline() can parse its config files and handle if (pwsafe) sections; some older readline's type rl_readline_name as char*, hence the const_cast @@ -918,10 +918,11 @@ int main(int argc, char **argv) { const char* home = getenv("HOME"); if (home && datname[0] != '/') { - char* dbname = reinterpret_cast<char*>(malloc(strlen(home)+1+strlen(datname)+1)); - strcpy(dbname, home); - strcat(dbname, "/"); - strcat(dbname, datname); + size_t dbnamelen = strlen(home)+1+strlen(datname)+1; + char* dbname = reinterpret_cast<char*>(malloc(dbnamelen)); + strlcpy(dbname, home, dbnamelen); + strlcat(dbname, "/", dbnamelen); + strlcat(dbname, datname, dbnamelen); arg_dbname = dbname; } else { // datname is already an absolute path @@ -1130,7 +1131,7 @@ int main(int argc, char **argv) { } // save the rng seed for next time - if (rng_filename[0]) { + if (rng_filename[0] && strncmp(rng_filename, "/dev/", 5)) { int rc = RAND_write_file(rng_filename); if (arg_verbose > 0) printf("wrote %d bytes to %s\n", rc, rng_filename); } // else they already got an error above when we tried to read rng_filename @@ -1619,7 +1621,7 @@ static secstring random_password() { snprintf(ent_buf, sizeof(ent_buf), "%d", entropy_needed); ent_buf[sizeof(ent_buf)-1] = '\0'; char len_buf[24]; - snprintf(len_buf, sizeof(len_buf), "%d", pw.length()); + snprintf(len_buf, sizeof(len_buf), "%d", (int)pw.length()); len_buf[sizeof(len_buf)-1] = '\0'; switch (tolower(get1char("Use "+pw+"\ntype "+type_name+", length "+len_buf+", "+ent_buf+" bits of entropy [y/N/ /+/-/q/?] ? ", 'n'))) { case 'y': @@ -2380,7 +2382,7 @@ bool DB::open(const secstring* pw_to_try version = VERSION_1_7; } - if (arg_verbose > 1) printf("read in %u entries\n", entries.size()); + if (arg_verbose > 1) printf("read in %u entries\n", (unsigned int)entries.size()); opened = true; return true; @@ -2601,7 +2603,7 @@ const DB::Entry& DB::find1(const char* r for (matches_t::const_iterator i=matches.begin(); i!=matches.end() && count < 3; ++i, ++count) printf("%s%s", (count?", ":""), (*i)->groupname().c_str()); if (count != matches.size()) - printf(", ... (%u more) ", matches.size()-3); + printf(", ... (%u more) ", (unsigned int)matches.size()-3); printf(".\n"); throw FailEx(); } @@ -3235,26 +3237,26 @@ secalloc::Pool::Pool(size_t n) : next(0) top = z + ((bottom-z+pagesize+n+pagesize) & ~(pagesize-1)); // round top down to a page boundary // mark level..top as non-swapabble - int rc = mlock(level,top-level); + // int rc = mlock(level,top-level); // Redhat FC3 returns ENOMEM if not root, not EPERM, so dont bother checking for EPERM error from mlock(); treat any error to mean 'try mlock() against as SUID user' - if (rc && (saved_uid != geteuid() || saved_gid != getegid())) { + // if (rc && (saved_uid != geteuid() || saved_gid != getegid())) { // try again as root (or whoever saved_uid really is) - if (saved_uid != geteuid()) - seteuid(saved_uid); - if (saved_gid != getegid()) - setegid(saved_gid); - rc = mlock(level,top-level); - setegid(getgid()); - seteuid(getuid()); - } - if (rc) { - static bool reported = false; - if (!reported) { - if (arg_verbose >= 0) - fprintf(stderr, "WARNING: %s unable to use secure ram (need to be setuid root)\n", program_name); - reported = true; - } - } + // if (saved_uid != geteuid()) + // seteuid(saved_uid); + // if (saved_gid != getegid()) + // setegid(saved_gid); + // rc = mlock(level,top-level); + // setegid(getgid()); + // seteuid(getuid()); + // } + // if (rc) { + // static bool reported = false; + // if (!reported) { + // if (arg_verbose >= 0) + // fprintf(stderr, "WARNING: %s unable to use secure ram (need to be setuid root)\n", program_name); + // reported = true; + // } + // } } secalloc::Pool::~Pool() {