[pulseaudio-commits] r2100 - /tags/release-0.9.9/src/daemon/caps.c
svnmailer-noreply at 0pointer.de
svnmailer-noreply at 0pointer.de
Wed Jan 23 17:05:26 PST 2008
Author: lennart
Date: Thu Jan 24 02:05:24 2008
New Revision: 2100
URL: http://0pointer.de/cgi-bin/viewcvs.cgi?rev=2100&root=pulseaudio&view=rev
Log:
fix CVE-2008-0008.patch
Modified:
tags/release-0.9.9/src/daemon/caps.c
Modified: tags/release-0.9.9/src/daemon/caps.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/tags/release-0.9.9/src/daemon/caps.c?rev=2100&root=pulseaudio&r1=2099&r2=2100&view=diff
==============================================================================
--- tags/release-0.9.9/src/daemon/caps.c (original)
+++ tags/release-0.9.9/src/daemon/caps.c Thu Jan 24 02:05:24 2008
@@ -63,13 +63,16 @@
pa_log_info("Dropping root priviliges.");
#if defined(HAVE_SETRESUID)
- setresuid(uid, uid, uid);
+ pa_assert_se(setresuid(uid, uid, uid) >= 0);
#elif defined(HAVE_SETREUID)
- setreuid(uid, uid);
+ pa_assert_se(setreuid(uid, uid) >= 0);
#else
- setuid(uid);
- seteuid(uid);
+ pa_assert_se(setuid(uid) >= 0);
+ pa_assert_se(seteuid(uid) >= 0);
#endif
+
+ pa_assert_se(getuid() == uid);
+ pa_assert_se(geteuid() == uid);
}
#else
@@ -147,4 +150,3 @@
}
#endif
-
More information about the pulseaudio-commits
mailing list