doc/share/security/patches/SA-02:41/smrsh.patch

Index: contrib/sendmail/smrsh/smrsh.c
diff -c contrib/sendmail/smrsh/smrsh.c:1.3.6.8 contrib/sendmail/smrsh/smrsh.c:1.3.6.9
*** contrib/sendmail/smrsh/smrsh.c:1.3.6.8	Mon Sep  2 20:50:13 2002
--- contrib/sendmail/smrsh/smrsh.c	Mon Oct  7 19:53:31 2002
***************
*** 59,64 ****
--- 59,66 ----
  #include <sm/limits.h>
  #include <sm/string.h>
  #include <sys/file.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
  #include <string.h>
  #include <ctype.h>
  #include <errno.h>
***************
*** 147,152 ****
--- 149,155 ----
  	char *newenv[2];
  	char pathbuf[1000];
  	char specialbuf[32];
+ 	struct stat st;
  
  #ifndef DEBUG
  # ifndef LOG_MAIL
***************
*** 304,309 ****
--- 307,344 ----
  			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
  					     "Trying %s\n", cmdbuf);
  #endif /* DEBUG */
+ 			if (stat(cmdbuf, &st) < 0)
+ 			{
+ 				/* can't stat it */
+ 				(void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
+ 						     "%s: %s not available for sendmail programs (stat failed)\n",
+ 						      prg, cmd);
+ 				if (p != NULL)
+ 					*p = ' ';
+ #ifndef DEBUG
+ 				syslog(LOG_CRIT, "uid %d: attempt to use %s (stat failed)",
+ 				       (int) getuid(), cmd);
+ #endif /* ! DEBUG */
+ 				exit(EX_UNAVAILABLE);
+ 			}
+ 			if (!S_ISREG(st.st_mode)
+ #ifdef S_ISLNK
+ 			    && !S_ISLNK(st.st_mode)
+ #endif /* S_ISLNK */
+ 			   )
+ 			{
+ 				/* can't stat it */
+ 				(void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
+ 						     "%s: %s not available for sendmail programs (not a file)\n",
+ 						      prg, cmd);
+ 				if (p != NULL)
+ 					*p = ' ';
+ #ifndef DEBUG
+ 				syslog(LOG_CRIT, "uid %d: attempt to use %s (not a file)",
+ 				       (int) getuid(), cmd);
+ #endif /* ! DEBUG */
+ 				exit(EX_UNAVAILABLE);
+ 			}
  			if (access(cmdbuf, X_OK) < 0)
  			{
  				/* oops....  crack attack possiblity */