From a4aef3ed29071719b2af82fdf1ac3c2514f82bc5 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 27 Oct 2015 08:54:52 +0000 Subject: [PATCH] upstream commit fix execv arguments in a way less likely to cause grief for -portable; ok dtucker@ Upstream-ID: 5902bf0ea0371f39f1300698dc3b8e4105fc0fc5 --- readconf.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/readconf.c b/readconf.c index acfe97e9d..c062433ce 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.244 2015/10/27 00:49:53 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.245 2015/10/27 08:54:52 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -458,7 +458,7 @@ execute_in_shell(const char *cmd) /* Fork and execute the command. */ if ((pid = fork()) == 0) { - char *argv[] = { shell, "-c", xstrdup(cmd), NULL }; + char *argv[4]; /* Child. Permanently give up superuser privileges. */ permanently_drop_suid(original_real_uid); @@ -472,6 +472,11 @@ execute_in_shell(const char *cmd) close(devnull); closefrom(STDERR_FILENO + 1); + argv[0] = shell; + argv[1] = "-c"; + argv[2] = xstrdup(cmd); + argv[3] = NULL; + execv(argv[0], argv); error("Unable to execute '%.100s': %s", cmd, strerror(errno)); /* Die with signal to make this error apparent to parent. */