|
 |
ff65fb |
From e890d08e16ea0621966a7ae35cce53ccb44a472e Mon Sep 17 00:00:00 2001
|
|
|
ff65fb |
From: seetharaman-rajagopal <seetharaman.chn@gmail.com>
|
|
|
ff65fb |
Date: Mon, 13 Feb 2023 08:14:04 +0000
|
|
|
ff65fb |
Subject: [PATCH] CVE-2022-37704 - privilege escaltion form amandabackup user
|
|
|
ff65fb |
to root -fix
|
|
|
ff65fb |
|
|
|
ff65fb |
---
|
|
|
ff65fb |
client-src/rundump.c | 135 +++++++++++++++++++++++++++++++++++++++++++
|
|
|
ff65fb |
1 file changed, 135 insertions(+)
|
|
|
ff65fb |
|
|
|
ff65fb |
diff --git a/client-src/rundump.c b/client-src/rundump.c
|
|
|
ff65fb |
index 0b354d70bf..bba5699847 100644
|
|
|
ff65fb |
--- a/client-src/rundump.c
|
|
|
ff65fb |
+++ b/client-src/rundump.c
|
|
|
ff65fb |
@@ -40,6 +40,8 @@
|
|
|
ff65fb |
#include "conffile.h"
|
|
|
ff65fb |
|
|
|
ff65fb |
int main(int argc, char **argv);
|
|
|
ff65fb |
+static void validate_dump_option(int argc, char ** argv);
|
|
|
ff65fb |
+static void validate_xfsdump_options(int argc, char ** argv);
|
|
|
ff65fb |
|
|
|
ff65fb |
#if defined(VDUMP) || defined(XFSDUMP)
|
|
|
ff65fb |
# undef USE_RUNDUMP
|
|
|
ff65fb |
@@ -160,14 +162,17 @@ main(
|
|
|
ff65fb |
|
|
|
ff65fb |
#if defined(DUMP)
|
|
|
ff65fb |
dump_program = DUMP;
|
|
|
ff65fb |
+ validate_dump_option(argc, argv);
|
|
|
ff65fb |
#else
|
|
|
ff65fb |
# if defined(XFSDUMP)
|
|
|
ff65fb |
dump_program = XFSDUMP;
|
|
|
ff65fb |
+ validate_xfsdump_options(argc, argv);
|
|
|
ff65fb |
# else
|
|
|
ff65fb |
# if defined(VXDUMP)
|
|
|
ff65fb |
dump_program = VXDUMP;
|
|
|
ff65fb |
# else
|
|
|
ff65fb |
dump_program = "dump";
|
|
|
ff65fb |
+ validate_dump_option(argc, argv);
|
|
|
ff65fb |
# endif
|
|
|
ff65fb |
# endif
|
|
|
ff65fb |
#endif
|
|
|
ff65fb |
@@ -203,3 +208,133 @@ main(
|
|
|
ff65fb |
return 1;
|
|
|
ff65fb |
#endif /* } */
|
|
|
ff65fb |
}
|
|
|
ff65fb |
+
|
|
|
ff65fb |
+void validate_dump_option(int argc, char ** argv)
|
|
|
ff65fb |
+{
|
|
|
ff65fb |
+ int c;
|
|
|
ff65fb |
+ int numargs = argc;
|
|
|
ff65fb |
+ while (numargs > 0)
|
|
|
ff65fb |
+ {
|
|
|
ff65fb |
+ c = getopt(argc, argv, "0123456789ab:cd:e:f:h:j:kmnqs:uvwyz:A:B:D:I:L:MQ:ST:W");
|
|
|
ff65fb |
+ switch (c) {
|
|
|
ff65fb |
+ case -1:
|
|
|
ff65fb |
+ optind++;
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ case '?':
|
|
|
ff65fb |
+ //option is not valid
|
|
|
ff65fb |
+ error("error [%s invalid option: %s]\n", get_pname(), argv[optind-1]);
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ // All this options takes another argument
|
|
|
ff65fb |
+ case 'b':
|
|
|
ff65fb |
+ case 'd':
|
|
|
ff65fb |
+ case 'e':
|
|
|
ff65fb |
+ case 'f':
|
|
|
ff65fb |
+ case 'h':
|
|
|
ff65fb |
+ case 'j':
|
|
|
ff65fb |
+ case 's':
|
|
|
ff65fb |
+ case 'z':
|
|
|
ff65fb |
+ case 'A':
|
|
|
ff65fb |
+ case 'B':
|
|
|
ff65fb |
+ case 'D':
|
|
|
ff65fb |
+ case 'I':
|
|
|
ff65fb |
+ case 'L':
|
|
|
ff65fb |
+ case 'Q':
|
|
|
ff65fb |
+ case 'T':
|
|
|
ff65fb |
+ {
|
|
|
ff65fb |
+ // get optarg and check it against NULL. If it is null, then return error.
|
|
|
ff65fb |
+ if (optarg == NULL) {
|
|
|
ff65fb |
+ error ("error [%s additional parameter is missing for option: %c]\n", get_pname(), c);
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+ case '0':
|
|
|
ff65fb |
+ case '1':
|
|
|
ff65fb |
+ case '2':
|
|
|
ff65fb |
+ case '3':
|
|
|
ff65fb |
+ case '4':
|
|
|
ff65fb |
+ case '5':
|
|
|
ff65fb |
+ case '6':
|
|
|
ff65fb |
+ case '7':
|
|
|
ff65fb |
+ case '8':
|
|
|
ff65fb |
+ case '9':
|
|
|
ff65fb |
+ case 'a':
|
|
|
ff65fb |
+ case 'c':
|
|
|
ff65fb |
+ case 'k':
|
|
|
ff65fb |
+ case 'm':
|
|
|
ff65fb |
+ case 'n':
|
|
|
ff65fb |
+ case 'q':
|
|
|
ff65fb |
+ case 'u':
|
|
|
ff65fb |
+ case 'v':
|
|
|
ff65fb |
+ case 'w':
|
|
|
ff65fb |
+ case 'y':
|
|
|
ff65fb |
+ case 'M':
|
|
|
ff65fb |
+ case 'S':
|
|
|
ff65fb |
+ case 'W':
|
|
|
ff65fb |
+ {
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+ default:
|
|
|
ff65fb |
+ error ("error [%s invalid option: %c]\n", get_pname(), c);
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+ numargs--;
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+}
|
|
|
ff65fb |
+
|
|
|
ff65fb |
+void validate_xfsdump_options(int argc, char ** argv)
|
|
|
ff65fb |
+{
|
|
|
ff65fb |
+ int c;
|
|
|
ff65fb |
+ int numargs = argc;
|
|
|
ff65fb |
+ while (numargs > 0)
|
|
|
ff65fb |
+ {
|
|
|
ff65fb |
+ c = getopt(argc, argv, "ab:d:ef:l:mop:qs:t:v:z:AB:DFI:JL:M:RT");
|
|
|
ff65fb |
+ switch (c) {
|
|
|
ff65fb |
+ case -1:
|
|
|
ff65fb |
+ optind++;
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ case '?':
|
|
|
ff65fb |
+ //option is not valid
|
|
|
ff65fb |
+ error ("error [%s invalid option: %s]\n", get_pname(), argv[optind-1]);
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ // All this options takes another argument
|
|
|
ff65fb |
+ case 'b':
|
|
|
ff65fb |
+ case 'd':
|
|
|
ff65fb |
+ case 'f':
|
|
|
ff65fb |
+ case 'l':
|
|
|
ff65fb |
+ case 'p':
|
|
|
ff65fb |
+ case 's':
|
|
|
ff65fb |
+ case 't':
|
|
|
ff65fb |
+ case 'v':
|
|
|
ff65fb |
+ case 'z':
|
|
|
ff65fb |
+ case 'B':
|
|
|
ff65fb |
+ case 'I':
|
|
|
ff65fb |
+ case 'L':
|
|
|
ff65fb |
+ case 'M':
|
|
|
ff65fb |
+ {
|
|
|
ff65fb |
+ // get optarg and check it against NULL. If it is null, then return error.
|
|
|
ff65fb |
+ if (optarg == NULL) {
|
|
|
ff65fb |
+ error ("error [%s additional parameter is missing for option: %c]\n", get_pname(), c);
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+ case 'a':
|
|
|
ff65fb |
+ case 'e':
|
|
|
ff65fb |
+ case 'm':
|
|
|
ff65fb |
+ case 'o':
|
|
|
ff65fb |
+ case 'q':
|
|
|
ff65fb |
+ case 'A':
|
|
|
ff65fb |
+ case 'D':
|
|
|
ff65fb |
+ case 'F':
|
|
|
ff65fb |
+ case 'J':
|
|
|
ff65fb |
+ case 'R':
|
|
|
ff65fb |
+ case 'T':
|
|
|
ff65fb |
+ {
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+ default:
|
|
|
ff65fb |
+ error ("error [%s invalid option: %c]\n", get_pname(), c);
|
|
|
ff65fb |
+ break;
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+ numargs--;
|
|
|
ff65fb |
+ }
|
|
|
ff65fb |
+}
|