From c4fc41a8315614dd91119b34330152775682e280 Mon Sep 17 00:00:00 2001 From: Romain Porte Date: Tue, 3 Aug 2021 13:53:13 +0200 Subject: [PATCH] opentracker.c: check set*id return values MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit fix the following similar warnings: opentracker.c:562:7: warning: ignoring return value of ‘setegid’ declared with attribute ‘warn_unused_result’ [-Wunused-result] […] The man page of these functions ask users to explicitly check the return value in case of any error happening. --- opentracker.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/opentracker.c b/opentracker.c index 8323552..2bb66fa 100644 --- a/opentracker.c +++ b/opentracker.c @@ -559,12 +559,20 @@ int drop_privileges ( const char * const serveruser, const char * const serverdi /* If we can't find server user, revert to nobody's default uid */ if( !pws ) { fprintf( stderr, "Warning: Could not get password entry for %s. Reverting to uid -2.\n", serveruser ); - setegid( (gid_t)-2 ); setgid( (gid_t)-2 ); - setuid( (uid_t)-2 ); seteuid( (uid_t)-2 ); + if (!setegid( (gid_t)-2 ) || + !setgid( (gid_t)-2 ) || + !setuid( (uid_t)-2 ) || + !seteuid( (uid_t)-2 )) { + panic("Could not set uid to value -2"); + } } else { - setegid( pws->pw_gid ); setgid( pws->pw_gid ); - setuid( pws->pw_uid ); seteuid( pws->pw_uid ); + if (!setegid( pws->pw_gid ) || + !setgid( pws->pw_gid ) || + !setuid( pws->pw_uid ) || + !seteuid( pws->pw_uid )) { + panic("Could not set uid to specified value"); + } } if( geteuid() == 0 || getegid() == 0 )