Commit 757010f
committed
sysctl binary: Reorder the tests to process wild card entries first.
A malicious user could have passed in a ctl_name of 0 and triggered
the well know ctl_name to procname mapping code, instead of the wild
card matching code. This is a slight problem as wild card entries don't
have procnames, and because in some alternate universe a network device
might have ifindex 0. So test for and handle wild card entries first.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>1 parent 63395b6 commit 757010f
1 file changed
+7
-8
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1269 | 1269 | | |
1270 | 1270 | | |
1271 | 1271 | | |
1272 | | - | |
1273 | | - | |
1274 | | - | |
1275 | | - | |
1276 | | - | |
1277 | | - | |
1278 | 1272 | | |
1279 | 1273 | | |
1280 | 1274 | | |
1281 | 1275 | | |
1282 | | - | |
| 1276 | + | |
| 1277 | + | |
1283 | 1278 | | |
1284 | 1279 | | |
1285 | 1280 | | |
| |||
1288 | 1283 | | |
1289 | 1284 | | |
1290 | 1285 | | |
1291 | | - | |
1292 | 1286 | | |
| 1287 | + | |
| 1288 | + | |
| 1289 | + | |
| 1290 | + | |
| 1291 | + | |
1293 | 1292 | | |
1294 | 1293 | | |
1295 | 1294 | | |
| |||
0 commit comments