summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--extras/volume_id/libvolume_id/mac.c7
-rw-r--r--extras/volume_id/libvolume_id/volume_id.h2
-rw-r--r--extras/volume_id/vol_id.c17
3 files changed, 21 insertions, 5 deletions
diff --git a/extras/volume_id/libvolume_id/mac.c b/extras/volume_id/libvolume_id/mac.c
index 99bcbde6be..53f0761c8a 100644
--- a/extras/volume_id/libvolume_id/mac.c
+++ b/extras/volume_id/libvolume_id/mac.c
@@ -84,14 +84,15 @@ int volume_id_probe_mac_partition_map(struct volume_id *id, uint64_t off)
part_count = be32_to_cpu(part->map_count);
dbg("expecting %d partition entries", part_count);
+ if (part_count < 1 || part_count > 256)
+ return -1;
if (id->partitions != NULL)
free(id->partitions);
- id->partitions =
- malloc(part_count * sizeof(struct volume_id_partition));
+ id->partitions = malloc(part_count * sizeof(struct volume_id_partition));
if (id->partitions == NULL)
return -1;
- memset(id->partitions, 0x00, sizeof(struct volume_id_partition));
+ memset(id->partitions, 0x00, part_count * sizeof(struct volume_id_partition));
id->partition_count = part_count;
diff --git a/extras/volume_id/libvolume_id/volume_id.h b/extras/volume_id/libvolume_id/volume_id.h
index ad65fe5438..edeb225faf 100644
--- a/extras/volume_id/libvolume_id/volume_id.h
+++ b/extras/volume_id/libvolume_id/volume_id.h
@@ -14,7 +14,7 @@
#include <stdint.h>
#include <stddef.h>
-#define VOLUME_ID_VERSION 55
+#define VOLUME_ID_VERSION 56
#define VOLUME_ID_LABEL_SIZE 64
#define VOLUME_ID_UUID_SIZE 36
diff --git a/extras/volume_id/vol_id.c b/extras/volume_id/vol_id.c
index a291eda51d..6961969c13 100644
--- a/extras/volume_id/vol_id.c
+++ b/extras/volume_id/vol_id.c
@@ -27,6 +27,7 @@
#include <unistd.h>
#include <string.h>
#include <ctype.h>
+#include <grp.h>
#include <sys/ioctl.h>
#include "../../udev.h"
@@ -110,6 +111,8 @@ int main(int argc, char *argv[])
int i;
uint64_t size;
const char *node = NULL;
+ uid_t nobody_uid;
+ gid_t nobody_gid;
int rc = 0;
logging_init("vol_id");
@@ -146,12 +149,24 @@ int main(int argc, char *argv[])
size = 0;
dbg("BLKGETSIZE64=%llu", size);
+ /* drop all privileges */
+ nobody_uid = lookup_user("nobody");
+ nobody_gid = lookup_group("nogroup");
+ if (nobody_uid > 0 && nobody_gid > 0) {
+ if (setgroups(0, NULL) != 0 ||
+ setgid(nobody_gid) != 0 ||
+ setuid(nobody_uid) != 0) {
+ rc = 3;
+ goto exit;
+ }
+ }
+
if (volume_id_probe_all(vid, 0, size) == 0)
goto print;
if (print != PRINT_EXPORT)
fprintf(stderr, "%s: unknown volume type\n", node);
- rc = 3;
+ rc = 4;
goto exit;
print: