projects / tinc / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2c9126a) | patch
tincctl: restrict umask argument for FORTIFY
authorpacien <pacien.trangirard@pacien.net>
Tue, 8 Sep 2020 23:24:28 +0000 (01:24 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Sun, 27 Jun 2021 14:27:03 +0000 (16:27 +0200)
commit4cc4b9bcce74b3e7ec4fe539366b7cfc3b472c07
treee05675afcdd6046ca9f8e67ed8945ca087bb4fbftree | snapshot
parent2c9126ab604fce80d9acd1bbdb485eae50aefcadcommit | diff
tincctl: restrict umask argument for FORTIFY

`umask(mode)` calls that do not verify `(mode & 0777) == mode` are
rejected when the libc FORTIFY checks are enabled [1].

The unrestricted `~perms` was indeed making this assertion fail.

[1]: https://android.googlesource.com/platform/bionic/+/refs/tags/android-11.0.0_r3/libc/bionic/fortify.cpp#404
src/tincctl.c diff | blob | history
tinc, the VPN daemon