/src/sudo/lib/util/term.c
Line | Count | Source |
1 | | /* |
2 | | * SPDX-License-Identifier: ISC |
3 | | * |
4 | | * Copyright (c) 2011-2015, 2017-2023 Todd C. Miller <Todd.Miller@sudo.ws> |
5 | | * |
6 | | * Permission to use, copy, modify, and distribute this software for any |
7 | | * purpose with or without fee is hereby granted, provided that the above |
8 | | * copyright notice and this permission notice appear in all copies. |
9 | | * |
10 | | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
11 | | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
12 | | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
13 | | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
14 | | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
15 | | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
16 | | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
17 | | */ |
18 | | |
19 | | #include <config.h> |
20 | | |
21 | | #include <sys/ioctl.h> |
22 | | #include <sys/stat.h> |
23 | | #include <stdio.h> |
24 | | #include <stdlib.h> |
25 | | #include <string.h> |
26 | | #include <errno.h> |
27 | | #include <signal.h> |
28 | | #include <termios.h> |
29 | | #include <unistd.h> |
30 | | |
31 | | #include <sudo_compat.h> |
32 | | #include <sudo_debug.h> |
33 | | #include <sudo_util.h> |
34 | | |
35 | | /* TCSASOFT is a BSD extension that ignores control flags and speed. */ |
36 | | #ifndef TCSASOFT |
37 | 0 | # define TCSASOFT 0 |
38 | | #endif |
39 | | |
40 | | /* Non-standard termios input flags */ |
41 | | #ifndef IUCLC |
42 | | # define IUCLC 0 |
43 | | #endif |
44 | | #ifndef IMAXBEL |
45 | | # define IMAXBEL 0 |
46 | | #endif |
47 | | #ifndef IUTF8 |
48 | | # define IUTF8 0 |
49 | | #endif |
50 | | |
51 | | /* Non-standard termios output flags */ |
52 | | #ifndef OLCUC |
53 | | # define OLCUC 0 |
54 | | #endif |
55 | | #ifndef ONLCR |
56 | | # define ONLCR 0 |
57 | | #endif |
58 | | #ifndef OCRNL |
59 | | # define OCRNL 0 |
60 | | #endif |
61 | | #ifndef ONOCR |
62 | | # define ONOCR 0 |
63 | | #endif |
64 | | #ifndef ONLRET |
65 | | # define ONLRET 0 |
66 | | #endif |
67 | | |
68 | | /* Non-standard termios local flags */ |
69 | | #ifndef XCASE |
70 | | # define XCASE 0 |
71 | | #endif |
72 | | #ifndef IEXTEN |
73 | | # define IEXTEN 0 |
74 | | #endif |
75 | | #ifndef ECHOCTL |
76 | | # define ECHOCTL 0 |
77 | | #endif |
78 | | #ifndef ECHOKE |
79 | | # define ECHOKE 0 |
80 | | #endif |
81 | | |
82 | | /* Termios flags to copy between terminals. */ |
83 | 0 | #define INPUT_FLAGS (IGNPAR|PARMRK|INPCK|ISTRIP|INLCR|IGNCR|ICRNL|IUCLC|IXON|IXANY|IXOFF|IMAXBEL|IUTF8) |
84 | 0 | #define OUTPUT_FLAGS (OPOST|OLCUC|ONLCR|OCRNL|ONOCR|ONLRET) |
85 | 0 | #define CONTROL_FLAGS (CS7|CS8|PARENB|PARODD) |
86 | 0 | #define LOCAL_FLAGS (ISIG|ICANON|XCASE|ECHO|ECHOE|ECHOK|ECHONL|NOFLSH|TOSTOP|IEXTEN|ECHOCTL|ECHOKE) |
87 | | |
88 | | static struct termios orig_term; |
89 | | static struct termios cur_term; |
90 | | static bool changed; |
91 | | |
92 | | /* tgetpass() needs to know the erase and kill chars for cbreak mode. */ |
93 | | sudo_dso_public int sudo_term_eof; |
94 | | sudo_dso_public int sudo_term_erase; |
95 | | sudo_dso_public int sudo_term_kill; |
96 | | |
97 | | static volatile sig_atomic_t got_sigttou; |
98 | | |
99 | | /* |
100 | | * SIGTTOU signal handler for tcsetattr_nobg() that just sets a flag. |
101 | | */ |
102 | | static void |
103 | | sigttou(int signo) |
104 | 0 | { |
105 | 0 | got_sigttou = 1; |
106 | 0 | } |
107 | | |
108 | | /* |
109 | | * Like tcsetattr() but restarts on EINTR _except_ for SIGTTOU. |
110 | | * Returns 0 on success or -1 on failure, setting errno. |
111 | | * Sets got_sigttou on failure if interrupted by SIGTTOU. |
112 | | */ |
113 | | static int |
114 | | tcsetattr_nobg(int fd, int flags, struct termios *tp) |
115 | 0 | { |
116 | 0 | struct sigaction sa, osa; |
117 | 0 | int rc; |
118 | 0 | debug_decl(tcsetattr_nobg, SUDO_DEBUG_UTIL); |
119 | | |
120 | | /* |
121 | | * If we receive SIGTTOU from tcsetattr() it means we are |
122 | | * not in the foreground process group. |
123 | | * This should be less racy than using tcgetpgrp(). |
124 | | */ |
125 | 0 | memset(&sa, 0, sizeof(sa)); |
126 | 0 | sigemptyset(&sa.sa_mask); |
127 | 0 | sa.sa_handler = sigttou; |
128 | 0 | got_sigttou = 0; |
129 | 0 | sigaction(SIGTTOU, &sa, &osa); |
130 | 0 | do { |
131 | 0 | rc = tcsetattr(fd, flags, tp); |
132 | 0 | } while (rc == -1 && errno == EINTR && !got_sigttou); |
133 | 0 | sigaction(SIGTTOU, &osa, NULL); |
134 | |
|
135 | 0 | debug_return_int(rc); |
136 | 0 | } |
137 | | |
138 | | /* |
139 | | * Restore saved terminal settings if we are in the foreground process group. |
140 | | * Returns true on success or false on failure. |
141 | | */ |
142 | | bool |
143 | | sudo_term_restore_v1(int fd, bool flush) |
144 | 0 | { |
145 | 0 | const int flags = flush ? (TCSASOFT|TCSAFLUSH) : (TCSASOFT|TCSADRAIN); |
146 | 0 | struct termios term = { 0 }; |
147 | 0 | bool ret = false; |
148 | 0 | debug_decl(sudo_term_restore, SUDO_DEBUG_UTIL); |
149 | |
|
150 | 0 | if (!changed) |
151 | 0 | debug_return_bool(true); |
152 | | |
153 | 0 | sudo_lock_file(fd, SUDO_LOCK); |
154 | | |
155 | | /* Avoid changing term settings if changed out from under us. */ |
156 | 0 | if (tcgetattr(fd, &term) == -1) { |
157 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
158 | 0 | "%s: tcgetattr(%d)", __func__, fd); |
159 | 0 | goto unlock; |
160 | 0 | } |
161 | 0 | if ((term.c_iflag & INPUT_FLAGS) != (cur_term.c_iflag & INPUT_FLAGS)) { |
162 | 0 | sudo_debug_printf(SUDO_DEBUG_INFO, "%s: not restoring terminal, " |
163 | 0 | "c_iflag changed; 0x%x, expected 0x%x", __func__, |
164 | 0 | (unsigned int)term.c_iflag, (unsigned int)cur_term.c_iflag); |
165 | | /* Not an error. */ |
166 | 0 | ret = true; |
167 | 0 | goto unlock; |
168 | 0 | } |
169 | 0 | if ((term.c_oflag & OUTPUT_FLAGS) != (cur_term.c_oflag & OUTPUT_FLAGS)) { |
170 | 0 | sudo_debug_printf(SUDO_DEBUG_INFO, "%s: not restoring terminal, " |
171 | 0 | "c_oflag changed; 0x%x, expected 0x%x", __func__, |
172 | 0 | (unsigned int)term.c_oflag, (unsigned int)cur_term.c_oflag); |
173 | | /* Not an error. */ |
174 | 0 | ret = true; |
175 | 0 | goto unlock; |
176 | 0 | } |
177 | 0 | #if !TCSASOFT |
178 | | /* Only systems without TCSASOFT make changes to c_cflag. */ |
179 | 0 | if ((term.c_cflag & CONTROL_FLAGS) != (cur_term.c_cflag & CONTROL_FLAGS)) { |
180 | 0 | sudo_debug_printf(SUDO_DEBUG_INFO, "%s: not restoring terminal, " |
181 | 0 | "c_cflag changed; 0x%x, expected 0x%x", __func__, |
182 | 0 | (unsigned int)term.c_cflag, (unsigned int)cur_term.c_cflag); |
183 | | /* Not an error. */ |
184 | 0 | ret = true; |
185 | 0 | goto unlock; |
186 | 0 | } |
187 | 0 | #endif |
188 | 0 | if ((term.c_lflag & LOCAL_FLAGS) != (cur_term.c_lflag & LOCAL_FLAGS)) { |
189 | 0 | sudo_debug_printf(SUDO_DEBUG_INFO, "%s: not restoring terminal, " |
190 | 0 | "c_lflag changed; 0x%x, expected 0x%x", __func__, |
191 | 0 | (unsigned int)term.c_lflag, (unsigned int)cur_term.c_lflag); |
192 | | /* Not an error. */ |
193 | 0 | ret = true; |
194 | 0 | goto unlock; |
195 | 0 | } |
196 | 0 | if (memcmp(term.c_cc, cur_term.c_cc, sizeof(term.c_cc)) != 0) { |
197 | 0 | sudo_debug_printf(SUDO_DEBUG_INFO, |
198 | 0 | "%s: not restoring terminal, c_cc[] changed", __func__); |
199 | | /* Not an error. */ |
200 | 0 | ret = true; |
201 | 0 | goto unlock; |
202 | 0 | } |
203 | | |
204 | 0 | if (tcsetattr_nobg(fd, flags, &orig_term) == -1) { |
205 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
206 | 0 | "%s: tcsetattr(%d)", __func__, fd); |
207 | 0 | goto unlock; |
208 | 0 | } |
209 | 0 | cur_term = orig_term; |
210 | 0 | changed = false; |
211 | 0 | ret = true; |
212 | |
|
213 | 0 | unlock: |
214 | 0 | sudo_lock_file(fd, SUDO_UNLOCK); |
215 | |
|
216 | 0 | debug_return_bool(ret); |
217 | 0 | } |
218 | | |
219 | | /* |
220 | | * Disable terminal echo. |
221 | | * Returns true on success or false on failure. |
222 | | */ |
223 | | bool |
224 | | sudo_term_noecho_v1(int fd) |
225 | 0 | { |
226 | 0 | struct termios term = { 0 }; |
227 | 0 | bool ret = false; |
228 | 0 | struct stat sb; |
229 | 0 | debug_decl(sudo_term_noecho, SUDO_DEBUG_UTIL); |
230 | | |
231 | | /* Avoid calling ioctl on non-device to prevent CVE-2023-2002. */ |
232 | 0 | if (fstat(fd, &sb) != 0 || !S_ISCHR(sb.st_mode)) |
233 | 0 | debug_return_bool(false); |
234 | | |
235 | 0 | sudo_lock_file(fd, SUDO_LOCK); |
236 | 0 | if (!changed && tcgetattr(fd, &orig_term) == -1) { |
237 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
238 | 0 | "%s: tcgetattr(%d)", __func__, fd); |
239 | 0 | goto unlock; |
240 | 0 | } |
241 | | |
242 | 0 | term = orig_term; |
243 | 0 | CLR(term.c_lflag, ECHO|ECHONL); |
244 | | #ifdef VSTATUS |
245 | | term.c_cc[VSTATUS] = _POSIX_VDISABLE; |
246 | | #endif |
247 | 0 | if (tcsetattr_nobg(fd, TCSASOFT|TCSAFLUSH, &term) == -1) { |
248 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
249 | 0 | "%s: tcsetattr(%d)", __func__, fd); |
250 | 0 | goto unlock; |
251 | 0 | } |
252 | 0 | cur_term = term; |
253 | 0 | changed = true; |
254 | 0 | ret = true; |
255 | |
|
256 | 0 | unlock: |
257 | 0 | sudo_lock_file(fd, SUDO_UNLOCK); |
258 | 0 | debug_return_bool(ret); |
259 | 0 | } |
260 | | |
261 | | /* |
262 | | * Returns true if term is in raw mode, else false. |
263 | | */ |
264 | | static bool |
265 | | sudo_term_is_raw_int(struct termios *term) |
266 | 0 | { |
267 | 0 | debug_decl(sudo_term_is_raw_int, SUDO_DEBUG_UTIL); |
268 | |
|
269 | 0 | if (term->c_cc[VMIN] != 1 || term->c_cc[VTIME] != 0) |
270 | 0 | debug_return_bool(false); |
271 | | |
272 | 0 | if (ISSET(term->c_oflag, OPOST)) |
273 | 0 | debug_return_bool(false); |
274 | | |
275 | 0 | if (ISSET(term->c_lflag, ECHO|ECHONL|ICANON)) |
276 | 0 | debug_return_bool(false); |
277 | | |
278 | 0 | debug_return_bool(true); |
279 | 0 | } |
280 | | |
281 | | /* |
282 | | * Returns true if fd refers to a tty in raw mode, else false. |
283 | | */ |
284 | | bool |
285 | | sudo_term_is_raw_v1(int fd) |
286 | 0 | { |
287 | 0 | struct termios term = { 0 }; |
288 | 0 | struct stat sb; |
289 | 0 | debug_decl(sudo_term_is_raw, SUDO_DEBUG_UTIL); |
290 | | |
291 | | /* Avoid calling ioctl on non-device to prevent CVE-2023-2002. */ |
292 | 0 | if (fstat(fd, &sb) != 0 || !S_ISCHR(sb.st_mode)) |
293 | 0 | debug_return_bool(false); |
294 | | |
295 | 0 | sudo_lock_file(fd, SUDO_LOCK); |
296 | 0 | if (tcgetattr(fd, &term) == -1) { |
297 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
298 | 0 | "%s: tcgetattr(%d)", __func__, fd); |
299 | 0 | sudo_lock_file(fd, SUDO_UNLOCK); |
300 | 0 | debug_return_bool(false); |
301 | 0 | } |
302 | 0 | sudo_lock_file(fd, SUDO_UNLOCK); |
303 | |
|
304 | 0 | debug_return_bool(sudo_term_is_raw_int(&term)); |
305 | 0 | } |
306 | | |
307 | | /* |
308 | | * Set terminal to raw mode as modified by flags. |
309 | | * Returns true on success or false on failure. |
310 | | */ |
311 | | bool |
312 | | sudo_term_raw_v1(int fd, unsigned int flags) |
313 | 0 | { |
314 | 0 | struct termios term = { 0 }; |
315 | 0 | bool ret = false; |
316 | 0 | struct stat sb; |
317 | 0 | tcflag_t oflag; |
318 | 0 | debug_decl(sudo_term_raw, SUDO_DEBUG_UTIL); |
319 | | |
320 | | /* Avoid calling ioctl on non-device to prevent CVE-2023-2002. */ |
321 | 0 | if (fstat(fd, &sb) != 0 || !S_ISCHR(sb.st_mode)) |
322 | 0 | debug_return_bool(false); |
323 | | |
324 | 0 | sudo_lock_file(fd, SUDO_LOCK); |
325 | 0 | if (!changed && tcgetattr(fd, &orig_term) == -1) { |
326 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
327 | 0 | "%s: tcgetattr(%d)", __func__, fd); |
328 | 0 | goto unlock; |
329 | 0 | } |
330 | | |
331 | 0 | if (sudo_term_is_raw_int(&term)) { |
332 | 0 | sudo_debug_printf(SUDO_DEBUG_INFO, "%s: fd %d already in raw mode", |
333 | 0 | __func__, fd); |
334 | 0 | ret = true; |
335 | 0 | goto unlock; |
336 | 0 | } |
337 | | |
338 | | /* |
339 | | * Set terminal to raw mode but optionally enable terminal signals |
340 | | * and/or preserve output flags. |
341 | | */ |
342 | 0 | term = orig_term; |
343 | 0 | oflag = term.c_oflag; |
344 | 0 | cfmakeraw(&term); |
345 | 0 | if (ISSET(flags, SUDO_TERM_ISIG)) |
346 | 0 | SET(term.c_lflag, ISIG); |
347 | 0 | if (ISSET(flags, SUDO_TERM_OFLAG)) |
348 | 0 | term.c_oflag = oflag; |
349 | 0 | if (tcsetattr_nobg(fd, TCSASOFT|TCSADRAIN, &term) == -1) { |
350 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
351 | 0 | "%s: tcsetattr(%d)", __func__, fd); |
352 | 0 | goto unlock; |
353 | 0 | } |
354 | 0 | cur_term = term; |
355 | 0 | changed = true; |
356 | 0 | ret = true; |
357 | |
|
358 | 0 | unlock: |
359 | 0 | sudo_lock_file(fd, SUDO_UNLOCK); |
360 | 0 | debug_return_bool(ret); |
361 | 0 | } |
362 | | |
363 | | /* |
364 | | * Set terminal to cbreak mode. |
365 | | * Returns true on success or false on failure. |
366 | | */ |
367 | | bool |
368 | | sudo_term_cbreak_v2(int fd, bool flush) |
369 | 0 | { |
370 | 0 | const int flags = flush ? (TCSASOFT|TCSAFLUSH) : (TCSASOFT|TCSADRAIN); |
371 | 0 | struct termios term = { 0 }; |
372 | 0 | bool ret = false; |
373 | 0 | struct stat sb; |
374 | 0 | debug_decl(sudo_term_cbreak, SUDO_DEBUG_UTIL); |
375 | | |
376 | | /* Avoid calling ioctl on non-device to prevent CVE-2023-2002. */ |
377 | 0 | if (fstat(fd, &sb) != 0 || !S_ISCHR(sb.st_mode)) |
378 | 0 | debug_return_bool(false); |
379 | | |
380 | 0 | sudo_lock_file(fd, SUDO_LOCK); |
381 | 0 | if (!changed && tcgetattr(fd, &orig_term) == -1) { |
382 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
383 | 0 | "%s: tcgetattr(%d)", __func__, fd); |
384 | 0 | goto unlock; |
385 | 0 | } |
386 | | |
387 | | /* Set terminal to half-cooked mode */ |
388 | 0 | term = orig_term; |
389 | 0 | term.c_cc[VMIN] = 1; |
390 | 0 | term.c_cc[VTIME] = 0; |
391 | | /* cppcheck-suppress redundantAssignment */ |
392 | 0 | CLR(term.c_lflag, ECHO | ECHONL | ICANON | IEXTEN); |
393 | | /* cppcheck-suppress redundantAssignment */ |
394 | 0 | SET(term.c_lflag, ISIG); |
395 | | #ifdef VSTATUS |
396 | | term.c_cc[VSTATUS] = _POSIX_VDISABLE; |
397 | | #endif |
398 | 0 | if (tcsetattr_nobg(fd, flags, &term) == -1) { |
399 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
400 | 0 | "%s: tcsetattr(%d)", __func__, fd); |
401 | 0 | goto unlock; |
402 | 0 | } |
403 | 0 | sudo_term_eof = term.c_cc[VEOF]; |
404 | 0 | sudo_term_erase = term.c_cc[VERASE]; |
405 | 0 | sudo_term_kill = term.c_cc[VKILL]; |
406 | 0 | cur_term = term; |
407 | 0 | changed = true; |
408 | 0 | ret = true; |
409 | |
|
410 | 0 | unlock: |
411 | 0 | sudo_lock_file(fd, SUDO_UNLOCK); |
412 | 0 | debug_return_bool(ret); |
413 | 0 | } |
414 | | |
415 | | bool |
416 | | sudo_term_cbreak_v1(int fd) |
417 | 0 | { |
418 | 0 | return sudo_term_cbreak_v2(fd, false); |
419 | 0 | } |
420 | | |
421 | | /* |
422 | | * Copy terminal settings from one descriptor to another. |
423 | | * We cannot simply copy the struct termios as src and dst may be |
424 | | * different terminal types (pseudo-tty vs. console or glass tty). |
425 | | * Returns true on success or false on failure. |
426 | | */ |
427 | | bool |
428 | | sudo_term_copy_v1(int src, int dst) |
429 | 0 | { |
430 | 0 | struct termios tt_src, tt_dst; |
431 | 0 | struct winsize wsize; |
432 | 0 | speed_t speed; |
433 | 0 | unsigned int i; |
434 | 0 | bool ret = false; |
435 | 0 | debug_decl(sudo_term_copy, SUDO_DEBUG_UTIL); |
436 | |
|
437 | 0 | sudo_lock_file(src, SUDO_LOCK); |
438 | 0 | sudo_lock_file(dst, SUDO_LOCK); |
439 | 0 | if (tcgetattr(src, &tt_src) == -1 || tcgetattr(dst, &tt_dst) == -1) { |
440 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
441 | 0 | "%s: tcgetattr", __func__); |
442 | 0 | goto unlock; |
443 | 0 | } |
444 | | |
445 | | /* Clear select input, output, control and local flags. */ |
446 | 0 | CLR(tt_dst.c_iflag, INPUT_FLAGS); |
447 | 0 | CLR(tt_dst.c_oflag, OUTPUT_FLAGS); |
448 | 0 | CLR(tt_dst.c_cflag, CONTROL_FLAGS); |
449 | 0 | CLR(tt_dst.c_lflag, LOCAL_FLAGS); |
450 | | |
451 | | /* Copy select input, output, control and local flags. */ |
452 | 0 | SET(tt_dst.c_iflag, (tt_src.c_iflag & INPUT_FLAGS)); |
453 | 0 | SET(tt_dst.c_oflag, (tt_src.c_oflag & OUTPUT_FLAGS)); |
454 | 0 | SET(tt_dst.c_cflag, (tt_src.c_cflag & CONTROL_FLAGS)); |
455 | 0 | SET(tt_dst.c_lflag, (tt_src.c_lflag & LOCAL_FLAGS)); |
456 | | |
457 | | /* Copy special chars from src verbatim. */ |
458 | 0 | for (i = 0; i < NCCS; i++) |
459 | 0 | tt_dst.c_cc[i] = tt_src.c_cc[i]; |
460 | | |
461 | | /* Copy speed from src (zero output speed closes the connection). */ |
462 | 0 | if ((speed = cfgetospeed(&tt_src)) == B0) |
463 | 0 | speed = B38400; |
464 | 0 | cfsetospeed(&tt_dst, speed); |
465 | 0 | speed = cfgetispeed(&tt_src); |
466 | 0 | cfsetispeed(&tt_dst, speed); |
467 | |
|
468 | 0 | if (tcsetattr_nobg(dst, TCSASOFT|TCSAFLUSH, &tt_dst) == -1) { |
469 | 0 | sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, |
470 | 0 | "%s: tcsetattr(%d)", __func__, dst); |
471 | 0 | goto unlock; |
472 | 0 | } |
473 | 0 | ret = true; |
474 | |
|
475 | 0 | if (ioctl(src, TIOCGWINSZ, &wsize) == 0) |
476 | 0 | (void)ioctl(dst, IOCTL_REQ_CAST TIOCSWINSZ, &wsize); |
477 | |
|
478 | 0 | unlock: |
479 | 0 | sudo_lock_file(dst, SUDO_UNLOCK); |
480 | 0 | sudo_lock_file(src, SUDO_UNLOCK); |
481 | 0 | debug_return_bool(ret); |
482 | 0 | } |
483 | | |
484 | | /* |
485 | | * Like isatty(3) but stats the fd and stores the result in sb. |
486 | | * Only calls isatty(3) if fd is a character special device. |
487 | | * Returns true if a tty, else returns false and sets errno. |
488 | | * This is mitigation for CVE-2023-2002. |
489 | | */ |
490 | | bool |
491 | | sudo_isatty_v1(int fd, struct stat *sbp) |
492 | 16 | { |
493 | 16 | bool ret = false; |
494 | 16 | struct stat sb; |
495 | 16 | debug_decl(sudo_isatty, SUDO_DEBUG_EXEC); |
496 | | |
497 | 16 | if (sbp == NULL) |
498 | 0 | sbp = &sb; |
499 | | |
500 | 16 | if (fstat(fd, sbp) == 0) { |
501 | 16 | if (!S_ISCHR(sbp->st_mode)) { |
502 | 16 | errno = ENOTTY; |
503 | 16 | } else { |
504 | 0 | ret = isatty(fd) == 1; |
505 | 0 | } |
506 | 16 | } else if (sbp != &sb) { |
507 | | /* Always initialize sbp. */ |
508 | 0 | memset(sbp, 0, sizeof(*sbp)); |
509 | 0 | } |
510 | | debug_return_bool(ret); |
511 | 16 | } |