diff options
author | Nick Kralevich <nnk@google.com> | 2013-03-29 18:02:41 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2013-03-29 18:02:41 +0000 |
commit | 84b590fe10fda51eca755bc65a8eb00bd29ce702 (patch) | |
tree | a6f02e737acc9ef318ac1d5a68ca4f2470d9011b | |
parent | 27ca8cd5cb0891c8a15175b52c5c24253dea5b17 (diff) | |
parent | 5dacba1793b581e6b92f713aa3e51de75ff70e50 (diff) | |
download | ping-84b590fe10fda51eca755bc65a8eb00bd29ce702.tar.gz |
Merge "Make sure ping doesn't ever run with privileges."android-4.3_r3.1android-4.3_r3android-4.3_r2.3android-4.3_r2.2android-4.3_r2.1android-4.3_r2android-4.3_r1.1android-4.3_r1android-4.3_r0.9.1android-4.3_r0.9android-4.3.1_r1tools_r22.2tools_r22jb-mr2.0.0-releasejb-mr2.0-releasejb-mr2-releasejb-mr2-dev
-rw-r--r-- | ping.c | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -64,6 +64,7 @@ char copyright[] = #include <netinet/ip_icmp.h> #ifdef ANDROID +#include <sys/auxv.h> #define bcmp(a, b, c) memcmp(a, b, c) #endif @@ -118,6 +119,13 @@ main(int argc, char **argv) char *target, hnamebuf[MAXHOSTNAMELEN]; char rspace[3 + 4 * NROUTES + 1]; /* record route space */ +#ifdef ANDROID + if (getauxval(AT_SECURE) != 0) { + fprintf(stderr, "This version of ping should NOT run with privileges. Aborting\n"); + exit(1); + } +#endif + icmp_sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP); if (icmp_sock != -1) using_ping_socket = 1; @@ -126,7 +134,9 @@ main(int argc, char **argv) socket_errno = errno; uid = getuid(); +#ifndef ANDROID setuid(uid); +#endif source.sin_family = AF_INET; |