upstream: Check return values of dup2. Spotted by Coverity, ok djm@

OpenBSD-Commit-ID: 19fb1b53072826d00c67df677731d2f6c1dd602b

diff --git a/scp.c b/scp.c
index 1adff5cec2220d66d06638b1e8507c3c66f3206f..a893d4a285e95024dcd41c70bc09c6ce625cd3ba 100644 (file)
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.252 2023/01/10 23:22:15 millert Exp $ */
+/* $OpenBSD: scp.c,v 1.253 2023/03/03 03:12:24 dtucker Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -394,8 +394,10 @@ do_cmd2(char *host, char *remuser, int port, char *cmd,
        /* Fork a child to execute the command on the remote host using ssh. */
        pid = fork();
        if (pid == 0) {
-               dup2(fdin, 0);
-               dup2(fdout, 1);
+               if (dup2(fdin, 0) == -1)
+                       perror("dup2");
+               if (dup2(fdout, 1) == -1)
+                       perror("dup2");
 
                replacearg(&args, 0, "%s", ssh_program);
                if (port != -1) {

diff --git a/sshd.c b/sshd.c
index ce48602d7be2b93a029c326a3d32a06cb7a578d3..748c15ee2712a6e6b4323969f464cfb7fabb7ee1 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.597 2023/02/10 04:47:19 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.598 2023/03/03 03:12:24 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2117,17 +2117,21 @@ main(int ac, char **av)
        if (rexec_flag) {
                debug("rexec start in %d out %d newsock %d pipe %d sock %d",
                    sock_in, sock_out, newsock, startup_pipe, config_s[0]);
-               dup2(newsock, STDIN_FILENO);
-               dup2(STDIN_FILENO, STDOUT_FILENO);
+               if (dup2(newsock, STDIN_FILENO) == -1)
+                       debug3_f("dup2 stdin: %s", strerror(errno));
+               if (dup2(STDIN_FILENO, STDOUT_FILENO) == -1)
+                       debug3_f("dup2 stdout: %s", strerror(errno));
                if (startup_pipe == -1)
                        close(REEXEC_STARTUP_PIPE_FD);
                else if (startup_pipe != REEXEC_STARTUP_PIPE_FD) {
-                       dup2(startup_pipe, REEXEC_STARTUP_PIPE_FD);
+                       if (dup2(startup_pipe, REEXEC_STARTUP_PIPE_FD) == -1)
+                               debug3_f("dup2 startup_p: %s", strerror(errno));
                        close(startup_pipe);
                        startup_pipe = REEXEC_STARTUP_PIPE_FD;
                }
 
-               dup2(config_s[1], REEXEC_CONFIG_PASS_FD);
+               if (dup2(config_s[1], REEXEC_CONFIG_PASS_FD) == -1)
+                       debug3_f("dup2 config_s: %s", strerror(errno));
                close(config_s[1]);
 
                ssh_signal(SIGHUP, SIG_IGN); /* avoid reset to SIG_DFL */