Check setuid() return value. Bugzilla #7116.

3 files changed, 19 insertions, 4 deletions

diff --git a/ChangeLog b/ChangeLog
index b26eed8..979334c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2006-06-20  Matthieu Herrb <matthieu.herrb@laas.fr>
+	* session.c:
+	* xdmshell.c:
+	Check setuid() return value. Bugzilla #7116.
+
 2006-04-27  Alan Coopersmith  <alan.coopersmith@sun.com>
 
 	* configure.ac: 
diff --git a/session.c b/session.c
index a6e2605..3c3303c 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $XdotOrg: app/xdm/session.c,v 1.5 2006/03/16 21:46:55 alanc Exp $ */
+/* $XdotOrg: app/xdm/session.c,v 1.6 2006/04/08 00:22:23 alanc Exp $ */
 /* $Xorg: session.c,v 1.8 2001/02/09 02:05:40 xorgcvs Exp $ */
 /*
 
@@ -490,8 +490,14 @@ SessionExit (struct display *d, int status, int removeAuth)
     else
 	ResetServer (d);
     if (removeAuth) {
-	setgid (verify.gid);
-	setuid (verify.uid);
+	if (setgid (verify.gid) == -1) {
+	    LogError( "SessionExit: setgid: %s\n", strerror(errno));
+	    exit(status);
+	}
+	if (setuid (verify.uid) == -1) {
+	    LogError( "SessionExit: setuid: %s\n", strerror(errno));
+	    exit(status);
+	}
 	RemoveUserAuthorization (d, &verify);
 #ifdef K5AUTH
 	/* do like "kdestroy" program */
diff --git a/xdmshell.c b/xdmshell.c
index b8f8ddd..688ab4d 100644
--- a/xdmshell.c
+++ b/xdmshell.c
@@ -183,7 +183,11 @@ main (
 #endif
 
     /* make xdm run in a non-setuid environment */
-    setuid (geteuid());
+    if (setuid (geteuid()) == -1) {
+	fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",
+		ProgramName, errno, strerror(errno));
+	exit(1);
+    }
 
     /*
      * exec /usr/bin/X11/xdm -nodaemon -udpPort 0