From: Deanna Phillips (deannasdf.lonestar.org)
Date: Wed Aug 02 2006 - 01:47:03 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Seems any user can run hotplugd -d <anything>, which causes it
to loop forever trying to write an an unknown event to syslog.

Like..

$ /usr/sbin/hotplugd -d ~/kitten.avi

$ tail /var/log/daemon
Aug 2 02:27:03 poa-alpina hotplugd[32175]: unknown event (0xb77)
Aug 2 02:27:03 poa-alpina hotplugd[32175]: unknown event (0x0)
Aug 2 02:27:03 poa-alpina hotplugd[32175]: unknown event (0x27c)
Aug 2 02:27:03 poa-alpina hotplugd[32175]: unknown event (0x0)
Aug 2 02:27:03 poa-alpina hotplugd[32175]: unknown event (0xf8c)
Aug 2 02:27:03 poa-alpina hotplugd[32175]: unknown event (0x0)

[...]

Aug 2 02:27:33 poa-alpina last message repeated 464559 times
Aug 2 02:29:34 poa-alpina last message repeated 1767570 times
Aug 2 02:39:35 poa-alpina last message repeated 8555548 times

How's this?

Index: hotplugd.8
===================================================================
RCS file: /cvs/src/usr.sbin/hotplugd/hotplugd.8,v
retrieving revision 1.5
diff -u -p -r1.5 hotplugd.8
--- hotplugd.8 2006/06/01 09:22:41 1.5
+++ hotplugd.8 2006/08/02 06:04:16
-22,7 +22,6
 .Nd devices hot plugging monitor daemon
 .Sh SYNOPSIS
 .Nm hotplugd
-.Op Fl d Ar device
 .Sh DESCRIPTION
 The
 .Nm
-31,12 +30,9 daemon monitors the
 pseudo-device, acting on signaled events by executing the scripts in the
 .Pa /etc/hotplug
 directory.
-By default it uses the
+It reads events from the
 .Pa /dev/hotplug
-device for reading events from, but an alternative device can be
-specified with the
-.Fl d
-option.
+device.
 .Pp
 Actions can be configured either for device attachment or detachment.
 On device attachment the
Index: hotplugd.c
===================================================================
RCS file: /cvs/src/usr.sbin/hotplugd/hotplugd.c,v
retrieving revision 1.7
diff -u -p -r1.7 hotplugd.c
--- hotplugd.c 2006/05/28 16:44:52 1.7
+++ hotplugd.c 2006/08/02 06:04:16
-20,6 +20,7
  */
 
 #include <sys/types.h>
+#include <sys/stat.h>
 #include <sys/device.h>
 #include <sys/hotplug.h>
 #include <sys/wait.h>
-45,8 +46,6
 #define _LOG_OPT (LOG_NDELAY | LOG_PID)
 
 volatile sig_atomic_t quit = 0;
-char *device = _PATH_DEV_HOTPLUG;
-int devfd = -1;
 
 void exec_script(const char *, int, char *);
 
-57,24 +56,23 __dead void usage(void);
 int
 main(int argc, char *argv[])
 {
- int ch;
+ int devfd;
         struct sigaction sact;
         struct hotplug_event he;
+ struct stat devst;
 
- while ((ch = getopt(argc, argv, "d:")) != -1)
- switch (ch) {
- case 'd':
- device = optarg;
- break;
- case '?':
- default:
- usage();
- /* NOTREACHED */
- }
+ if (argc > 1)
+ usage();
 
- if ((devfd = open(device, O_RDONLY)) == -1)
- err(1, "%s", device);
+ if ((devfd = open(_PATH_DEV_HOTPLUG, O_RDONLY)) == -1)
+ err(1, "%s", _PATH_DEV_HOTPLUG);
 
+ if (fstat(devfd, &devst) == -1)
+ err(1, "%s stat", _PATH_DEV_HOTPLUG);
+
+ if ((devst.st_mode & S_IFCHR) == 0)
+ errx(1, "%s is not a character device", _PATH_DEV_HOTPLUG);
+
         bzero(&sact, sizeof(sact));
         sigemptyset(&sact.sa_mask);
         sact.sa_flags = 0;
-117,6 +115,8 main(int argc, char *argv[])
                         break;
                 default:
                         syslog(LOG_NOTICE, "unknown event (0x%x)", he.he_type);
+ quit = 1;
+ break;
                 }
         }
 
-198,6 +198,6 usage(void)
 {
         extern char *__progname;
 
- fprintf(stderr, "usage: %s [-d device]\n", __progname);
+ fprintf(stderr, "usage: %s\n", __progname);
         exit(1);
 }

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]