fedora 25
misc weakness #467

4

Weakness Breakdown


Definition:

The software specifies permissions for a security-critical resource in a way that allows the resource to be read or modified by unintended actors.

Warning code(s):

This function is obsolete and not portable. It was in SUSv2 but removed by POSIX.2. What it does exactly varies considerably between systems, particularly in where its prompt is displayed and where it gets its data.

File Name:

fsarchiver-0.6.22/src/fsarchiver.c

Context:

The highlighted line of code below is the trigger point of this particular Fedora 25 misc weakness.

     if (runasroot==true && geteuid()!=0)
    {   errprintf("\"fsarchiver %s\" must be run as root. cannot continue.\n", command);
        return -1;
    }
    
    // interactive password
    if (strcmp((char*)g_options.encryptpass, "-")==0)
    {
        int passconfirm;
        char *passtmp=NULL;
         
        passconfirm = (cmd==OPER_SAVEFS || cmd==OPER_SAVEDIR);
        if ((passtmp=getpass("Enter password: "))==NULL)
        {   errprintf("failed to get interactive password from the console\n");
            return -1;
        }
        if (strlen(passtmp)<FSA_MIN_PASSLEN || strlen(passtmp)>FSA_MAX_PASSLEN)
        {   errprintf("the password lenght is incorrect, it must between %d and %d chars\n", FSA_MIN_PASSLEN, FSA_MAX_PASSLEN);
            return -1;
        }
        snprintf((char*)g_options.encryptpass, FSA_MAX_PASSLEN, "%s", passtmp);
        
        if (passconfirm==true)
        {
            if ((passtmp=getpass("Confirm password: "))==NULL)
            {   errprintf("failed to get interactive password from the console\n");
                return -1;
            }
            if (strcmp((char*)g_options.encryptpass, passtmp)!=0)
            {   errprintf("the passwords do not match\n");
                return -1;
            }
        }
    }
    
    // commands that require an archive as the first argument
    switch (cmd)
    {
        case OPER_SAVEFS:
        case OPER_RESTFS:
        case OPER_SAVEDIR:
        case OPER_RESTDIR:
        case OPER_ARCHINFO:
            archive=*argv++, argc--;
            break;
        case OPER_PROBE:
            probedetailed=false; // do "simple" by default
            if (g_options.verboselevel>0)
                probedetailed=true;
            if (argc>0) 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.