strcpy() can be changed on strscpy() with obvious borders check. That should be more safe than the current function.
|
strcpy(uwsgi.orig_argv[i], uwsgi.argv[i]); |
To avoid misunderstandings, I would like to clarify whether isolation is being performed correctly and whether it is necessary to add chdir() after calling chroot() here, since I am not sure that calling one function separately from another, which in the future may lead to work in a different directory from the isolated one.
|
if (chroot(uwsgi.chroot)) { |
|
uwsgi_error("chroot()"); |
|
exit(1); |
Thank you for your attention.
Found by Linux Verification Center with SVACE
strcpy()can be changed onstrscpy()with obvious borders check. That should be more safe than the current function.uwsgi/core/utils.c
Line 3193 in 8d116f7
To avoid misunderstandings, I would like to clarify whether isolation is being performed correctly and whether it is necessary to add chdir() after calling chroot() here, since I am not sure that calling one function separately from another, which in the future may lead to work in a different directory from the isolated one.
uwsgi/core/utils.c
Lines 587 to 589 in 8d116f7
Thank you for your attention.
Found by Linux Verification Center with SVACE