File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -50,6 +50,10 @@ pair() {
5050 # (which causes a SIGPIPE to get sent). So the `kill` ensures the
5151 # subshell is killed without the user having to type something
5252 # additional that would cause the command to exit.
53+ #
54+ # FIXME: Technically, `echo` puts a secret value into an process
55+ # argument list, which isn't great. However, the window for
56+ # exploitation here is microscopic.
5357 { socat STDIO unix-connect:" ${socket} " ; kill $! ; } < <(
5458 echo -n " ${token} " ; cat -
5559 )
Original file line number Diff line number Diff line change @@ -282,7 +282,13 @@ impl SudoPair {
282282 ) . context ( ErrorKind :: CommunicationError ) ?;
283283
284284 let mut response : [ u8 ; 16 ] = [ 0 ; 16 ] ;
285- let _ = socket. read_exact ( & mut response)
285+
286+ // TODO: read_exact will cause this process to block
287+ // indefinitely (even on Ctrl-C) until the correct number of
288+ // bytes are read; this won't happen in normal circumstances,
289+ // but a bug in (or untimely exit of) the approval script can
290+ // cause this process to hang and require being killed
291+ socket. read_exact ( & mut response)
286292 . context ( ErrorKind :: CommunicationError ) ?;
287293
288294 // non-constant comparison is fine here since a comparison
You can’t perform that action at this time.
0 commit comments