From d628b9c96acfcfddf89abe091c40cc18785d8b63 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Fri, 26 Feb 2010 03:44:21 +0100
Subject: Check seteuid() return value.

---
 NEWS   |  1 +
 sink.c | 10 ++++++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 32807eef..4bff3c52 100644
--- a/NEWS
+++ b/NEWS
@@ -63,6 +63,7 @@ fetchmail 6.3.15 (not yet released):
 * Log operating system errors when BSMTP writes fail.
 * Fix verbose mode progress formatting regression from 6.3.10; SMTP trace lines
   were no longer on a line of their own. Reported by Melchior Franz.
+* Check seteuid() return value and abort running MDA if switch fails.
 
 # CHANGES
 * The repository has been converted and moved from the Subversion (SVN) format
diff --git a/sink.c b/sink.c
index e1f008c9..675c2b95 100644
--- a/sink.c
+++ b/sink.c
@@ -1235,7 +1235,10 @@ static int open_mda_sink(struct query *ctl, struct msgblk *msg,
      * under all BSDs and Linux)
      */
     orig_uid = getuid();
-    seteuid(ctl->uid);
+    if (seteuid(ctl->uid)) {
+	report(stderr, GT_("Cannot switch effective user id to %ld: %s\n"), (long)ctl->uid, strerror(errno));
+	return PS_IOERR;
+    }
 #endif /* HAVE_SETEUID */
 
     sinkfp = popen(before, "w");
@@ -1244,7 +1247,10 @@ static int open_mda_sink(struct query *ctl, struct msgblk *msg,
 
 #ifdef HAVE_SETEUID
     /* this will fail quietly if we didn't start as root */
-    seteuid(orig_uid);
+    if (seteuid(orig_uid)) {
+	report(stderr, GT_("Cannot switch effective user id back to original %ld: %s\n"), (long)orig_uid, strerror(errno));
+	return PS_IOERR;
+    }
 #endif /* HAVE_SETEUID */
 
     if (!sinkfp)
-- 
cgit v1.2.3