Description: CVE-2017-6964: Check the return values when dropping privileges
Author: Tyler Hicks <tyhicks@canonical.com>
Bug-Ubuntu: https://launchpad.net/bugs/1673627

diff -Nurp eject-2.1.5+deb1+cvs20081104.old/dmcrypt-get-device.c eject-2.1.5+deb1+cvs20081104/dmcrypt-get-device.c
--- eject-2.1.5+deb1+cvs20081104.old/dmcrypt-get-device.c	2017-03-17 14:50:27.000000000 +0000
+++ eject-2.1.5+deb1+cvs20081104/dmcrypt-get-device.c	2017-03-17 14:27:46.491101435 +0000
@@ -58,8 +58,10 @@ main (int argc, char** argv)
         return 1;
 
     /* Drop all privileges */
-    setgid(getgid());
-    setuid(getuid());
+    if (setgid(getgid()))
+        return 1;
+    if (setuid(getuid()))
+        return 1;
 
     if (!dm_task_get_info(dmt, &dmi))
         return 1;