diff options
| author |   Daniel Pielmeier <billie@gentoo.org> | 2011-02-12 17:43:58 +0000 |
|---|---|---|
| committer | Daniel Pielmeier <billie@gentoo.org> | 2011-02-12 17:43:58 +0000 |
| commit | 7d41f1e35f9c521924e83bdaac7783b884d98f4c (patch) | |
| tree | 9e3a083057ed9da887f0184802eaef3a256a76ce /app-admin/conky/files | |
| parent | alpha/ia64/s390/sh/sparc stable wrt #344827 (diff) | |
| download | gentoo-2-7d41f1e35f9c521924e83bdaac7783b884d98f4c.tar.gz gentoo-2-7d41f1e35f9c521924e83bdaac7783b884d98f4c.tar.bz2 gentoo-2-7d41f1e35f9c521924e83bdaac7783b884d98f4c.zip | |
Updated patch security bug #354061.
(Portage version: 2.1.9.35/cvs/Linux i686)
Diffstat (limited to 'app-admin/conky/files')
| -rw-r--r-- | app-admin/conky/files/conky-1.8.1-secunia-SA43225.patch | 94 |
1 files changed, 70 insertions, 24 deletions
diff --git a/app-admin/conky/files/conky-1.8.1-secunia-SA43225.patch b/app-admin/conky/files/conky-1.8.1-secunia-SA43225.patch index afa33211f872..81272bd3764a 100644 --- a/app-admin/conky/files/conky-1.8.1-secunia-SA43225.patch +++ b/app-admin/conky/files/conky-1.8.1-secunia-SA43225.patch @@ -1,26 +1,72 @@ -From ac4a3682aecb9d6466fea4aebb183b5f8f632905 Mon Sep 17 00:00:00 2001 -From: Nikolas Garofil <nikolas@garofil.be> -Date: Thu, 10 Feb 2011 16:20:06 +0100 -Subject: [PATCH] Fix security bug in 's getSkillname - ---- - src/eve.cc | 3 ++- - 1 files changed, 2 insertions(+), 1 deletions(-) - -diff --git a/src/eve.cc b/src/eve.cc -index 187a5f4..29b8c45 100644 ---- a/src/eve.c -+++ b/src/eve.c -@@ -285,7 +285,8 @@ static char *getSkillname(const char *file, int skillid) - - if (!file_exists(file)) { - skilltree = getXmlFromAPI(NULL, NULL, NULL, EVEURL_SKILLTREE); -- writeSkilltree(skilltree, file); -+//2x file_exits() so that someone (malicious?) couldn't create it during during the previous call -+ if (!file_exists(file)) writeSkilltree(skilltree, file); - free(skilltree); +--- src/eve.c 2011-02-12 13:26:34.636269667 +0100 ++++ src/eve.c 2011-02-12 13:26:48.242936334 +0100 +@@ -254,19 +254,6 @@ } + } + +-static int file_exists(const char *filename) +-{ +- struct stat fi; +- +- if ((stat(filename, &fi)) == 0) { +- if (fi.st_size > 0) +- return 1; +- else +- return 0; +- } else +- return 0; +-} +- + static void writeSkilltree(char *content, const char *filename) + { + FILE *fp = fopen(filename, "w"); +@@ -283,13 +270,12 @@ + xmlDocPtr doc = 0; + xmlNodePtr root = 0; + +- if (!file_exists(file)) { +- skilltree = getXmlFromAPI(NULL, NULL, NULL, EVEURL_SKILLTREE); +- writeSkilltree(skilltree, file); +- free(skilltree); +- } ++ skilltree = getXmlFromAPI(NULL, NULL, NULL, EVEURL_SKILLTREE); ++ writeSkilltree(skilltree, file); ++ free(skilltree); + + doc = xmlReadFile(file, NULL, 0); ++ unlink(file); + if (!doc) + return NULL; + +@@ -340,7 +326,7 @@ + static char *eve(char *userid, char *apikey, char *charid) + { + Character *chr = NULL; +- const char *skillfile = "/tmp/.cesf"; ++ char skillfile[] = "/tmp/.cesfXXXXXX"; + int i = 0; + char *output = 0; + char *timel = 0; +@@ -348,6 +334,7 @@ + char *content = 0; + time_t now = 0; + char *error = 0; ++ int tmp_fd, old_umask; + + + for (i = 0; i < MAXCHARS; i++) { +@@ -400,6 +387,14 @@ + + output = (char *)malloc(200 * sizeof(char)); + timel = formatTime(&chr->ends); ++ old_umask = umask(0066); ++ tmp_fd = mkstemp(skillfile); ++ umask(old_umask); ++ if (tmp_fd == -1) { ++ error = strdup("Cannot create temporary file"); ++ return error; ++ } ++ close(tmp_fd); + skill = getSkillname(skillfile, chr->skill); --- -1.7.0.4 - + chr->skillname = strdup(skill); |