diff options
| author | is <is> | 2012-12-15 09:26:07 +0000 |
|---|---|---|
| committer | is <is> | 2012-12-15 09:26:07 +0000 |
| commit | b9450647cbf758f44f7eedd6a4d90f58e1d1d7d9 (patch) | |
| tree | 64f175513f0cf64f73c384e769297903f8f1dc06 | |
| parent | 0d8304fef799fdb0df7f173b67807ecabad2feab (diff) | |
| download | pkgsrc-b9450647cbf758f44f7eedd6a4d90f58e1d1d7d9.tar.gz | |
Fix CVE-2011-4028: File disclosure vulnerability.
use O_NOFOLLOW to open the existing lock file, so symbolic links
aren't followed, thus avoid revealing if it point to an existing
file. Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Fix CVE-2011-4029: File permission change vulnerability.
Use fchmod() to change permissions of the lock file instead of
chmod(), thus avoid the race that can be exploited to set a symbolic
link to any file or directory in the system. Signed-off-by: Matthieu
Herrb <matthieu.herrb@laas.fr> Reviewed-by: Alan Coopersmith
<alan.coopersmith@oracle.com>
| -rw-r--r-- | x11/modular-xorg-server/Makefile | 4 | ||||
| -rw-r--r-- | x11/modular-xorg-server/distinfo | 3 | ||||
| -rw-r--r-- | x11/modular-xorg-server/patches/patch-os_utils.c | 22 |
3 files changed, 26 insertions, 3 deletions
diff --git a/x11/modular-xorg-server/Makefile b/x11/modular-xorg-server/Makefile index 83b3bde57de..03c60f3eb9f 100644 --- a/x11/modular-xorg-server/Makefile +++ b/x11/modular-xorg-server/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.72 2012/10/29 05:06:40 asau Exp $ +# $NetBSD: Makefile,v 1.73 2012/12/15 09:26:07 is Exp $ # DISTNAME= xorg-server-1.6.5 PKGNAME= modular-${DISTNAME} -PKGREVISION= 13 +PKGREVISION= 14 CATEGORIES= x11 MASTER_SITES= ${MASTER_SITE_XORG:=xserver/} EXTRACT_SUFX= .tar.bz2 diff --git a/x11/modular-xorg-server/distinfo b/x11/modular-xorg-server/distinfo index b76cea0b58f..7bef0a7cc48 100644 --- a/x11/modular-xorg-server/distinfo +++ b/x11/modular-xorg-server/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.46 2012/05/04 16:40:01 joerg Exp $ +$NetBSD: distinfo,v 1.47 2012/12/15 09:26:07 is Exp $ SHA1 (xorg-server-1.6.5.tar.bz2) = c57c80dd15d3ca492e58ae993b9015d085ec6ea6 RMD160 (xorg-server-1.6.5.tar.bz2) = 702970358a5643dbc9205f42e39c5b8ed2ff845a @@ -26,6 +26,7 @@ SHA1 (patch-bm) = 9c7192eb98816165d8fb16af465e0056045280b2 SHA1 (patch-bn) = 27dffea8ce05ac79fd438818fba463f57776f2af SHA1 (patch-bo) = ee05a01c6b1d4d0b759d8372f16c5f752273f73e SHA1 (patch-configure) = 031bc0accf1dd71ed687e7aac3fcc9498cb06784 +SHA1 (patch-os_utils.c) = 949384a74c5702c863dea7387bfe18952c92b239 SHA1 (patch-sa) = 349bad3f5f7e6bc3b7d37ab37fb6d2a0e6f4d7f0 SHA1 (patch-sb) = 48c22a62b30c6bc4d5786624bc264fee30a9bb81 SHA1 (patch-sc) = dd93e15253b78395050d65df0f972e57ccf546e0 diff --git a/x11/modular-xorg-server/patches/patch-os_utils.c b/x11/modular-xorg-server/patches/patch-os_utils.c new file mode 100644 index 00000000000..5763a102380 --- /dev/null +++ b/x11/modular-xorg-server/patches/patch-os_utils.c @@ -0,0 +1,22 @@ +$NetBSD: patch-os_utils.c,v 1.1 2012/12/15 09:26:07 is Exp $ + +--- os/utils.c.orig 2009-10-12 02:52:40.000000000 +0000 ++++ os/utils.c +@@ -315,7 +315,7 @@ LockServer(void) + FatalError("Could not create lock file in %s\n", tmp); + (void) sprintf(pid_str, "%10ld\n", (long)getpid()); + (void) write(lfd, pid_str, 11); +- (void) chmod(tmp, 0444); ++ (void) fchmod(lfd, 0444); + (void) close(lfd); + + /* +@@ -336,7 +336,7 @@ LockServer(void) + /* + * Read the pid from the existing file + */ +- lfd = open(LockFile, O_RDONLY); ++ lfd = open(LockFile, O_RDONLY|O_NOFOLLOW); + if (lfd < 0) { + unlink(tmp); + FatalError("Can't read lock file %s\n", LockFile); |