diff options
author | salo <salo> | 2005-04-11 18:44:54 +0000 |
---|---|---|
committer | salo <salo> | 2005-04-11 18:44:54 +0000 |
commit | 46ab41257ae465b8e54008b4990086ffe89f8e61 (patch) | |
tree | 2ed3c73cdca7ec0bf5e6514a82eaff4065f726a4 /archivers/gsharutils/patches | |
parent | d129ac5d72e1e31d1710b8d0ef67ca6635716f24 (diff) | |
download | pkgsrc-46ab41257ae465b8e54008b4990086ffe89f8e61.tar.gz |
Security fix for SA14551:
"A vulnerability in GNU Sharutils was reported, which can be potentially
exploited by malicious, local users to conduct certain actions on
a vulnerable system with escalated privileges."
Patch from Debian. Bump PKGREVISION.
Diffstat (limited to 'archivers/gsharutils/patches')
-rw-r--r-- | archivers/gsharutils/patches/patch-ah | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/archivers/gsharutils/patches/patch-ah b/archivers/gsharutils/patches/patch-ah index 088399f8c18..8d693bcf6c0 100644 --- a/archivers/gsharutils/patches/patch-ah +++ b/archivers/gsharutils/patches/patch-ah @@ -1,7 +1,7 @@ -$NetBSD: patch-ah,v 1.5 2005/03/31 14:17:05 salo Exp $ +$NetBSD: patch-ah,v 1.6 2005/04/11 18:44:54 salo Exp $ --- src/unshar.c.orig 1995-11-21 17:22:14.000000000 +0100 -+++ src/unshar.c 2005-03-31 15:33:03.000000000 +0200 ++++ src/unshar.c 2005-04-11 20:37:40.000000000 +0200 @@ -346,8 +346,8 @@ { size_t size_read; @@ -34,3 +34,21 @@ $NetBSD: patch-ah,v 1.5 2005/03/31 14:17:05 salo Exp $ } if (file = fopen (name_buffer, "r"), !file) error (EXIT_FAILURE, errno, name_buffer); +@@ -424,13 +424,15 @@ + } + else + { ++#ifdef __MSDOS__ + sprintf (name_buffer, "/tmp/unsh.%05d", (int) getpid ()); + unlink (name_buffer); + + if (file = fopen (name_buffer, "w+"), !file) + error (EXIT_FAILURE, errno, name_buffer); +-#ifndef __MSDOS__ +- unlink (name_buffer); /* will be deleted on fclose */ ++#else ++ if (file = tmpfile(), !file) ++ error (EXIT_FAILURE, errno, "tmpfile"); + #endif + + while (size_read = fread (copy_buffer, 1, sizeof (copy_buffer), stdin), |