From 106ff1171d978a2dcb2fc2e55539d3a52f25d9d9 Mon Sep 17 00:00:00 2001
From: maya <maya@pkgsrc.org>
Date: Wed, 25 Jan 2017 00:18:02 +0000
Subject: Add patch fixing root exploit. Reported here:
 https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html

from dholland
---
 misc/screen/Makefile               |  3 ++-
 misc/screen/distinfo               |  4 ++--
 misc/screen/patches/patch-screen.c | 21 +++++++++++++++++++--
 3 files changed, 23 insertions(+), 5 deletions(-)

(limited to 'misc')

diff --git a/misc/screen/Makefile b/misc/screen/Makefile
index 0bfc905dec9..80ebde43ede 100644
--- a/misc/screen/Makefile
+++ b/misc/screen/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.98 2017/01/22 01:43:24 ryoon Exp $
+# $NetBSD: Makefile,v 1.99 2017/01/25 00:18:02 maya Exp $
 
 DISTNAME=	screen-4.5.0
+PKGREVISION=	1
 CATEGORIES=	misc shells
 MASTER_SITES=	${MASTER_SITE_GNU:=screen/}
 
diff --git a/misc/screen/distinfo b/misc/screen/distinfo
index 9701057b668..426131d9796 100644
--- a/misc/screen/distinfo
+++ b/misc/screen/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.43 2017/01/23 17:58:06 dholland Exp $
+$NetBSD: distinfo,v 1.44 2017/01/25 00:18:02 maya Exp $
 
 SHA1 (screen-4.5.0.tar.gz) = b329f538e7265405a5c14e13520e95ced9d2cb17
 RMD160 (screen-4.5.0.tar.gz) = cb412991fa2e3ffb6e4ec34449176eccb39a24a9
@@ -15,6 +15,6 @@ SHA1 (patch-am) = a721e311e7dde7938de0e9546a7892bfd104ebd1
 SHA1 (patch-an) = bda6c65148410a6c9a13afd8ad34f93e33731552
 SHA1 (patch-ao) = 91eecb62351aff720447eb48ea85aae70b62f9b6
 SHA1 (patch-ap) = 4176e95502754206d6840ce228c61371df947650
-SHA1 (patch-screen.c) = cb4a683f5c5238b176a892086d9295340bddf75b
+SHA1 (patch-screen.c) = 1c6a8af8cbdc66723649a9f6659e963150805b32
 SHA1 (patch-socket.c) = 09683cee3685a5c6d625e86aa97f6a09f4280b56
 SHA1 (patch-tty.sh) = 93b1fe856cf16640295cb822d60118dbd3734602
diff --git a/misc/screen/patches/patch-screen.c b/misc/screen/patches/patch-screen.c
index e6e170de6b6..7287cef80b3 100644
--- a/misc/screen/patches/patch-screen.c
+++ b/misc/screen/patches/patch-screen.c
@@ -1,8 +1,9 @@
-$NetBSD: patch-screen.c,v 1.1 2017/01/23 17:58:34 dholland Exp $
+$NetBSD: patch-screen.c,v 1.2 2017/01/25 00:18:02 maya Exp $
 
 Use standard headers.
+Don't open user-supplied paths as root.
 
---- screen.c~	2017-01-17 19:28:29.000000000 +0000
+--- screen.c.orig	2017-01-17 19:28:29.000000000 +0000
 +++ screen.c
 @@ -88,6 +88,8 @@
  # include <langinfo.h>
@@ -13,3 +14,19 @@ Use standard headers.
  #include "screen.h"
  #ifdef HAVE_BRAILLE
  # include "braille.h"
+@@ -674,11 +676,15 @@ int main(int ac, char** av)
+               if (strlen(screenlogfile) > PATH_MAX)
+                 Panic(0, "-L: logfile name too long. (max. %d char)", PATH_MAX);
+ 
++	      if (seteuid(getuid()) < 0)
++		Panic(0, "setuid 1");
+               FILE *w_check;
+               if ((w_check = fopen(screenlogfile, "w")) == NULL)
+                 Panic(0, "-L: logfile name access problem");
+               else
+                 fclose(w_check);
++	      if (seteuid(0) < 0)
++		Panic(0, "setuid 2");
+             }
+             nwin_options.Lflag = 1;
+             break;
-- 
cgit v1.2.3