1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
$NetBSD: patch-ad,v 1.1 2000/06/30 17:07:36 danw Exp $
Fixes from glibc
--- intl/dcgettext.c.orig Fri Jun 23 03:13:56 2000
+++ intl/dcgettext.c Fri Jun 23 03:42:33 2000
@@ -217,6 +217,17 @@
# define DCGETTEXT dcgettext__
#endif
+static int enable_secure;
+# define ENABLE_SECURE (enable_secure == 1)
+# define DETERMINE_SECURE \
+ if (enable_secure == 0) \
+ { \
+ if (getuid () != geteuid () || getgid () != getegid ()) \
+ enable_secure = 1; \
+ else \
+ enable_secure = -1; \
+ }
+
/* Look up MSGID in the DOMAINNAME message catalog for the current CATEGORY
locale. */
char *
@@ -241,6 +252,9 @@
if (msgid == NULL)
return NULL;
+ /* See whether this is a SUID binary or not. */
+ DETERMINE_SECURE;
+
/* If DOMAINNAME is NULL, we are interested in the default domain. If
CATEGORY is not LC_MESSAGES this might not make much sense but the
defintion left this undefined. */
@@ -339,6 +353,15 @@
while (categoryvalue[0] != '\0' && categoryvalue[0] != ':')
*cp++ = *categoryvalue++;
*cp = '\0';
+
+ /* When this is a SUID binary we must not allow accessing files
+ outside the dedicated directories. */
+ if (ENABLE_SECURE
+ && (memchr (single_locale, '/',
+ _nl_find_language (single_locale) - single_locale)
+ != NULL))
+ /* Ignore this entry. */
+ continue;
}
/* If the current locale value is C (or POSIX) we don't load a
@@ -396,7 +419,8 @@
struct loaded_l10nfile *domain_file;
const char *msgid;
{
- size_t top, act, bottom;
+ size_t act = 0;
+ size_t top, bottom;
struct loaded_domain *domain;
if (domain_file->decided == 0)
|
