author | Misaki Miyashita <Misaki.Miyashita@Oracle.COM> |
Tue, 06 Aug 2013 08:08:18 -0700 | |
branch | s11-update |
changeset 2717 | da0ef75be98f |
parent 927 | 19eda0ce91e0 |
permissions | -rw-r--r-- |
927
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
1 |
# |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
2 |
# Backported to bash 4.1 from: |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
3 |
# http://lists.gnu.org/archive/html/bug-bash/2012-07/msg00027.html |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
4 |
# Also see: |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
5 |
# https://bugzilla.redhat.com/show_bug.cgi?id=840091 |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
6 |
# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410 |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
7 |
# |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
8 |
--- lib/sh/eaccess.c 2008-08-12 08:50:01.000000000 -0700 |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
9 |
+++ lib/sh/eaccess.c 2012-07-24 09:39:37.970186946 -0700 |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
10 |
@@ -40,6 +40,10 @@ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
11 |
#if !defined (_POSIX_VERSION) && defined (HAVE_SYS_FILE_H) |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
12 |
# include <sys/file.h> |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
13 |
#endif /* !_POSIX_VERSION */ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
14 |
+ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
15 |
+#include <string.h> /* memset(3C) */ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
16 |
+#include <limits.h> /* _XOPEN_PATH_MAX */ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
17 |
+ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
18 |
#include "posixstat.h" |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
19 |
#include "filecntl.h" |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
20 |
|
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
21 |
@@ -82,6 +86,8 @@ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
22 |
const char *path; |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
23 |
struct stat *finfo; |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
24 |
{ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
25 |
+ static char pbuf[_XOPEN_PATH_MAX + 1]; |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
26 |
+ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
27 |
if (*path == '\0') |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
28 |
{ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
29 |
errno = ENOENT; |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
30 |
@@ -106,9 +112,10 @@ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
31 |
trailing slash. Make sure /dev/fd/xx really uses DEV_FD_PREFIX/xx. |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
32 |
On most systems, with the notable exception of linux, this is |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
33 |
effectively a no-op. */ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
34 |
- char pbuf[32]; |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
35 |
+ (void) memset (pbuf, '\0', sizeof(pbuf)); |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
36 |
strcpy (pbuf, DEV_FD_PREFIX); |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
37 |
- strcat (pbuf, path + 8); |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
38 |
+ strncat (pbuf, path + 8, |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
39 |
+ (size_t) (sizeof(pbuf) - sizeof(DEV_FD_PREFIX))); |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
40 |
return (stat (pbuf, finfo)); |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
41 |
#endif /* !HAVE_DEV_FD */ |
19eda0ce91e0
7186425 potential stack corruption in bash <= 4.2-033
Stefan Teleman <stefan.teleman@oracle.com>
parents:
diff
changeset
|
42 |
} |