Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/a2ps/patches/09_CVE-2001-1593.patch
author Vladimir Marek <Vladimir.Marek@oracle.com>
Tue, 13 Dec 2016 14:33:57 +0100
changeset 7807 faf888b8f422
parent 6897 95d141a9085b
permissions -rw-r--r--
PSARC 2017/051 Perl - remove current path ('.') from @INC 24404149 problem in UTILITY/PERL
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
6897
95d141a9085b 22834809 a2ps should be 64-bit
Rich Burridge <rich.burridge@oracle.com>
parents:
diff changeset 
     1
 
Fix CVE-2001-1593
95d141a9085b 22834809 a2ps should be 64-bit
Rich Burridge <rich.burridge@oracle.com>
parents:
diff changeset 
     2
 












95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     3


See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1593













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     4


     https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2001-1593













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     5


for more details.













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     6














95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     7


Index: b/lib/routines.c













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     8


===================================================================













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     9


--- a/lib/routines.c













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    10


+++ b/lib/routines.c













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    11


@@ -242,3 +242,50 @@













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    12


   /* Don't complain if you can't unlink.  Who cares of a tmp file? */













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    13


   unlink (filename);













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    14


 }













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    15


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    16


+/*













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    17


+ * Securely generate a temp file, and make sure it gets













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    18


+ * deleted upon exit.













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    19


+ */













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    20


+static char **	tempfiles;













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    21


+static unsigned	ntempfiles;













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    22


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    23


+static void













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    24


+cleanup_tempfiles()













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    25


+{













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    26


+	while (ntempfiles--)













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    27


+		unlink(tempfiles[ntempfiles]);













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    28


+}













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    29


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    30


+char *













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    31


+safe_tempnam(const char *pfx)













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    32


+{













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    33


+	char	*dirname, *filename;













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    34


+	int	fd;













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    35


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    36


+	if (!(dirname = getenv("TMPDIR")))













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    37


+		dirname = "/tmp";













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    38


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    39


+	tempfiles = (char **) realloc(tempfiles,













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    40


+			(ntempfiles+1) * sizeof(char *));













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    41


+	if (tempfiles == NULL)













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    42


+		return NULL;













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    43


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    44


+	filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    45


+	if (!filename)













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    46


+		return NULL;













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    47


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    48


+	sprintf(filename, "%s/%sXXXXXX", dirname, pfx);













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    49


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    50


+	if ((fd = mkstemp(filename)) < 0) {













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    51


+		free(filename);













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    52


+		return NULL;













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    53


+	}













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    54


+	close(fd);













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    55


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    56


+	if (ntempfiles == 0)













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    57


+		atexit(cleanup_tempfiles);













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    58


+	tempfiles[ntempfiles++] = filename;













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    59


+













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    60


+	return filename;













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    61


+}













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    62


Index: b/lib/routines.h













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    63


===================================================================













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    64


--- a/lib/routines.h













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    65


+++ b/lib/routines.h













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    66


@@ -255,7 +255,8 @@













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    67


 /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    68


 #define tempname_ensure(Str)				\













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    69


 do {							\













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    70


-  (Str) = (Str) ? (Str) : tempnam (NULL, "a2_");	\













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    71


+  (Str) = (Str) ? (Str) : safe_tempnam("a2_");	\













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    72


 } while (0)













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    73


+char * safe_tempnam(const char *);













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    74


 













95d141a9085b
22834809 a2ps should be 64-bit



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    75


 #endif















upstream/oracle/userland-gate