|
1 Fix Irssi Security Advisory CVE-2016-7553 |
|
2 |
|
3 See: |
|
4 https://irssi.org/2016/09/22/buf.pl-update/ |
|
5 https://bugs.debian.org/838762 |
|
6 for more details. |
|
7 |
|
8 Upstream fix at: |
|
9 https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a |
|
10 |
|
11 --- irssi-0.8.20/scripts/buf.pl.orig 2016-09-26 07:11:00.851577101 +0000 |
|
12 +++ irssi-0.8.20/scripts/buf.pl 2016-09-26 07:09:56.469539888 +0000 |
|
13 @@ -5,7 +5,7 @@ |
|
14 settings_get_str settings_get_bool channels windows |
|
15 settings_add_str settings_add_bool get_irssi_dir |
|
16 window_find_refnum signal_stop); |
|
17 -$VERSION = '2.13'; |
|
18 +$VERSION = '2.20'; |
|
19 %IRSSI = ( |
|
20 authors => 'Juerd', |
|
21 contact => '[email protected]', |
|
22 @@ -13,10 +13,8 @@ |
|
23 description => 'Saves the buffer for /upgrade, so that no information is lost', |
|
24 license => 'Public Domain', |
|
25 url => 'http://juerd.nl/irssi/', |
|
26 - changed => 'Mon May 13 19:41 CET 2002', |
|
27 - changes => 'Severe formatting bug removed * oops, I ' . |
|
28 - 'exposed Irssi to ircII foolishness * sorry ' . |
|
29 - '** removed logging stuff (this is a fix)', |
|
30 + changed => 'Thu Sep 22 01:37 CEST 2016', |
|
31 + changes => 'Fixed file permissions (leaked everything via filesystem)', |
|
32 note1 => 'This script HAS TO BE in your scripts/autorun!', |
|
33 note2 => 'Perl support must be static or in startup', |
|
34 ); |
|
35 @@ -39,9 +37,15 @@ |
|
36 |
|
37 my %suppress; |
|
38 |
|
39 +sub _filename { sprintf '%s/scrollbuffer', get_irssi_dir } |
|
40 + |
|
41 sub upgrade { |
|
42 - open BUF, q{>}, sprintf('%s/scrollbuffer', get_irssi_dir) or die $!; |
|
43 - print BUF join("\0", map $_->{server}->{address} . $_->{name}, channels), "\n"; |
|
44 + my $fn = _filename; |
|
45 + my $old_umask = umask 0077; |
|
46 + open my $fh, q{>}, $fn or die "open $fn: $!"; |
|
47 + umask $old_umask; |
|
48 + |
|
49 + print $fh join("\0", map $_->{server}->{address} . $_->{name}, channels), "\n"; |
|
50 for my $window (windows) { |
|
51 next unless defined $window; |
|
52 next if $window->{name} eq 'status'; |
|
53 @@ -57,36 +61,39 @@ |
|
54 redo if defined $line; |
|
55 } |
|
56 } |
|
57 - printf BUF "%s:%s\n%s", $window->{refnum}, $lines, $buf; |
|
58 + printf $fh "%s:%s\n%s", $window->{refnum}, $lines, $buf; |
|
59 } |
|
60 - close BUF; |
|
61 + close $fh; |
|
62 unlink sprintf("%s/sessionconfig", get_irssi_dir); |
|
63 command 'layout save'; |
|
64 command 'save'; |
|
65 } |
|
66 |
|
67 sub restore { |
|
68 - open BUF, q{<}, sprintf('%s/scrollbuffer', get_irssi_dir) or die $!; |
|
69 - my @suppress = split /\0/, <BUF>; |
|
70 + my $fn = _filename; |
|
71 + open my $fh, q{<}, $fn or die "open $fn: $!"; |
|
72 + unlink $fn or warn "unlink $fn: $!"; |
|
73 + |
|
74 + my @suppress = split /\0/, readline $fh; |
|
75 if (settings_get_bool 'upgrade_suppress_join') { |
|
76 chomp $suppress[-1]; |
|
77 @suppress{@suppress} = (2) x @suppress; |
|
78 } |
|
79 active_win->command('^window scroll off'); |
|
80 - while (my $bla = <BUF>){ |
|
81 + while (my $bla = readline $fh){ |
|
82 chomp $bla; |
|
83 my ($refnum, $lines) = split /:/, $bla; |
|
84 next unless $lines; |
|
85 my $window = window_find_refnum $refnum; |
|
86 unless (defined $window){ |
|
87 - <BUF> for 1..$lines; |
|
88 + readline $fh for 1..$lines; |
|
89 next; |
|
90 } |
|
91 my $view = $window->view; |
|
92 $view->remove_all_lines(); |
|
93 $view->redraw(); |
|
94 my $buf = ''; |
|
95 - $buf .= <BUF> for 1..$lines; |
|
96 + $buf .= readline $fh for 1..$lines; |
|
97 my $sep = settings_get_str 'upgrade_separator'; |
|
98 $sep .= "\n" if $sep ne ''; |
|
99 $window->gui_printtext_after(undef, MSGLEVEL_CLIENTNOTICE, "$buf\cO$sep"); |
|
100 @@ -119,3 +126,10 @@ |
|
101 unless (-f sprintf('%s/scripts/autorun/buf.pl', get_irssi_dir)) { |
|
102 Irssi::print('PUT THIS SCRIPT IN ~/.irssi/scripts/autorun/ BEFORE /UPGRADING!!'); |
|
103 } |
|
104 + |
|
105 +# Remove any left-over file. If 'session' doesn't exist (created by irssi |
|
106 +# during /UPGRADE), neither should our file. |
|
107 +unless (-e sprintf('%s/session', get_irssi_dir)) { |
|
108 + my $fn = _filename; |
|
109 + unlink $fn or warn "unlink $fn: $!" if -e $fn; |
|
110 +} |