VAR/KableDistro
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-08-20. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
Main
KableDistro/base-source/gzip-1.3.5-security_fixes-1.patch

64 lines
2.0 KiB
Diff
Raw Permalink Blame History

Submitted By: Matthew Burgess (matthew at linuxfromscratch dot org)
Origin: http://security.ubuntu.com/ubuntu/pool/main/g/gzip/gzip_1.3.5-9ubuntu3.1.diff.gz
Date: 2005-05-12
Initial package version: 1.3.5
Description: Fix two security vulnerabilities in gzip: A path traversal
bug when using the -N option (CAN-2005-1228) and a race condition in the
file permission restore code (CAN-2005-0998).
diff -Naur gzip-1.3.5.orig/gzip.c gzip-1.3.5/gzip.c
--- gzip-1.3.5.orig/gzip.c 2002-09-28 07:38:43.000000000 +0000
+++ gzip-1.3.5/gzip.c 2005-05-12 19:15:14.796031360 +0000
@@ -875,8 +875,11 @@
}
close(ifd);
- if (!to_stdout && close(ofd)) {
- write_error();
+ if (!to_stdout) {
+ /* Copy modes, times, ownership, and remove the input file */
+ copy_stat(&istat);
+ if (close(ofd))
+ write_error();
}
if (method == -1) {
if (!to_stdout) xunlink (ofname);
@@ -896,10 +899,6 @@
}
fprintf(stderr, "\n");
}
- /* Copy modes, times, ownership, and remove the input file */
- if (!to_stdout) {
- copy_stat(&istat);
- }
}
/* ========================================================================
@@ -1324,6 +1323,8 @@
error("corrupted input -- file name too large");
}
}
+ char *base2 = base_name (base);
+ strcpy(base, base2);
/* If necessary, adapt the name to local OS conventions: */
if (!list) {
MAKE_LEGAL_NAME(base);
@@ -1725,7 +1726,7 @@
reset_times(ofname, ifstat);
#endif
/* Copy the protection modes */
- if (chmod(ofname, ifstat->st_mode & 07777)) {
+ if (fchmod(ofd, ifstat->st_mode & 07777)) {
int e = errno;
WARN((stderr, "%s: ", progname));
if (!quiet) {
@@ -1734,7 +1735,7 @@
}
}
#ifndef NO_CHOWN
- chown(ofname, ifstat->st_uid, ifstat->st_gid); /* Copy ownership */
+ fchown(ofd, ifstat->st_uid, ifstat->st_gid); /* Copy ownership */
#endif
remove_ofname = 0;
/* It's now safe to remove the input file: */
Reference in New Issue View Git Blame Copy Permalink