Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
ecryptfs-utils
CVE-2011-1837.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2011-1837.patch of Package ecryptfs-utils
Description: fix arbitrary file overwrite via lock counter race condition Author: Marc Deslauriers <marc.deslauriers@canonical.com> Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/732628 Index: ecryptfs-utils-83/src/utils/mount.ecryptfs_private.c =================================================================== --- ecryptfs-utils-83.orig/src/utils/mount.ecryptfs_private.c +++ ecryptfs-utils-83/src/utils/mount.ecryptfs_private.c @@ -307,26 +307,27 @@ FILE *lock_counter(char *u, int uid) { * file, or it's not owned by the current user, append iterator * until we find a filename we can use. */ - while (1) { - if (stat(f, &s)==0 && (!S_ISREG(s.st_mode) || s.st_uid!=uid)) { - free(f); + while (i < 50) { + if (((fd = open(f, O_RDWR | O_CREAT | O_NOFOLLOW, 0600)) >= 0) && + (fstat(fd, &s)==0 && (S_ISREG(s.st_mode) && s.st_uid==uid))) { + break; + } else { + if (fd >= 0) + close(fd); + free (f); if (asprintf(&f, "%s/%s-%s-%s-%d", TMP, FSTYPE, u, ECRYPTFS_PRIVATE_DIR, i++) < 0) { perror("asprintf"); return NULL; } - } else { - break; } } - /* open file for reading and writing */ - if ((fd = open(f, O_RDWR)) < 0) { - /* Could not open it, so try to safely create it */ - if ((fd = open(f, O_RDWR | O_CREAT | O_EXCL, 0600)) < 0) { - perror("open"); - return NULL; - } + + if (fd < 0) { + perror("open"); + return NULL; } + flock(fd, LOCK_EX); fh = fdopen(fd, "r+"); if (fh == NULL) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor