From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1N6Us2-0005rE-Qy for garchives@archives.gentoo.org; Fri, 06 Nov 2009 19:53:19 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 674A9E0941; Fri, 6 Nov 2009 19:53:18 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 24C03E0941 for ; Fri, 6 Nov 2009 19:53:18 +0000 (UTC) Received: from stork.gentoo.org (stork.gentoo.org [64.127.104.133]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id 8B74A67BCA for ; Fri, 6 Nov 2009 19:53:17 +0000 (UTC) Received: from mrpouet by stork.gentoo.org with local (Exim 4.69) (envelope-from ) id 1N6Us0-0007Nn-Lg for gentoo-commits@lists.gentoo.org; Fri, 06 Nov 2009 19:53:16 +0000 From: "Romain Perier (mrpouet)" To: gentoo-commits@lists.gentoo.org Reply-To: gentoo-dev@lists.gentoo.org, mrpouet@gentoo.org Subject: [gentoo-commits] gentoo-x86 commit in dev-libs/glib/files: glib2-CVE-2009-3289.patch X-VCS-Repository: gentoo-x86 X-VCS-Files: glib2-CVE-2009-3289.patch X-VCS-Directories: dev-libs/glib/files X-VCS-Committer: mrpouet X-VCS-Committer-Name: Romain Perier Content-Type: text/plain; charset=utf8 Message-Id: Sender: Romain Perier Date: Fri, 06 Nov 2009 19:53:16 +0000 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 63b17797-7764-4ab5-b2d3-e3624e3f252a X-Archives-Hash: dcce25544d8d150535ce69746a4c416b mrpouet 09/11/06 19:53:16 Added: glib2-CVE-2009-3289.patch Log: Fix bug #286102, symlink permission error (CVE-2009-3289), new revision= . (Portage version: 2.2_rc48/cvs/Linux x86_64) Revision Changes Path 1.1 dev-libs/glib/files/glib2-CVE-2009-3289.patch file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/glib/file= s/glib2-CVE-2009-3289.patch?rev=3D1.1&view=3Dmarkup plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/glib/file= s/glib2-CVE-2009-3289.patch?rev=3D1.1&content-type=3Dtext/plain Index: glib2-CVE-2009-3289.patch =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Patch for bug 286102 from upstream git. It includes the following 5 commi= ts: commit 3826963e65d8c4c68bcd3e4066505f63ef734b95 Author: Benjamin Otte Date: Tue Sep 1 21:53:35 2009 +0200 commit 48e0af0157f52ac12b904bd92540432a18b139c7 Author: Benjamin Otte Date: Tue Sep 1 21:26:08 2009 +0200 commit bb7852e34b1845e516290e1b45a960a345ee8a43 Author: Benjamin Otte Date: Tue Sep 1 20:36:31 2009 +0200 commit fc44bf40a4eff8e122b223e97ee5efcbc548be03 Author: Benjamin Otte Date: Tue Sep 1 12:48:55 2009 +0200 commit e695c0932f5d02f3b222f0b7a3de1f8c00ba7b81 Author: Benjamin Otte Date: Tue Sep 1 11:54:48 2009 +0200 Patch generated by a3li@gentoo.org, CVE available for 2.20.5 only (see timeline). diff --git a/configure.in b/configure.in index 7bda924..e2a33b5 100644 --- a/configure.in +++ b/configure.in @@ -952,7 +952,7 @@ AC_MSG_RESULT(unsigned $glib_size_type) =20 # Check for some functions AC_CHECK_FUNCS(lstat strerror strsignal memmove vsnprintf stpcpy strcase= cmp strncasecmp poll getcwd vasprintf setenv unsetenv getc_unlocked readl= ink symlink fdwalk) -AC_CHECK_FUNCS(chown lchown fchmod fchown link statvfs statfs utimes get= grgid getpwuid) +AC_CHECK_FUNCS(chown lchmod lchown fchmod fchown link statvfs statfs uti= mes getgrgid getpwuid) AC_CHECK_FUNCS(getmntent_r setmntent endmntent hasmntopt getmntinfo) # Check for high-resolution sleep functions AC_CHECK_FUNCS(nanosleep nsleep) diff --git a/gio/glocalfileinfo.c b/gio/glocalfileinfo.c index 72a59b5..a61cc55 100644 --- a/gio/glocalfileinfo.c +++ b/gio/glocalfileinfo.c @@ -1869,15 +1869,40 @@ get_string (const GFileAttributeValue *value, =20 static gboolean set_unix_mode (char *filename, + GFileQueryInfoFlags flags, const GFileAttributeValue *value, GError **error) { guint32 val; + int res =3D 0; =20 if (!get_uint32 (value, &val, error)) return FALSE; - =20 - if (g_chmod (filename, val) =3D=3D -1) + +#ifdef HAVE_SYMLINK + if (flags & G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS) { +#ifdef HAVE_LCHMOD + res =3D lchmod (filename, val); +#else + struct stat statbuf; + /* Calling chmod on a symlink changes permissions on the symlink. + * We don't want to do this, so we need to check for a symlink */ + res =3D g_lstat (filename, &statbuf); + if (res =3D=3D 0 && S_ISLNK (statbuf.st_mode)) + { + g_set_error_literal (error, G_IO_ERROR, + G_IO_ERROR_NOT_SUPPORTED, + _("Cannot set permissions on symlinks")); + return FALSE; + } + else if (res =3D=3D 0) + res =3D g_chmod (filename, val); +#endif + } else +#endif + res =3D g_chmod (filename, val); + + if (res =3D=3D -1) { int errsv =3D errno; =20 @@ -2172,7 +2197,7 @@ _g_local_file_info_set_attribute (char = *filename, _g_file_attribute_value_set_from_pointer (&value, type, value_p, FALSE= ); =20 if (strcmp (attribute, G_FILE_ATTRIBUTE_UNIX_MODE) =3D=3D 0) - return set_unix_mode (filename, &value, error); + return set_unix_mode (filename, flags, &value, error); =20 #ifdef HAVE_CHOWN else if (strcmp (attribute, G_FILE_ATTRIBUTE_UNIX_UID) =3D=3D 0) @@ -2316,7 +2341,7 @@ _g_local_file_info_set_attributes (char = *filename, value =3D _g_file_info_get_attribute_value (info, G_FILE_ATTRIBUTE_UNI= X_MODE); if (value) { - if (!set_unix_mode (filename, value, error)) + if (!set_unix_mode (filename, flags, value, error)) { value->status =3D G_FILE_ATTRIBUTE_STATUS_ERROR_SETTING; res =3D FALSE;