[med-svn] r3111 - trunk/packages/arb/trunk/debian/patches

tille at alioth.debian.org tille at alioth.debian.org
Tue Feb 10 22:29:48 UTC 2009 

Author: tille
Date: 2009-02-10 22:29:47 +0000 (Tue, 10 Feb 2009)
New Revision: 3111

Modified:
   trunk/packages/arb/trunk/debian/patches/tmpfile_CVE-2008-5378.patch
Log:
Security issues should be solved now


Modified: trunk/packages/arb/trunk/debian/patches/tmpfile_CVE-2008-5378.patch
===================================================================
--- trunk/packages/arb/trunk/debian/patches/tmpfile_CVE-2008-5378.patch	2009-02-10 15:49:30 UTC (rev 3110)
+++ trunk/packages/arb/trunk/debian/patches/tmpfile_CVE-2008-5378.patch	2009-02-10 22:29:47 UTC (rev 3111)
@@ -15,17 +15,39 @@
  rm -f $tmp
 --- arb-0.0.20071207.1.orig/ARBDB/adcomm.c
 +++ arb-0.0.20071207.1/ARBDB/adcomm.c
-@@ -135,7 +135,8 @@
+@@ -126,19 +126,29 @@
+ ***************************************************************************************/
+ GBCONTAINER *gbcms_gb_main;
+ void *gbcms_sighup(void){
+-    char          buffer[1024];
++    char          buffer[1024], lsbuffer[1024];
+     char         *fname;
+     GB_ERROR      error;
+     int           translevel;
+     GB_MAIN_TYPE *Main;
++    FILE         *fp;
+ 
      {
          const char *ap = GB_getenv("ARB_PID");
          if (!ap ) ap = "";
 -        sprintf(buffer,"/tmp/arb_panic_%s_%s",GB_getenvUSER(),ap);
-+        sprintf(buffer,"/tmp/arb_panic_%s_%s_XXXXXX",GB_getenvUSER(),ap);
-+	mktemp(buffer);
++        sprintf(lsbuffer,"ls /tmp/arb_panic_%s_%s_*",GB_getenvUSER(),ap);
      }
++        /* TODO:
++         * We have to open an existing file so we have to use scandir(2) for any file *
++         * which matches the template instead inventing a new name using mktemp! */
      fprintf(stderr,"**** ARB DATABASE SERVER GOT a HANGUP SIGNAL ****\n");
      fprintf(stderr,"- Looking for file '%s'\n",buffer);
-@@ -2066,7 +2067,8 @@
++
++    fp = popen(lsbuffer, "r");
++    if ( fscanf(fp, "%s", buffer) == EOF ) {
++        fprintf(stderr,"- File matching '%s' not found - exiting!\n",lsbuffer);
++    }
++
+     fname = GB_read_file(buffer);
+     if (!fname) {
+         fprintf(stderr,"- File '%s' not found - exiting!\n",buffer);
+@@ -2066,7 +2076,8 @@
  {
      static long lastpid = 0;
      long pid = getpid();
@@ -35,7 +57,7 @@
      char filename[1000];
      const char *user = GB_getenvUSER();
      const char *arb_pid = GB_getenv("ARB_PID");
-@@ -2076,10 +2078,12 @@
+@@ -2076,10 +2087,12 @@
      if (lastpid == pid) return 0;
      if (lastpid == -25) return 0;   /* never install */
      lastpid = pid;

More information about the debian-med-commit mailing list