Blame SOURCES/0180-ccpp-ignore-crashes-of-ABRT-binaries-if-DebugLevel-0.patch

a60cd7
From ab4351808352e00d72a7fd948e3e923d08e1a0fc Mon Sep 17 00:00:00 2001
a60cd7
From: Jakub Filak <jfilak@redhat.com>
a60cd7
Date: Wed, 30 Sep 2015 12:19:48 +0200
a60cd7
Subject: [PATCH] ccpp: ignore crashes of ABRT binaries if DebugLevel == 0
a60cd7
a60cd7
Prior this commit abrt-hook-ccpp was saved core file of any
a60cd7
crashed process executing program whose name starts with "abrt" in
a60cd7
DUMP_LOCATION.
a60cd7
a60cd7
ABRT does not check size constraints of these core files, so the files
a60cd7
could consume an uncontrolled amount of disk space.
a60cd7
a60cd7
Related to CVE-2015-5287
a60cd7
Related: #1262252
a60cd7
a60cd7
Signed-off-by: Jakub Filak <jfilak@redhat.com>
a60cd7
---
a60cd7
 src/hooks/abrt-hook-ccpp.c | 7 +++++++
a60cd7
 1 file changed, 7 insertions(+)
a60cd7
a60cd7
diff --git a/src/hooks/abrt-hook-ccpp.c b/src/hooks/abrt-hook-ccpp.c
a60cd7
index 12b3f118..7a19cc2 100644
a60cd7
--- a/src/hooks/abrt-hook-ccpp.c
a60cd7
+++ b/src/hooks/abrt-hook-ccpp.c
a60cd7
@@ -842,6 +842,13 @@ int main(int argc, char** argv)
a60cd7
     const char *last_slash = strrchr(executable, '/');
a60cd7
     if (last_slash && strncmp(++last_slash, "abrt", 4) == 0)
a60cd7
     {
a60cd7
+        if (g_settings_debug_level == 0)
a60cd7
+        {
a60cd7
+            log_warning("Ignoring crash of %s (SIG%s).",
a60cd7
+                        executable, signame ? signame : signal_str);
a60cd7
+            goto finito;
a60cd7
+        }
a60cd7
+
a60cd7
         /* If abrtd/abrt-foo crashes, we don't want to create a _directory_,
a60cd7
          * since that can make new copy of abrtd to process it,
a60cd7
          * and maybe crash again...
a60cd7
-- 
a60cd7
1.8.3.1
a60cd7