|
 |
a60cd7 |
From ab4351808352e00d72a7fd948e3e923d08e1a0fc Mon Sep 17 00:00:00 2001
|
|
|
a60cd7 |
From: Jakub Filak <jfilak@redhat.com>
|
|
|
a60cd7 |
Date: Wed, 30 Sep 2015 12:19:48 +0200
|
|
|
a60cd7 |
Subject: [PATCH] ccpp: ignore crashes of ABRT binaries if DebugLevel == 0
|
|
|
a60cd7 |
|
|
|
a60cd7 |
Prior this commit abrt-hook-ccpp was saved core file of any
|
|
|
a60cd7 |
crashed process executing program whose name starts with "abrt" in
|
|
|
a60cd7 |
DUMP_LOCATION.
|
|
|
a60cd7 |
|
|
|
a60cd7 |
ABRT does not check size constraints of these core files, so the files
|
|
|
a60cd7 |
could consume an uncontrolled amount of disk space.
|
|
|
a60cd7 |
|
|
|
a60cd7 |
Related to CVE-2015-5287
|
|
|
a60cd7 |
Related: #1262252
|
|
|
a60cd7 |
|
|
|
a60cd7 |
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
|
|
a60cd7 |
---
|
|
|
a60cd7 |
src/hooks/abrt-hook-ccpp.c | 7 +++++++
|
|
|
a60cd7 |
1 file changed, 7 insertions(+)
|
|
|
a60cd7 |
|
|
|
a60cd7 |
diff --git a/src/hooks/abrt-hook-ccpp.c b/src/hooks/abrt-hook-ccpp.c
|
|
|
a60cd7 |
index 12b3f118..7a19cc2 100644
|
|
|
a60cd7 |
--- a/src/hooks/abrt-hook-ccpp.c
|
|
|
a60cd7 |
+++ b/src/hooks/abrt-hook-ccpp.c
|
|
|
a60cd7 |
@@ -842,6 +842,13 @@ int main(int argc, char** argv)
|
|
|
a60cd7 |
const char *last_slash = strrchr(executable, '/');
|
|
|
a60cd7 |
if (last_slash && strncmp(++last_slash, "abrt", 4) == 0)
|
|
|
a60cd7 |
{
|
|
|
a60cd7 |
+ if (g_settings_debug_level == 0)
|
|
|
a60cd7 |
+ {
|
|
|
a60cd7 |
+ log_warning("Ignoring crash of %s (SIG%s).",
|
|
|
a60cd7 |
+ executable, signame ? signame : signal_str);
|
|
|
a60cd7 |
+ goto finito;
|
|
|
a60cd7 |
+ }
|
|
|
a60cd7 |
+
|
|
|
a60cd7 |
/* If abrtd/abrt-foo crashes, we don't want to create a _directory_,
|
|
|
a60cd7 |
* since that can make new copy of abrtd to process it,
|
|
|
a60cd7 |
* and maybe crash again...
|
|
|
a60cd7 |
--
|
|
|
a60cd7 |
1.8.3.1
|
|
|
a60cd7 |
|