|
 |
c537d4 |
From 0f7c1ef8e06413679928746c7206786210d3df1e Mon Sep 17 00:00:00 2001
|
|
|
c537d4 |
From: Dominic Cleal <dcleal@redhat.com>
|
|
|
c537d4 |
Date: Mon, 2 Dec 2013 17:49:35 +0000
|
|
|
c537d4 |
Subject: [PATCH] Fix umask handling when creating new files
|
|
|
c537d4 |
|
|
|
c537d4 |
* src/transform.c (transform_save): faulty umask arithmetic would cause
|
|
|
c537d4 |
overly-open file modes when the umask contains "7", as the umask was
|
|
|
c537d4 |
incorrectly subtracted from the target file mode
|
|
|
c537d4 |
|
|
|
c537d4 |
Fixes CVE-2013-6412, RHBZ#1034261
|
|
|
c537d4 |
|
|
|
c537d4 |
(cherry picked from commit f5b4fc0ceb0e5a2be5f3a19f63ad936897a3ac26)
|
|
|
c537d4 |
---
|
|
|
c537d4 |
src/transform.c | 2 +-
|
|
|
c537d4 |
tests/test-save.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
c537d4 |
2 files changed, 49 insertions(+), 1 deletion(-)
|
|
|
c537d4 |
|
|
|
c537d4 |
diff --git a/src/transform.c b/src/transform.c
|
|
|
c537d4 |
index ccbe422..b0288fc 100644
|
|
|
c537d4 |
--- a/src/transform.c
|
|
|
c537d4 |
+++ b/src/transform.c
|
|
|
c537d4 |
@@ -1144,7 +1144,7 @@ int transform_save(struct augeas *aug, struct tree *xfm,
|
|
|
c537d4 |
mode_t curumsk = umask(022);
|
|
|
c537d4 |
umask(curumsk);
|
|
|
c537d4 |
|
|
|
c537d4 |
- if (fchmod(fileno(fp), 0666 - curumsk) < 0) {
|
|
|
c537d4 |
+ if (fchmod(fileno(fp), 0666 & ~curumsk) < 0) {
|
|
|
c537d4 |
err_status = "create_chmod";
|
|
|
c537d4 |
return -1;
|
|
|
c537d4 |
}
|
|
|
c537d4 |
diff --git a/tests/test-save.c b/tests/test-save.c
|
|
|
c537d4 |
index 617ef31..f28f626 100644
|
|
|
c537d4 |
--- a/tests/test-save.c
|
|
|
c537d4 |
+++ b/tests/test-save.c
|
|
|
c537d4 |
@@ -26,6 +26,7 @@
|
|
|
c537d4 |
#include "cutest.h"
|
|
|
c537d4 |
|
|
|
c537d4 |
#include <stdio.h>
|
|
|
c537d4 |
+#include <sys/stat.h>
|
|
|
c537d4 |
#include <sys/types.h>
|
|
|
c537d4 |
#include <sys/wait.h>
|
|
|
c537d4 |
|
|
|
c537d4 |
@@ -51,6 +52,7 @@ static void setup(CuTest *tc) {
|
|
|
c537d4 |
if (asprintf(&lensdir, "%s/lenses", abs_top_srcdir) < 0)
|
|
|
c537d4 |
CuFail(tc, "asprintf lensdir failed");
|
|
|
c537d4 |
|
|
|
c537d4 |
+ umask(0022);
|
|
|
c537d4 |
run(tc, "test -d %s && chmod -R u+w %s || :", root, root);
|
|
|
c537d4 |
run(tc, "rm -rf %s", root);
|
|
|
c537d4 |
run(tc, "mkdir -p %s", root);
|
|
|
c537d4 |
@@ -221,6 +223,49 @@ static void testDoubleSlashPath(CuTest *tc) {
|
|
|
c537d4 |
CuAssertIntEquals(tc, 1, r);
|
|
|
c537d4 |
}
|
|
|
c537d4 |
|
|
|
c537d4 |
+/* Check the umask is followed when creating files
|
|
|
c537d4 |
+ */
|
|
|
c537d4 |
+static void testUmask(CuTest *tc, int tumask, mode_t expected_mode) {
|
|
|
c537d4 |
+ int r;
|
|
|
c537d4 |
+ struct stat buf;
|
|
|
c537d4 |
+ char* fpath = NULL;
|
|
|
c537d4 |
+
|
|
|
c537d4 |
+ if (asprintf(&fpath, "%s/etc/test", root) < 0) {
|
|
|
c537d4 |
+ CuFail(tc, "failed to set root");
|
|
|
c537d4 |
+ }
|
|
|
c537d4 |
+
|
|
|
c537d4 |
+ umask(tumask);
|
|
|
c537d4 |
+
|
|
|
c537d4 |
+ r = aug_rm(aug, "/augeas/load/*");
|
|
|
c537d4 |
+ CuAssertPositive(tc, r);
|
|
|
c537d4 |
+
|
|
|
c537d4 |
+ r = aug_set(aug, "/augeas/load/Test/lens", "Simplelines.lns");
|
|
|
c537d4 |
+ CuAssertRetSuccess(tc, r);
|
|
|
c537d4 |
+ r = aug_set(aug, "/augeas/load/Test/incl", "/etc/test");
|
|
|
c537d4 |
+ CuAssertRetSuccess(tc, r);
|
|
|
c537d4 |
+ r = aug_load(aug);
|
|
|
c537d4 |
+ CuAssertRetSuccess(tc, r);
|
|
|
c537d4 |
+ r = aug_set(aug, "/files/etc/test/1", "test");
|
|
|
c537d4 |
+ CuAssertRetSuccess(tc, r);
|
|
|
c537d4 |
+
|
|
|
c537d4 |
+ r = aug_save(aug);
|
|
|
c537d4 |
+ CuAssertRetSuccess(tc, r);
|
|
|
c537d4 |
+ r = aug_match(aug, "/augeas//error", NULL);
|
|
|
c537d4 |
+ CuAssertIntEquals(tc, 0, r);
|
|
|
c537d4 |
+
|
|
|
c537d4 |
+ CuAssertIntEquals(tc, 0, stat(fpath, &buf));
|
|
|
c537d4 |
+ CuAssertIntEquals(tc, expected_mode, buf.st_mode & 0777);
|
|
|
c537d4 |
+}
|
|
|
c537d4 |
+static void testUmask077(CuTest *tc) {
|
|
|
c537d4 |
+ testUmask(tc, 0077, 0600);
|
|
|
c537d4 |
+}
|
|
|
c537d4 |
+static void testUmask027(CuTest *tc) {
|
|
|
c537d4 |
+ testUmask(tc, 0027, 0640);
|
|
|
c537d4 |
+}
|
|
|
c537d4 |
+static void testUmask022(CuTest *tc) {
|
|
|
c537d4 |
+ testUmask(tc, 0022, 0644);
|
|
|
c537d4 |
+}
|
|
|
c537d4 |
+
|
|
|
c537d4 |
int main(void) {
|
|
|
c537d4 |
char *output = NULL;
|
|
|
c537d4 |
CuSuite* suite = CuSuiteNew();
|
|
|
c537d4 |
@@ -245,6 +290,9 @@ int main(void) {
|
|
|
c537d4 |
SUITE_ADD_TEST(suite, testMtime);
|
|
|
c537d4 |
SUITE_ADD_TEST(suite, testRelPath);
|
|
|
c537d4 |
SUITE_ADD_TEST(suite, testDoubleSlashPath);
|
|
|
c537d4 |
+ SUITE_ADD_TEST(suite, testUmask077);
|
|
|
c537d4 |
+ SUITE_ADD_TEST(suite, testUmask027);
|
|
|
c537d4 |
+ SUITE_ADD_TEST(suite, testUmask022);
|
|
|
c537d4 |
|
|
|
c537d4 |
CuSuiteRun(suite);
|
|
|
c537d4 |
CuSuiteSummary(suite, &output);
|
|
|
c537d4 |
--
|
|
|
c537d4 |
1.8.4.2
|
|
|
c537d4 |
|