rpms / glib2

Clone
Source Code
GIT

Blame SOURCES/CVE-2019-12450.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-atomic-beta c7-beta c8 c8-beta c8s c9 c9-beta
  1.   6fcf6b59706254ef0a5de2953598608d071966ba
  2.   SOURCES
  3.   CVE-2019-12450.patch
Blob History Raw
02fdc5 
From d8f8f4d637ce43f8699ba94c9b7648beda0ca174 Mon Sep 17 00:00:00 2001
02fdc5 
From: Ondrej Holy <oholy@redhat.com>
02fdc5 
Date: Thu, 23 May 2019 10:41:53 +0200
02fdc5 
Subject: [PATCH] gfile: Limit access to files when copying
02fdc5
02fdc5 
file_copy_fallback creates new files with default permissions and
02fdc5 
set the correct permissions after the operation is finished. This
02fdc5 
might cause that the files can be accessible by more users during
02fdc5 
the operation than expected. Use G_FILE_CREATE_PRIVATE for the new
02fdc5 
files to limit access to those files.
02fdc5 
---
02fdc5 
 gio/gfile.c | 11 ++++++-----
02fdc5 
 1 file changed, 6 insertions(+), 5 deletions(-)
02fdc5
02fdc5 
diff --git a/gio/gfile.c b/gio/gfile.c
02fdc5 
index 24b136d80..74b58047c 100644
02fdc5 
--- a/gio/gfile.c
02fdc5 
+++ b/gio/gfile.c
02fdc5 
@@ -3284,12 +3284,12 @@ file_copy_fallback (GFile                  *source,
02fdc5 
         out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)),
02fdc5 
                                                                    FALSE, NULL,
02fdc5 
                                                                    flags & G_FILE_COPY_BACKUP,
02fdc5 
-                                                                   G_FILE_CREATE_REPLACE_DESTINATION,
02fdc5 
-                                                                   info,
02fdc5 
+                                                                   G_FILE_CREATE_REPLACE_DESTINATION |
02fdc5 
+                                                                   G_FILE_CREATE_PRIVATE, info,
02fdc5 
                                                                    cancellable, error);
02fdc5 
       else
02fdc5 
         out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)),
02fdc5 
-                                                                  FALSE, 0, info,
02fdc5 
+                                                                  FALSE, G_FILE_CREATE_PRIVATE, info,
02fdc5 
                                                                   cancellable, error);
02fdc5 
     }
02fdc5 
   else if (flags & G_FILE_COPY_OVERWRITE)
02fdc5 
@@ -3297,12 +3297,13 @@ file_copy_fallback (GFile                  *source,
02fdc5 
       out = (GOutputStream *)g_file_replace (destination,
02fdc5 
                                              NULL,
02fdc5 
                                              flags & G_FILE_COPY_BACKUP,
02fdc5 
-                                             G_FILE_CREATE_REPLACE_DESTINATION,
02fdc5 
+                                             G_FILE_CREATE_REPLACE_DESTINATION |
02fdc5 
+                                             G_FILE_CREATE_PRIVATE,
02fdc5 
                                              cancellable, error);
02fdc5 
     }
02fdc5 
   else
02fdc5 
     {
02fdc5 
-      out = (GOutputStream *)g_file_create (destination, 0, cancellable, error);
02fdc5 
+      out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error);
02fdc5 
     }
02fdc5
02fdc5 
   if (!out)
02fdc5 
--
02fdc5 
2.21.0
02fdc5

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation