rpms / lockdev

Clone
Source Code
GIT

Blame SOURCES/lockdev-euidaccess.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s c9 c9-beta
  1.   23fb2fac6b223ab804dc95f001be7634dae442e0
  2.   SOURCES
  3.   lockdev-euidaccess.patch
Blob History Raw
23fb2f 
diff -up lockdev-scm-2011-10-07/src/lockdev.c.access lockdev-scm-2011-10-07/src/lockdev.c
23fb2f 
--- lockdev-scm-2011-10-07/src/lockdev.c.access	2011-07-22 09:37:10.000000000 +0200
23fb2f 
+++ lockdev-scm-2011-10-07/src/lockdev.c	2013-12-05 11:56:57.836961642 +0100
23fb2f 
@@ -95,6 +95,10 @@
23fb2f 
  *
23fb2f 
  */
23fb2f
23fb2f 
+#ifndef _GNU_SOURCE
23fb2f 
+   #define _GNU_SOURCE
23fb2f 
+#endif
23fb2f 
+
23fb2f 
 #include <errno.h>
23fb2f 
 #include <signal.h>
23fb2f 
 #include <stdio.h>
23fb2f 
@@ -125,6 +125,10 @@
23fb2f 
 #include "lockdev.h"
23fb2f 
 #include "ttylock.h"
23fb2f
23fb2f 
+#ifndef LOCKDEV_ACCESS
23fb2f 
+#define LOCKDEV_ACCESS  euidaccess
23fb2f 
+#endif
23fb2f 
+
23fb2f 
 #define	LOCKDEV_PATH	SBINDIR "/lockdev"
23fb2f
23fb2f 
 /*
23fb2f 
@@ -616,7 +620,10 @@ dev_lock (const char *devname)
23fb2f 
 	if ( stat( device, &statbuf) == -1 ) {
23fb2f 
 		close_n_return(-errno);
23fb2f 
 	}
23fb2f 
-	if ( access( device, W_OK ) == -1 ) {
23fb2f 
+	/* check that the caller has write permission to the device
23fb2f 
+	 * to prevent denial-of-service attack by unauthorized users
23fb2f 
+	 */
23fb2f 
+	if ( LOCKDEV_ACCESS( device, W_OK ) == -1 ) {
23fb2f 
 		close_n_return(-errno);
23fb2f 
 	}
23fb2f
23fb2f 
@@ -780,7 +787,10 @@ dev_relock (const char  *devname,
23fb2f 
 	if ( stat( device, &statbuf) == -1 ) {
23fb2f 
 		close_n_return(-errno);
23fb2f 
 	}
23fb2f 
-	if ( access( device, W_OK ) == -1 ) {
23fb2f 
+	/* check that the caller has write permission to the device
23fb2f 
+	 * to prevent denial-of-service attack by unauthorized users
23fb2f 
+	 */
23fb2f 
+	if ( LOCKDEV_ACCESS( device, W_OK ) == -1 ) {
23fb2f 
 		close_n_return(-errno);
23fb2f 
 	}
23fb2f
23fb2f 
@@ -870,7 +880,10 @@ dev_unlock (const char *devname,
23fb2f 
 	if ( stat( device, &statbuf) == -1 ) {
23fb2f 
 		close_n_return(-errno);
23fb2f 
 	}
23fb2f 
-	if ( access( device, W_OK ) == -1 ) {
23fb2f 
+	/* check that the caller has write permission to the device
23fb2f 
+	 * to prevent denial-of-service attack by unauthorized users
23fb2f 
+	 */
23fb2f 
+	if ( LOCKDEV_ACCESS( device, W_OK ) == -1 ) {
23fb2f 
 		close_n_return(-errno);
23fb2f 
 	}
23fb2f
23fb2f 
diff -ru lockdev-save/src/Makefile.am lockdev-scm-2011-10-07/src/Makefile.am
23fb2f 
--- lockdev-save/src/Makefile.am	2014-09-18 13:42:00.363741658 +0200
23fb2f 
+++ lockdev-scm-2011-10-07/src/Makefile.am	2014-09-18 13:52:10.307868154 +0200
23fb2f 
@@ -6,7 +6,6 @@
23fb2f 
 AM_CPPFLAGS = -include $(top_builddir)/config.h -DSBINDIR=\"$(sbindir)\"
23fb2f
23fb2f 
 lockdev_SOURCES = sample.c
23fb2f 
-lockdev_LDADD = liblockdev.la
23fb2f
23fb2f 
 baudboy_SOURCES = baudboy_test.c
23fb2f 
 baudboy_LDADD = liblockdev.la
23fb2f 
Solo in lockdev-scm-2011-10-07/src: Makefile.in
23fb2f 
diff -ru lockdev-save/src/sample.c lockdev-scm-2011-10-07/src/sample.c
23fb2f 
--- lockdev-save/src/sample.c	2014-09-18 13:42:00.363741658 +0200
23fb2f 
+++ lockdev-scm-2011-10-07/src/sample.c	2014-09-18 14:06:03.769023380 +0200
23fb2f 
@@ -6,6 +6,13 @@
23fb2f 
 #include <fcntl.h>
23fb2f 
 #include "lockdev.h"
23fb2f
23fb2f 
+/* ttylock functions swap the real/effective uid/gid for us, so
23fb2f 
+ * use access instead of euidaccess.
23fb2f 
+ */
23fb2f 
+#define LOCKDEV_ACCESS access
23fb2f 
+#undef TTYLOCK_USE_HELPER
23fb2f 
+#include "lockdev.c"
23fb2f 
+
23fb2f 
 void
23fb2f 
 usage (void)
23fb2f 
 {
23fb2f 
Solo in lockdev-scm-2011-10-07: VERSION

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation