Blame SOURCES/mailx-12.5-globname-Invoke-wordexp-with-WRDE_NOCMD-CVE-2004-277.patch
|
 |
c88ac0 |
From 73fefa0c1ac70043ec84f2d8b8f9f683213f168d Mon Sep 17 00:00:00 2001
|
|
|
c88ac0 |
From: Florian Weimer <fweimer@redhat.com>
|
|
|
c88ac0 |
Date: Mon, 17 Nov 2014 13:11:32 +0100
|
|
|
c88ac0 |
Subject: [PATCH 4/4] globname: Invoke wordexp with WRDE_NOCMD (CVE-2004-2771)
|
|
|
c88ac0 |
|
|
|
c88ac0 |
---
|
|
|
c88ac0 |
fio.c | 2 +-
|
|
|
c88ac0 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
c88ac0 |
|
|
|
c88ac0 |
diff --git a/fio.c b/fio.c
|
|
|
c88ac0 |
index 1529236..774a204 100644
|
|
|
c88ac0 |
--- a/fio.c
|
|
|
c88ac0 |
+++ b/fio.c
|
|
|
c88ac0 |
@@ -497,7 +497,7 @@ globname(char *name)
|
|
|
c88ac0 |
sigemptyset(&nset);
|
|
|
c88ac0 |
sigaddset(&nset, SIGCHLD);
|
|
|
c88ac0 |
sigprocmask(SIG_BLOCK, &nset, NULL);
|
|
|
c88ac0 |
- i = wordexp(name, &we, 0);
|
|
|
c88ac0 |
+ i = wordexp(name, &we, WRDE_NOCMD);
|
|
|
c88ac0 |
sigprocmask(SIG_UNBLOCK, &nset, NULL);
|
|
|
c88ac0 |
switch (i) {
|
|
|
c88ac0 |
case 0:
|
|
|
c88ac0 |
--
|
|
|
c88ac0 |
1.9.3
|
|
|
c88ac0 |
|