diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4074933 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/File-Path-2.12.tar.gz diff --git a/.perl-File-Path.metadata b/.perl-File-Path.metadata new file mode 100644 index 0000000..905e19b --- /dev/null +++ b/.perl-File-Path.metadata @@ -0,0 +1 @@ +346a8b06e02b3bf517e23c3d242b3b2d2a7fc5ac SOURCES/File-Path-2.12.tar.gz diff --git a/SOURCES/File-Path-2.12-Prevent-directory-chmod-race-attack.patch b/SOURCES/File-Path-2.12-Prevent-directory-chmod-race-attack.patch new file mode 100644 index 0000000..a280818 --- /dev/null +++ b/SOURCES/File-Path-2.12-Prevent-directory-chmod-race-attack.patch @@ -0,0 +1,165 @@ +From e9cc25a6109e9191bcbf59a967ed6c60b0156f72 Mon Sep 17 00:00:00 2001 +From: John Lightsey +Date: Tue, 2 May 2017 12:03:52 -0500 +Subject: [PATCH] Prevent directory chmod race attack. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +CVE-2017-6512 is a race condition attack where the chmod() of directories +that cannot be entered is misused to change the permissions on other +files or directories on the system. This has been corrected by limiting +the directory-permission loosening logic to systems where fchmod() is +supported. + +Petr Písař: Ported to 2.12. + +Signed-off-by: Petr Písař +--- + lib/File/Path.pm | 39 +++++++++++++++++++++++++-------------- + t/Path.t | 40 ++++++++++++++++++++++++++-------------- + 2 files changed, 51 insertions(+), 28 deletions(-) + +diff --git a/lib/File/Path.pm b/lib/File/Path.pm +index 36f12cc..871f43a 100644 +--- a/lib/File/Path.pm ++++ b/lib/File/Path.pm +@@ -354,21 +354,32 @@ sub _rmtree { + + # see if we can escalate privileges to get in + # (e.g. funny protection mask such as -w- instead of rwx) +- $perm &= oct '7777'; +- my $nperm = $perm | oct '700'; +- if ( +- !( +- $arg->{safe} +- or $nperm == $perm +- or chmod( $nperm, $root ) +- ) +- ) +- { +- _error( $arg, +- "cannot make child directory read-write-exec", $canon ); +- next ROOT_DIR; ++ # This uses fchmod to avoid traversing outside of the proper ++ # location (CVE-2017-6512) ++ my $root_fh; ++ if (open($root_fh, '<', $root)) { ++ my ($fh_dev, $fh_inode) = (stat $root_fh )[0,1]; ++ $perm &= oct '7777'; ++ my $nperm = $perm | oct '700'; ++ local $@; ++ if ( ++ !( ++ $arg->{safe} ++ or $nperm == $perm ++ or !-d _ ++ or $fh_dev ne $ldev ++ or $fh_inode ne $lino ++ or eval { chmod( $nperm, $root_fh ) } ++ ) ++ ) ++ { ++ _error( $arg, ++ "cannot make child directory read-write-exec", $canon ); ++ next ROOT_DIR; ++ } ++ close $root_fh; + } +- elsif ( !chdir($root) ) { ++ if ( !chdir($root) ) { + _error( $arg, "cannot chdir to child", $canon ); + next ROOT_DIR; + } +diff --git a/t/Path.t b/t/Path.t +index 5644f57..fffc49c 100755 +--- a/t/Path.t ++++ b/t/Path.t +@@ -3,7 +3,7 @@ + + use strict; + +-use Test::More tests => 127; ++use Test::More tests => 126; + use Config; + use Fcntl ':mode'; + use lib 't/'; +@@ -17,6 +17,13 @@ BEGIN { + + my $Is_VMS = $^O eq 'VMS'; + ++my $fchmod_supported = 0; ++if (open my $fh, curdir()) { ++ my ($perm) = (stat($fh))[2]; ++ $perm &= 07777; ++ eval { $fchmod_supported = chmod( $perm, $fh); }; ++} ++ + # first check for stupid permissions second for full, so we clean up + # behind ourselves + for my $perm (0111,0777) { +@@ -298,16 +305,19 @@ is($created[0], $dir, "created directory (old style 3 mode undef) cross-check"); + + is(rmtree($dir, 0, undef), 1, "removed directory 3 verbose undef"); + +-$dir = catdir($tmp_base,'G'); +-$dir = VMS::Filespec::unixify($dir) if $Is_VMS; ++SKIP: { ++ skip "fchmod of directories not supported on this platform", 3 unless $fchmod_supported; ++ $dir = catdir($tmp_base,'G'); ++ $dir = VMS::Filespec::unixify($dir) if $Is_VMS; + +-@created = mkpath($dir, undef, 0200); ++ @created = mkpath($dir, undef, 0400); + +-is(scalar(@created), 1, "created write-only dir"); ++ is(scalar(@created), 1, "created read-only dir"); + +-is($created[0], $dir, "created write-only directory cross-check"); ++ is($created[0], $dir, "created read-only directory cross-check"); + +-is(rmtree($dir), 1, "removed write-only dir"); ++ is(rmtree($dir), 1, "removed read-only dir"); ++} + + # borderline new-style heuristics + if (chdir $tmp_base) { +@@ -449,26 +459,28 @@ SKIP: { + } + + SKIP : { +- my $skip_count = 19; ++ my $skip_count = 18; + # this test will fail on Windows, as per: + # http://perldoc.perl.org/perlport.html#chmod + + skip "Windows chmod test skipped", $skip_count + if $^O eq 'MSWin32'; ++ skip "fchmod() on directories is not supported on this platform", $skip_count ++ unless $fchmod_supported; + my $mode; + my $octal_mode; + my @inputs = ( +- 0777, 0700, 0070, 0007, +- 0333, 0300, 0030, 0003, +- 0111, 0100, 0010, 0001, +- 0731, 0713, 0317, 0371, 0173, 0137, +- 00 ); ++ 0777, 0700, 0470, 0407, ++ 0433, 0400, 0430, 0403, ++ 0111, 0100, 0110, 0101, ++ 0731, 0713, 0317, 0371, ++ 0173, 0137); + my $input; + my $octal_input; +- $dir = catdir($tmp_base, 'chmod_test'); + + foreach (@inputs) { + $input = $_; ++ $dir = catdir($tmp_base, sprintf("chmod_test%04o", $input)); + # We can skip from here because 0 is last in the list. + skip "Mode of 0 means assume user defaults on VMS", 1 + if ($input == 0 && $Is_VMS); +-- +2.9.4 + diff --git a/SPECS/perl-File-Path.spec b/SPECS/perl-File-Path.spec new file mode 100644 index 0000000..75a349b --- /dev/null +++ b/SPECS/perl-File-Path.spec @@ -0,0 +1,126 @@ +Name: perl-File-Path +Version: 2.12 +Release: 368%{?dist} +Summary: Create or remove directory trees +License: GPL+ or Artistic +Group: Development/Libraries +URL: http://search.cpan.org/dist/File-Path/ +Source0: http://www.cpan.org/authors/id/R/RI/RICHE/File-Path-%{version}.tar.gz +# Fix CVE-2017-6512 (setting arbitrary mode on an arbitrary file in rmtree() +# and remove_tree()), bug #1457834, CPAN RT#121951, in upstream 2.13 +Patch0: File-Path-2.12-Prevent-directory-chmod-race-attack.patch +BuildArch: noarch +BuildRequires: coreutils +BuildRequires: findutils +BuildRequires: make +BuildRequires: perl +BuildRequires: perl-generators +BuildRequires: perl(ExtUtils::MakeMaker) +BuildRequires: perl(strict) +# ExtUtils::MakeMaker::Coverage not used +# Run-time: +BuildRequires: perl(Carp) +BuildRequires: perl(Cwd) +BuildRequires: perl(Exporter) +BuildRequires: perl(File::Basename) +BuildRequires: perl(File::Spec) +# Symbol not used +BuildRequires: perl(vars) +# Tests: +BuildRequires: perl(base) +BuildRequires: perl(Config) +BuildRequires: perl(Fcntl) +BuildRequires: perl(File::Spec::Functions) +BuildRequires: perl(lib) +BuildRequires: perl(SelectSaver) +BuildRequires: perl(Test::More) +BuildRequires: perl(warnings) +Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) +Requires: perl(Carp) + +%description +This module provides a convenient way to create directories of arbitrary +depth and to delete an entire directory subtree from the file system. + +%prep +%setup -q -n File-Path-%{version} +%patch0 -p1 + +%build +perl Makefile.PL INSTALLDIRS=vendor +make %{?_smp_mflags} + +%install +make pure_install DESTDIR=$RPM_BUILD_ROOT +find $RPM_BUILD_ROOT -type f -name .packlist -exec rm -f {} \; +%{_fixperms} $RPM_BUILD_ROOT/* + +%check +make test + +%files +%doc Changes README +%{perl_vendorlib}/* +%{_mandir}/man3/* + +%changelog +* Fri Mar 29 2019 Jitka Plesnikova - 2.12-368 +- Rebuild with enable hardening (bug #1636329) + +* Thu Jun 01 2017 Petr Pisar - 2.12-367 +- Fix CVE-2017-6512 (setting arbitrary mode on an arbitrary file in rmtree() + and remove_tree()) (bug #1457834) + +* Sat Feb 11 2017 Fedora Release Engineering - 2.12-366 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Sat May 14 2016 Jitka Plesnikova - 2.12-365 +- Increase release to favour standalone package + +* Thu Feb 04 2016 Fedora Release Engineering - 2.12-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Oct 12 2015 Petr Pisar - 2.12-1 +- 2.12 bump + +* Mon Jul 20 2015 Petr Pisar - 2.11-1 +- 2.11 bump + +* Thu Jun 18 2015 Fedora Release Engineering - 2.09-347 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed Jun 10 2015 Jitka Plesnikova - 2.09-346 +- Perl 5.22 re-rebuild of bootstrapped packages + +* Thu Jun 04 2015 Jitka Plesnikova - 2.09-345 +- Increase release to favour standalone package + +* Wed Jun 03 2015 Jitka Plesnikova - 2.09-312 +- Perl 5.22 rebuild + +* Sun Sep 07 2014 Jitka Plesnikova - 2.09-311 +- Perl 5.20 re-rebuild of bootstrapped packages + +* Wed Sep 03 2014 Jitka Plesnikova - 2.09-310 +- Increase release to favour standalone package + +* Tue Aug 26 2014 Jitka Plesnikova - 2.09-294 +- Perl 5.20 rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 2.09-293 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed Aug 14 2013 Jitka Plesnikova - 2.09-292 +- Perl 5.18 re-rebuild of bootstrapped packages + +* Sat Aug 03 2013 Fedora Release Engineering - 2.09-291 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon Jul 15 2013 Petr Pisar - 2.09-290 +- Increase release to favour standalone package + +* Fri Jul 12 2013 Petr Pisar - 2.09-2 +- Link minimal build-root packages against libperl.so explicitly + +* Fri Mar 22 2013 Petr Pisar 2.09-1 +- Specfile autogenerated by cpanspec 1.78.