[pulseaudio-commits] [SCM] PulseAudio Sound Server branch, stable-queue, updated. v0.9.21-63-gd3efa43

Lennart Poettering gitmailer-noreply at 0pointer.de
Wed Mar 3 19:20:54 PST 2010 

This is an automated email from the git hooks/post-receive script. It was
generated because of a push to the "PulseAudio Sound Server" repository.

The stable-queue branch has been updated
      from  0d1154d078f8f149e2ab9a67b09835a829416e49 (commit)

- Log -----------------------------------------------------------------
d3efa43 core-util: ensure that we chmod only the dir we ourselves created
-----------------------------------------------------------------------

Summary of changes:
 configure.ac              |    2 +-
 src/pulsecore/core-util.c |   39 ++++++++++++++++++++++++++++++++++-----
 2 files changed, 35 insertions(+), 6 deletions(-)

-----------------------------------------------------------------------

commit d3efa43d85ac132c6a5a416a2b6f2115f5d577ee
Author: Kees Cook <kees at ubuntu.com>
Date:   Tue Mar 2 21:33:34 2010 -0800

    core-util: ensure that we chmod only the dir we ourselves created

diff --git a/configure.ac b/configure.ac
index 1b80788..abcce13 100644
--- a/configure.ac
+++ b/configure.ac
@@ -424,7 +424,7 @@ AC_CHECK_FUNCS_ONCE([lrintf strtof])
 AC_FUNC_FORK
 AC_FUNC_GETGROUPS
 AC_FUNC_SELECT_ARGTYPES
-AC_CHECK_FUNCS_ONCE([chmod chown clock_gettime getaddrinfo getgrgid_r getgrnam_r \
+AC_CHECK_FUNCS_ONCE([chmod chown fstat fchown fchmod clock_gettime getaddrinfo getgrgid_r getgrnam_r \
     getpwnam_r getpwuid_r gettimeofday getuid inet_ntop inet_pton mlock nanosleep \
     pipe posix_fadvise posix_madvise posix_memalign setpgid setsid shm_open \
     sigaction sleep sysconf pthread_setaffinity_np])
diff --git a/src/pulsecore/core-util.c b/src/pulsecore/core-util.c
index d6017b9..a642553 100644
--- a/src/pulsecore/core-util.c
+++ b/src/pulsecore/core-util.c
@@ -199,7 +199,7 @@ void pa_make_fd_cloexec(int fd) {
 /** Creates a directory securely */
 int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) {
     struct stat st;
-    int r, saved_errno;
+    int r, saved_errno, fd;
 
     pa_assert(dir);
 
@@ -217,16 +217,45 @@ int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) {
     if (r < 0 && errno != EEXIST)
         return -1;
 
-#ifdef HAVE_CHOWN
+#ifdef HAVE_FSTAT
+    if ((fd = open(dir,
+#ifdef O_CLOEXEC
+                   O_CLOEXEC|
+#endif
+#ifdef O_NOCTTY
+                   O_NOCTTY|
+#endif
+#ifdef O_NOFOLLOW
+                   O_NOFOLLOW|
+#endif
+                   O_RDONLY)) < 0)
+        goto fail;
+
+    if (fstat(fd, &st) < 0) {
+        pa_assert_se(pa_close(fd) >= 0);
+        goto fail;
+    }
+
+    if (!S_ISDIR(st.st_mode)) {
+        pa_assert_se(pa_close(fd) >= 0);
+        errno = EEXIST;
+        goto fail;
+    }
+
+#ifdef HAVE_FCHOWN
     if (uid == (uid_t)-1)
         uid = getuid();
     if (gid == (gid_t)-1)
         gid = getgid();
-    (void) chown(dir, uid, gid);
+    (void) fchown(fd, uid, gid);
+#endif
+
+#ifdef HAVE_FCHMOD
+    (void) fchmod(fd, m);
 #endif
 
-#ifdef HAVE_CHMOD
-    chmod(dir, m);
+    pa_assert_se(pa_close(fd) >= 0);
+
 #endif
 
 #ifdef HAVE_LSTAT

-- 
hooks/post-receive
PulseAudio Sound Server

More information about the pulseaudio-commits mailing list