Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
qemu-linux-user.1643
0049-slirp-use-less-predictable-director.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0049-slirp-use-less-predictable-director.patch of Package qemu-linux-user.1643
From 225bfdb2ed51332b969c2a5b7cb3780fa9fc9627 Mon Sep 17 00:00:00 2001 From: Michael Tokarev <mjt@tls.msk.ru> Date: Thu, 28 May 2015 14:12:26 +0300 Subject: [PATCH] slirp: use less predictable directory name in /tmp for smb config (CVE-2015-4037) In this version I used mkdtemp(3) which is: _BSD_SOURCE || /* Since glibc 2.10: */ (_POSIX_C_SOURCE >= 200809L || _XOPEN_SOURCE >= 700) (POSIX.1-2008), so should be available on systems we care about. While at it, reset the resulting directory name within smb structure on error so cleanup function wont try to remove directory which we failed to create. Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Markus Armbruster <armbru@redhat.com> (cherry picked from commit 8b8f1c7e9ddb2e88a144638f6527bf70e32343e3) [BR: BSC#932267] Signed-off-by: Bruce Rogers <brogers@suse.com> --- net/slirp.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/slirp.c b/net/slirp.c index 9bbed74..3090c10 100644 --- a/net/slirp.c +++ b/net/slirp.c @@ -481,7 +481,6 @@ static void slirp_smb_cleanup(SlirpState *s) static int slirp_smb(SlirpState* s, const char *exported_dir, struct in_addr vserver_addr) { - static int instance; char smb_conf[128]; char smb_cmdline[128]; struct passwd *passwd; @@ -505,10 +504,10 @@ static int slirp_smb(SlirpState* s, const char *exported_dir, return -1; } - snprintf(s->smb_dir, sizeof(s->smb_dir), "/tmp/qemu-smb.%ld-%d", - (long)getpid(), instance++); - if (mkdir(s->smb_dir, 0700) < 0) { + snprintf(s->smb_dir, sizeof(s->smb_dir), "/tmp/qemu-smb.XXXXXX"); + if (!mkdtemp(s->smb_dir)) { error_report("could not create samba server dir '%s'", s->smb_dir); + s->smb_dir[0] = 0; return -1; } snprintf(smb_conf, sizeof(smb_conf), "%s/%s", s->smb_dir, "smb.conf");
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor