File logrotate-CVE-2011-1098.patch of Package logrotate

Overview Repositories Revisions Requests Users Attributes Meta

File logrotate-CVE-2011-1098.patch of Package logrotate

Index: logrotate-3.7.9/logrotate.c
===================================================================
--- logrotate-3.7.9.orig/logrotate.c
+++ logrotate-3.7.9/logrotate.c
@@ -204,7 +204,9 @@ int createOutputFile(char *fileName, int
 {
     int fd;
 
-    fd = open(fileName, flags, sb->st_mode);
+    unlink(fileName);
+    fd = open(fileName, (flags | O_EXCL | O_NOFOLLOW),
+		(S_IRUSR | S_IWUSR) & sb->st_mode);
     if (fd < 0) {
 	message(MESS_ERROR, "error creating output file %s: %s\n",
 		fileName, strerror(errno));
@@ -316,7 +318,7 @@ static int compressLogFile(char *name, s
     }
 
     outFile =
-	createOutputFile(compressedName, O_RDWR | O_CREAT | O_TRUNC, sb);
+	createOutputFile(compressedName, O_RDWR | O_CREAT, sb);
     if (outFile < 0) {
 	close(inFile);
 	return 1;
@@ -495,7 +497,7 @@ static int copyTruncate(char *currLog, c
 	}
 #endif
 	fdsave =
-	    createOutputFile(saveLog, O_WRONLY | O_CREAT | O_TRUNC, sb);
+	    createOutputFile(saveLog, O_WRONLY | O_CREAT, sb);
 #ifdef WITH_SELINUX
 	if (selinux_enabled) {
 	    setfscreatecon_raw(prev_context);

Places

File logrotate-CVE-2011-1098.patch of Package logrotate

Places