Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.4:Update
amanda.17859
CVE-2022-37704.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2022-37704.patch of Package amanda.17859
From 06ba7b9e96c0481623f474112c58abafc4be9518 Mon Sep 17 00:00:00 2001 From: Seetharaman <Seetharaman.Rajagopal@betsol.com> Date: Tue, 7 Feb 2023 13:40:36 +0530 Subject: [PATCH] CVE-2022-37704-Local Privilege escalation from amandabackup user to root Fix done to validate the command line options. --- client-src/rundump.c | 135 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 135 insertions(+) Index: amanda-3.5.1/client-src/rundump.c =================================================================== --- amanda-3.5.1.orig/client-src/rundump.c +++ amanda-3.5.1/client-src/rundump.c @@ -40,6 +40,8 @@ #include "conffile.h" int main(int argc, char **argv); +static void validate_dump_option(int argc, char ** argv); +static void validate_xfsdump_options(int argc, char ** argv); #if defined(VDUMP) || defined(XFSDUMP) # undef USE_RUNDUMP @@ -160,14 +162,17 @@ main( #if defined(DUMP) dump_program = DUMP; + validate_dump_option(argc, argv); #else # if defined(XFSDUMP) dump_program = XFSDUMP; + validate_xfsdump_options(argc, argv); # else # if defined(VXDUMP) dump_program = VXDUMP; # else dump_program = "dump"; + validate_dump_option(argc, argv); # endif # endif #endif @@ -203,3 +208,133 @@ main( return 1; #endif /* } */ } + +void validate_dump_option(int argc, char ** argv) +{ + int c; + int numargs = argc; + while (numargs > 0) + { + c = getopt(argc, argv, "0123456789ab:cd:e:f:h:j:kmnqs:uvwyz:A:B:D:I:L:MQ:ST:W"); + switch (c) { + case -1: + optind++; + break; + case '?': + //option is not valid + error("error [%s invalid option: %s]\n", get_pname(), argv[optind-1]); + break; + // All this options takes another argument + case 'b': + case 'd': + case 'e': + case 'f': + case 'h': + case 'j': + case 's': + case 'z': + case 'A': + case 'B': + case 'D': + case 'I': + case 'L': + case 'Q': + case 'T': + { + // get optarg and check it against NULL. If it is null, then return error. + if (optarg == NULL) { + error ("error [%s additional parameter is missing for option: %c]\n", get_pname(), c); + } + break; + } + case '0': + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + case '8': + case '9': + case 'a': + case 'c': + case 'k': + case 'm': + case 'n': + case 'q': + case 'u': + case 'v': + case 'w': + case 'y': + case 'M': + case 'S': + case 'W': + { + break; + } + default: + error ("error [%s invalid option: %c]\n", get_pname(), c); + break; + } + numargs--; + } +} + +void validate_xfsdump_options(int argc, char ** argv) +{ + int c; + int numargs = argc; + while (numargs > 0) + { + c = getopt(argc, argv, "ab:d:ef:l:mop:qs:t:v:z:AB:DFI:JL:M:RT"); + switch (c) { + case -1: + optind++; + break; + case '?': + //option is not valid + error ("error [%s invalid option: %s]\n", get_pname(), argv[optind-1]); + break; + // All this options takes another argument + case 'b': + case 'd': + case 'f': + case 'l': + case 'p': + case 's': + case 't': + case 'v': + case 'z': + case 'B': + case 'I': + case 'L': + case 'M': + { + // get optarg and check it against NULL. If it is null, then return error. + if (optarg == NULL) { + error ("error [%s additional parameter is missing for option: %c]\n", get_pname(), c); + } + break; + } + case 'a': + case 'e': + case 'm': + case 'o': + case 'q': + case 'A': + case 'D': + case 'F': + case 'J': + case 'R': + case 'T': + { + break; + } + default: + error ("error [%s invalid option: %c]\n", get_pname(), c); + break; + } + numargs--; + } +}
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor