Date: Tue, 5 Mar 2013 15:31:39 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r313455 - in head/sysutils/busybox: . files Message-ID: <201303051531.r25FVd55025899@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Tue Mar 5 15:31:39 2013 New Revision: 313455 URL: http://svnweb.freebsd.org/changeset/ports/313455 Log: Fix Security: CVE-2013-1813 Added: head/sysutils/busybox/files/patch-mdev-fix-mode-of-dir1-in-=dir1-dir2-file-rule (contents, props changed) Modified: head/sysutils/busybox/Makefile Modified: head/sysutils/busybox/Makefile ============================================================================== --- head/sysutils/busybox/Makefile Tue Mar 5 13:54:26 2013 (r313454) +++ head/sysutils/busybox/Makefile Tue Mar 5 15:31:39 2013 (r313455) @@ -3,7 +3,7 @@ PORTNAME= busybox PORTVERSION= 1.20.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= sysutils misc shells MASTER_SITES= http://www.busybox.net/downloads/ Added: head/sysutils/busybox/files/patch-mdev-fix-mode-of-dir1-in-=dir1-dir2-file-rule ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sysutils/busybox/files/patch-mdev-fix-mode-of-dir1-in-=dir1-dir2-file-rule Tue Mar 5 15:31:39 2013 (r313455) @@ -0,0 +1,91 @@ +commit 4609f477c7e043a4f6147dfe6e86b775da2ef784 +Author: Denys Vlasenko <vda.linux@googlemail.com> +Date: Mon Jan 21 01:22:12 2013 +0100 +Bug-Debian: http://bugs.debian.org/701965 +Comment: removed one hunk not needed for 1.20 version, by mjt + + mdev: fix mode of dir1 in =dir1/dir2/file rule + + Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> + +diff --git a/testsuite/mdev.tests b/testsuite/mdev.tests +index 7320e17..48d3dcc 100755 +--- ./testsuite/mdev.tests ++++ ./testsuite/mdev.tests +@@ -11,7 +11,7 @@ FILTER_LS="grep -v '^total ' | sed -e 's/, */,/g' -e 's/ */ /g' | cut -d' ' -f + # cut: remove size+date + FILTER_LS2="grep -v '^total ' | sed -e 's/, */,/g' -e 's/ */ /g' | cut -d' ' -f 1-4,9-" + +-# testing "test name" "options" "expected result" "file input" "stdin" ++# testing "test name" "commands" "expected result" "file input" "stdin" + + rm -rf mdev.testdir + mkdir mdev.testdir +@@ -128,6 +128,26 @@ SKIP= + + # continuing to use directory structure from prev test + rm -rf mdev.testdir/dev/* ++echo "sda 0:0 444 =disk/sd/a" >mdev.testdir/etc/mdev.conf ++optional STATIC FEATURE_MDEV_CONF FEATURE_MDEV_RENAME FEATURE_LS_RECURSIVE FEATURE_LS_TIMESTAMPS FEATURE_LS_USERNAME ++testing "mdev move rule '=bar/baz/fname'" \ ++ "env - PATH=$PATH ACTION=add DEVPATH=/block/sda chroot mdev.testdir /mdev 2>&1; ++ ls -lnR mdev.testdir/dev | $FILTER_LS2" \ ++"\ ++mdev.testdir/dev: ++drwxr-xr-x 3 0 0 disk ++ ++mdev.testdir/dev/disk: ++drwxr-xr-x 2 0 0 sd ++ ++mdev.testdir/dev/disk/sd: ++br--r--r-- 1 0 0 a ++" \ ++ "" "" ++SKIP= ++ ++# continuing to use directory structure from prev test ++rm -rf mdev.testdir/dev/* + # here we complicate things by having non-matching group 1 and using %0 + echo "s([0-9])*d([a-z]+) 0:0 644 >sd/%2_%0" >mdev.testdir/etc/mdev.conf + optional STATIC FEATURE_MDEV_CONF FEATURE_MDEV_RENAME FEATURE_MDEV_RENAME_REGEXP FEATURE_LS_RECURSIVE FEATURE_LS_TIMESTAMPS FEATURE_LS_USERNAME FEATURE_LS_SORTFILES +diff --git a/util-linux/mdev.c b/util-linux/mdev.c +index 79871d3..75de14f 100644 +--- ./util-linux/mdev.c ++++ ./util-linux/mdev.c +@@ -429,6 +429,18 @@ static const struct rule *next_rule(void) + + #endif + ++static void mkdir_recursive(char *name) ++{ ++ /* if name has many levels ("dir1/dir2"), ++ * bb_make_directory() will create dir1 according to umask, ++ * not according to its "mode" parameter. ++ * Since we run with umask=0, need to temporarily switch it. ++ */ ++ umask(022); /* "dir1" (if any) will be 0755 too */ ++ bb_make_directory(name, 0755, FILEUTILS_RECUR); ++ umask(0); ++} ++ + /* Builds an alias path. + * This function potentionally reallocates the alias parameter. + * Only used for ENABLE_FEATURE_MDEV_RENAME +@@ -442,7 +454,7 @@ static char *build_alias(char *alias, const char *device_name) + dest = strrchr(alias, '/'); + if (dest) { /* ">bar/[baz]" ? */ + *dest = '\0'; /* mkdir bar */ +- bb_make_directory(alias, 0755, FILEUTILS_RECUR); ++ mkdir_recursive(alias); + *dest = '/'; + if (dest[1] == '\0') { /* ">bar/" => ">bar/device_name" */ + dest = alias; +# not needed for 1.20: @@ -641,7 +653,7 @@ static void make_device(char *device_name, char *path, int operation) + char *slash = strrchr(node_name, '/'); + if (slash) { + *slash = '\0'; +- bb_make_directory(node_name, 0755, FILEUTILS_RECUR); ++ mkdir_recursive(node_name); + *slash = '/'; + } + if (G.verbose)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201303051531.r25FVd55025899>