Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 601046 Details for
Bug 772257
CVE-2012-0786 augeas: susceptible to symlink attack
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Followup xread_file/fopen fix (1a66739c)
1a66739c_xread_file_err.patch (text/plain), 3.64 KB, created by
Dominic Cleal
on 2012-07-29 15:23:24 UTC
(
hide
)
Description:
Followup xread_file/fopen fix (1a66739c)
Filename:
MIME Type:
Creator:
Dominic Cleal
Created:
2012-07-29 15:23:24 UTC
Size:
3.64 KB
patch
obsolete
>commit 1a66739c3fc14b3257af5d4a32d0a2a714a7b39d >Author: Dominic Cleal <dcleal@redhat.com> >Date: Sun Jul 29 14:27:34 2012 +0100 > > * src/transform.c (xread_file): catch failed fopen, e.g. EACCES > >diff --git a/src/internal.c b/src/internal.c >index 44956f8..2a651d0 100644 >--- a/src/internal.c >+++ b/src/internal.c >@@ -148,8 +148,11 @@ char* xread_file(const char *path) { > char *result; > > fp = fopen(path, "r"); >+ if (!fp) >+ return NULL; >+ > result = xfread_file(fp); >- fclose (fp); >+ fclose(fp); > > return result; > } >diff --git a/tests/test-load.c b/tests/test-load.c >index c1cb3e2..ef6c01a 100644 >--- a/tests/test-load.c >+++ b/tests/test-load.c >@@ -38,10 +38,8 @@ static char *loadpath; > exit(EXIT_FAILURE); \ > } while(0) > >-static struct augeas *setup_writable_hosts(CuTest *tc) { >+static char *setup_hosts(CuTest *tc) { > char *etcdir, *build_root; >- struct augeas *aug = NULL; >- int r; > > if (asprintf(&build_root, "%s/build/test-load/%s", > abs_top_builddir, tc->name) < 0) { >@@ -51,11 +49,18 @@ static struct augeas *setup_writable_hosts(CuTest *tc) { > if (asprintf(&etcdir, "%s/etc", build_root) < 0) > CuFail(tc, "asprintf etcdir failed"); > >- run(tc, "test -d %s && chmod -R u+w %s || :", build_root, build_root); >+ run(tc, "test -d %s && chmod -R u+rw %s || :", build_root, build_root); > run(tc, "rm -rf %s", build_root); > run(tc, "mkdir -p %s", etcdir); > run(tc, "cp -pr %s/etc/hosts %s", root, etcdir); >- run(tc, "chmod -R u+w %s", build_root); >+ >+ free(etcdir); >+ return build_root; >+} >+ >+static struct augeas *setup_hosts_aug(CuTest *tc, char *build_root) { >+ struct augeas *aug = NULL; >+ int r; > > aug = aug_init(build_root, loadpath, AUG_NO_MODL_AUTOLOAD); > CuAssertPtrNotNull(tc, aug); >@@ -67,10 +72,21 @@ static struct augeas *setup_writable_hosts(CuTest *tc) { > CuAssertRetSuccess(tc, r); > > free(build_root); >- free(etcdir); > return aug; > } > >+static struct augeas *setup_writable_hosts(CuTest *tc) { >+ char *build_root = setup_hosts(tc); >+ run(tc, "chmod -R u+w %s", build_root); >+ return setup_hosts_aug(tc, build_root); >+} >+ >+static struct augeas *setup_unreadable_hosts(CuTest *tc) { >+ char *build_root = setup_hosts(tc); >+ run(tc, "chmod -R a-r %s/etc/hosts", build_root); >+ return setup_hosts_aug(tc, build_root); >+} >+ > static void testDefault(CuTest *tc) { > augeas *aug = NULL; > int nmatches, r; >@@ -511,6 +527,28 @@ static void testParseErrorReported(CuTest *tc) { > aug_close(aug); > } > >+/* Test failed file opening is reported, e.g. EACCES */ >+static void testPermsErrorReported(CuTest *tc) { >+ augeas *aug = NULL; >+ int r; >+ const char *s; >+ >+ aug = setup_unreadable_hosts(tc); >+ >+ r = aug_load(aug); >+ CuAssertRetSuccess(tc, r); >+ >+ r = aug_match(aug, "/files/etc/hosts", NULL); >+ CuAssertIntEquals(tc, 0, r); >+ >+ r = aug_get(aug, "/augeas/files/etc/hosts/error", &s); >+ CuAssertIntEquals(tc, 1, r); >+ CuAssertStrEquals(tc, "read_failed", s); >+ >+ r = aug_get(aug, "/augeas/files/etc/hosts/error/message", &s); >+ CuAssertIntEquals(tc, 1, r); >+} >+ > /* Test bug #252 - excl patterns have no effect when loading with a root */ > static void testLoadExclWithRoot(CuTest *tc) { > augeas *aug = NULL; >@@ -576,6 +614,7 @@ int main(void) { > SUITE_ADD_TEST(suite, testReloadExternalMod); > SUITE_ADD_TEST(suite, testReloadAfterSaveNewfile); > SUITE_ADD_TEST(suite, testParseErrorReported); >+ SUITE_ADD_TEST(suite, testPermsErrorReported); > SUITE_ADD_TEST(suite, testLoadExclWithRoot); > SUITE_ADD_TEST(suite, testLoadTrailingExcl); >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=601046">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 772257
:
551189
|
559801
|
562023
| 601046 |
603732