Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 644042 Details for
Bug 875842
CVE-2012-5530 pcp: Insecure temporary file use flaws
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Preliminary form of proposed patch created by David Disseldorp of SUSE
bug-782967_pcp_init_tmp.patch (text/plain), 10.39 KB, created by
Jan Lieskovsky
on 2012-11-13 10:24:16 UTC
(
hide
)
Description:
Preliminary form of proposed patch created by David Disseldorp of SUSE
Filename:
MIME Type:
Creator:
Jan Lieskovsky
Created:
2012-11-13 10:24:16 UTC
Size:
10.39 KB
patch
obsolete
>diff --git a/build/mac/build-installer b/build/mac/build-installer >index a4035e1..b3e9a4c 100755 >--- a/build/mac/build-installer >+++ b/build/mac/build-installer >@@ -35,7 +35,7 @@ IDB=$HERE/$5 > prog=`basename $0` > tmp=/tmp/$$ > status=1 >-trap "rm -f $tmp.* exit \$status" 0 1 2 15 >+trap "rm -f $tmp.*; exit \$status" 0 1 2 15 > > _do() > { >diff --git a/configure.in b/configure.in >index 0620b01..363bacd 100644 >--- a/configure.in >+++ b/configure.in >@@ -1988,13 +1988,8 @@ else > fi > AC_SUBST(pcp_run_dir) > >-dnl temp files >-if test -d /var/tmp >-then >- pcp_tmp_dir=/var/tmp >-else >- pcp_tmp_dir=/tmp >-fi >+dnl temp files; these are shared across QA, pmlogger, pmlogctl and mmv >+pcp_tmp_dir=`eval echo $pcp_run_dir/tmp` > AC_SUBST(pcp_tmp_dir) > > dnl doc directory >diff --git a/src/pmcd/rc_pcp b/src/pmcd/rc_pcp >index 2fc3fa0..974ca06 100644 >--- a/src/pmcd/rc_pcp >+++ b/src/pmcd/rc_pcp >@@ -43,9 +43,9 @@ > > . $PCP_DIR/etc/pcp.env > >-tmp=/var/tmp/$$ >+tmp=`mktemp -d /var/tmp/pcp.XXXXXXXXX` || exit 1 > status=0 >-trap "rm -f $tmp.* ; exit \$status" 0 1 2 3 15 >+trap "rm -rf $tmp; exit \$status" 0 1 2 3 15 > prog=$PCP_RC_DIR/pcp > > _usage() >diff --git a/src/pmcd/rc_pmcd b/src/pmcd/rc_pmcd >index 5f0830e..72eb3b5 100644 >--- a/src/pmcd/rc_pmcd >+++ b/src/pmcd/rc_pmcd >@@ -57,9 +57,9 @@ do > fi > done > >-tmp=/var/tmp/$$ >+tmp=`mktemp -d /var/tmp/pcp.XXXXXXXXX` || exit 1 > status=1 >-trap "rm -f $tmp.* ; exit \$status" 0 1 2 3 15 >+trap "rm -rf $tmp; exit \$status" 0 1 2 3 15 > > case "$PCP_PLATFORM" > in >@@ -111,17 +111,17 @@ _reboot_setup() > then > mkdir -p "$PCP_TMP_DIR/pmlogger" > else >- rm -rf $tmp.ent $tmp.pid >+ rm -rf $tmp/ent $tmp/pid > here=`pwd` > cd "$PCP_TMP_DIR/pmlogger" > rm -f primary vcr >- _get_pids_by_name pmlogger | sort >$tmp.pid >+ _get_pids_by_name pmlogger | sort >$tmp/pid > ls [0-9]* 2>&1 | sed -e '/\[0-9]\*/d' \ >- | sed -e 's/[ ][ ]*//g' | sort >$tmp.ent >+ | sed -e 's/[ ][ ]*//g' | sort >$tmp/ent > # remove entries without a pmlogger process > # >- rm -f `comm -23 $tmp.ent $tmp.pid` >- rm -f $tmp.ent $tmp.pid >+ rm -f `comm -23 $tmp/ent $tmp/pid` >+ rm -f $tmp/ent $tmp/pid > cd "$here" > fi > chmod 1777 "$PCP_TMP_DIR/pmlogger" >@@ -273,8 +273,8 @@ _shutdown() > { > # Is pmcd running? > # >- _get_pids_by_name pmcd >$tmp.tmp >- if [ ! -s $tmp.tmp ] >+ _get_pids_by_name pmcd >$tmp/tmp >+ if [ ! -s $tmp/tmp ] > then > [ "$1" = verbose ] && echo "$prog: pmcd not running" > rm -f $PCP_RUN_DIR/pmcd.pid >@@ -289,7 +289,7 @@ _shutdown() > [ -f $logf ] || logf=$RUNDIR/pmcd.log > if [ ! -f $PCP_RUN_DIR/pmcd.pid -a ! -f $logf ] > then >- pmcdpid=`cat $tmp.tmp` >+ pmcdpid=`cat $tmp/tmp` > echo "PMCD process ... $pmcdpid" > echo "$prog: > Warning: found no $PCP_RUN_DIR/pmcd.pid >@@ -300,11 +300,11 @@ Warning: found no $PCP_RUN_DIR/pmcd.pid > elif [ -f $PCP_RUN_DIR/pmcd.pid ] > then > TOKILL=`cat $PCP_RUN_DIR/pmcd.pid` >- if grep "^$TOKILL$" $tmp.tmp >/dev/null >+ if grep "^$TOKILL$" $tmp/tmp >/dev/null > then > : > else >- echo "PMCD process ... "`cat $tmp.tmp` >+ echo "PMCD process ... "`cat $tmp/tmp` > echo "$prog: > Warning: process ID in $PCP_RUN_DIR/pmcd.pid is $TOKILL. > Check logfile $logf. When you are ready to proceed, remove >@@ -333,8 +333,8 @@ Warning: process ID in $PCP_RUN_DIR/pmcd.pid is $TOKILL. > fi > while [ $delay -gt 0 ] > do >- _get_pids_by_name pmcd >$tmp.tmp >- [ ! -s $tmp.tmp ] && break 2 >+ _get_pids_by_name pmcd >$tmp/tmp >+ [ ! -s $tmp/tmp ] && break 2 > pmsleep 0.1 > delay=`expr $delay - 1` > [ "$SIG" = "TERM" ] && [ `expr $delay % 10` -eq 0 ] \ >@@ -344,16 +344,16 @@ Warning: process ID in $PCP_RUN_DIR/pmcd.pid is $TOKILL. > echo "Process ..." > if [ "$SIG" = "TERM" ] > then >- $PCP_PS_PROG $PCP_PS_ALL_FLAGS >$tmp.ps >- sed 1q $tmp.ps >- for pid in `cat $tmp.tmp` >+ $PCP_PS_PROG $PCP_PS_ALL_FLAGS >$tmp/ps >+ sed 1q $tmp/ps >+ for pid in `cat $tmp/tmp` > do >- $PCP_AWK_PROG <$tmp.ps "\$2 == $pid { print }" >+ $PCP_AWK_PROG <$tmp/ps "\$2 == $pid { print }" > done > echo "$prog: Warning: Forcing pmcd to terminate!" > delay=20 > else >- cat $tmp.tmp >+ cat $tmp/tmp > echo "$prog: Warning: pmcd won't die!" > exit > fi >diff --git a/src/pmie/rc_pmie b/src/pmie/rc_pmie >index 5ce1eec..de0e0c8 100644 >--- a/src/pmie/rc_pmie >+++ b/src/pmie/rc_pmie >@@ -50,9 +50,9 @@ do > fi > done > >-tmp=/var/tmp/$$ >+tmp=`mktemp -d /var/tmp/pcp.XXXXXXXXX` || exit 1 > status=1 >-trap "rm -f $tmp.* ; exit \$status" 0 1 2 3 15 >+trap "rm -rf $tmp; exit \$status" 0 1 2 3 15 > > if [ $pmprog = $prog ] > then >@@ -94,15 +94,15 @@ _reboot_setup() > then > mkdir -p $PCP_TMP_DIR/pmie > else >- rm -rf $tmp.ent $tmp.pid >+ rm -rf $tmp/ent $tmp/pid > here=`pwd` > cd $PCP_TMP_DIR/pmie >- _get_pids_by_name pmie | sort >$tmp.pid >+ _get_pids_by_name pmie | sort >$tmp/pid > ls [0-9]* 2>&1 | sed -e '/\[0-9]\*/d' \ >- | sed -e 's/[ ][ ]*//g' | sort >$tmp.ent >+ | sed -e 's/[ ][ ]*//g' | sort >$tmp/ent > # remove entries without a pmie process >- rm -f `comm -23 $tmp.ent $tmp.pid` >- rm -f $tmp.ent $tmp.pid >+ rm -f `comm -23 $tmp/ent $tmp/pid` >+ rm -f $tmp/ent $tmp/pid > cd "$here" > fi > chmod 1777 $PCP_TMP_DIR/pmie >@@ -117,19 +117,19 @@ _start_pmie() > > if pmcd_wait $wait_option > then >- pmie_check >$tmp.pmie 2>&1 >- if [ -s $tmp.pmie ] >+ pmie_check >$tmp/pmie 2>&1 >+ if [ -s $tmp/pmie ] > then > pmpost "pmie_check start failed in $prog, mailing output to root" > if [ ! -z "$MAIL" ] > then >- $MAIL -s "pmie_check start failed in $prog" root <$tmp.pmie >/dev/null 2>&1 >+ $MAIL -s "pmie_check start failed in $prog" root <$tmp/pmie >/dev/null 2>&1 > else > echo "$prog: pmie_check start failed ..." >- cat $tmp.pmie >+ cat $tmp/pmie > fi > fi >- rm -f $tmp.pmie >+ rm -f $tmp/pmie > else > status=$? > pmpost "pmcd_wait failed in $prog: exit status: $status" >@@ -145,8 +145,8 @@ _start_pmie() > > _shutdown() > { >- _get_pids_by_name pmie >$tmp.pmies 2>&1 >- if [ ! -s $tmp.pmies ] >+ _get_pids_by_name pmie >$tmp/pmies 2>&1 >+ if [ ! -s $tmp/pmies ] > then > [ "$1" = verbose ] && echo "$pmprog: PMIE not running" > return 0 >@@ -154,22 +154,22 @@ _shutdown() > > $ECHO $PCP_ECHO_N "Waiting for PMIE process(es) to terminate ..." "$PCP_ECHO_C" > >- pmie_check -s >$tmp.pmie 2>&1 >- if [ -s $tmp.pmie ] >+ pmie_check -s >$tmp/pmie 2>&1 >+ if [ -s $tmp/pmie ] > then > pmpost "pmie_check stop failed in $prog, mailing output to root" > if [ ! -z "$MAIL" ] > then >- $MAIL -s "pmie_check stop failed in $prog" root <$tmp.pmie >+ $MAIL -s "pmie_check stop failed in $prog" root <$tmp/pmie > else > echo "$prog: pmie_check stop failed ..." >- cat $tmp.pmie >+ cat $tmp/pmie > fi > fi > > true > $RC_STATUS -v >- rm -fr $tmp.pmie $PCP_TMP_DIR/pmie >+ rm -fr $tmp/pmie $PCP_TMP_DIR/pmie > pmpost "stop pmie from $pmprog" > } > >diff --git a/src/pmlogger/rc_pmlogger b/src/pmlogger/rc_pmlogger >index ec4bc3f..6f9949f 100644 >--- a/src/pmlogger/rc_pmlogger >+++ b/src/pmlogger/rc_pmlogger >@@ -56,9 +56,9 @@ do > fi > done > >-tmp=/var/tmp/$$ >+tmp=`mktemp -d /var/tmp/pcp.XXXXXXXXX` || exit 1 > status=1 >-trap "rm -f $tmp.* ; exit \$status" 0 1 2 3 15 >+trap "rm -rf $tmp; exit \$status" 0 1 2 3 15 > > LOCALHOSTNAME="localhost" > which hostname >/dev/null 2>&1 && LOCALHOSTNAME=`hostname` >@@ -97,19 +97,19 @@ esac > > _start_pmcheck() > { >- pmlogger_check $VFLAG >$tmp.pmcheck 2>&1 >- if [ -s $tmp.pmcheck ] >+ pmlogger_check $VFLAG >$tmp/pmcheck 2>&1 >+ if [ -s $tmp/pmcheck ] > then > pmpost "pmlogger_check failed in $prog, mailing output to root" > if [ ! -z "$MAIL" ] > then >- $MAIL -s "pmlogger_check failed in $prog" root <$tmp.pmcheck >+ $MAIL -s "pmlogger_check failed in $prog" root <$tmp/pmcheck > else > echo "$prog: pmlogger_check failed ..." >- cat $tmp.pmcheck >+ cat $tmp/pmcheck > fi > fi >- rm -f $tmp.pmcheck >+ rm -f $tmp/pmcheck > } > > _start_pmlogger() >@@ -150,8 +150,8 @@ _shutdown() > { > # Is any pmlogger running? > # >- _get_pids_by_name pmlogger >$tmp.tmp >- if [ ! -s $tmp.tmp ] >+ _get_pids_by_name pmlogger >$tmp/tmp >+ if [ ! -s $tmp/tmp ] > then > [ "$1" = verbose ] && echo "$prog: pmlogger not running" > return 0 >@@ -162,7 +162,7 @@ _shutdown() > # pmlogger_daily ... relies on the -m option to pmlogger and the > # annotation in the (optional) 4th line of the port map files > # >- for pid in `cat $tmp.tmp` >+ for pid in `cat $tmp/tmp` > do > if [ -f $PCP_TMP_DIR/pmlogger/$pid ] > then >diff --git a/src/pmproxy/rc_pmproxy b/src/pmproxy/rc_pmproxy >index b770c5d..811871c 100644 >--- a/src/pmproxy/rc_pmproxy >+++ b/src/pmproxy/rc_pmproxy >@@ -45,9 +45,9 @@ RUNDIR=$PCP_LOG_DIR/pmproxy > pmprog=$PCP_RC_DIR/pmproxy > prog=$PCP_RC_DIR/`basename $0` > >-tmp=/var/tmp/$$ >+tmp=`mktemp -d /var/tmp/pcp.XXXXXXXXX` || exit 1 > status=1 >-trap "rm -f $tmp.* ; exit \$status" 0 1 2 3 15 >+trap "rm -rf $tmp; exit \$status" 0 1 2 3 15 > > if [ $pmprog = $prog ] > then >@@ -83,8 +83,8 @@ _shutdown() > { > # Is pmproxy running? > # >- _get_pids_by_name pmproxy >$tmp.tmp >- if [ ! -s $tmp.tmp ] >+ _get_pids_by_name pmproxy >$tmp/tmp >+ if [ ! -s $tmp/tmp ] > then > [ "$1" = verbose ] && echo "$pmprog: PMPROXY not running" > return 0 >@@ -101,8 +101,8 @@ _shutdown() > for i in 1 2 3 4 5 6 > do > sleep 3 >- _get_pids_by_name pmproxy >$tmp.tmp >- if [ ! -s $tmp.tmp ] >+ _get_pids_by_name pmproxy >$tmp/tmp >+ if [ ! -s $tmp/tmp ] > then > gone=1 > break >@@ -116,11 +116,11 @@ _shutdown() > then > $ECHO > echo "Process ..." >- $PCP_PS_PROG $PCP_PS_ALL_FLAGS >$tmp.ps >- sed 1q $tmp.ps >- for pid in `cat $tmp.tmp` >+ $PCP_PS_PROG $PCP_PS_ALL_FLAGS >$tmp/ps >+ sed 1q $tmp/ps >+ for pid in `cat $tmp/tmp` > do >- $PCP_AWK_PROG <$tmp.ps "\$2 == $pid { print }" >+ $PCP_AWK_PROG <$tmp/ps "\$2 == $pid { print }" > done > echo "$prog: Warning: Forcing PMPROXY to terminate!" > pmsignal -a -s KILL pmproxy > /dev/null 2>&1 >@@ -131,7 +131,7 @@ _shutdown() > if [ $gone != 1 ] # It just WON'T DIE, give up. > then > echo "Process ..." >- cat $tmp.tmp >+ cat $tmp/tmp > echo "$prog: Warning: PMPROXY won't die!" > exit > fi
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=644042">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 875842
: 644042 |
644747
|
646265
|
646266