* PATCH some cleanups and security fixes
@ 2004-09-20 13:32 Harald Hoyer
0 siblings, 0 replies; 2+ messages in thread
From: Harald Hoyer @ 2004-09-20 13:32 UTC (permalink / raw)
To: linux-hotplug
[-- Attachment #1: Type: text/plain, Size: 85 bytes --]
posted by Steve Grubb on https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=130351
[-- Attachment #2: udev-030-rhsec.patch --]
[-- Type: text/plain, Size: 4025 bytes --]
--- udev-032/tdb/spinlock.c.rhsec 2004-09-14 07:55:34.000000000 +0200
+++ udev-032/tdb/spinlock.c 2004-09-14 15:13:58.916535504 +0200
@@ -23,7 +23,7 @@
#define HAVE_MMAP 1
#include "../udev.h"
-#if HAVE_CONFIG_H
+#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
--- udev-032/udevstart.c.rhsec 2004-09-14 07:55:36.000000000 +0200
+++ udev-032/udevstart.c 2004-09-14 15:13:58.919535048 +0200
@@ -211,7 +211,7 @@
dir2 = opendir(dirname);
if (dir2 != NULL) {
for (dent2 = readdir(dir2); dent2 != NULL; dent2 = readdir(dir2)) {
- char dirname2[MAX_PATHLEN-1];
+ char dirname2[MAX_PATHLEN];
DIR *dir3;
struct dirent *dent3;
--- udev-032/namedev.c.rhsec 2004-09-14 07:55:36.000000000 +0200
+++ udev-032/namedev.c 2004-09-14 15:13:58.915535656 +0200
@@ -350,7 +350,7 @@
{ .bus = "usb-serial", .file = "detach_state" },
{ .bus = "ide", .file = "detach_state" },
{ .bus = "pci", .file = "vendor" },
- {}
+ { NULL, NULL }
};
#define SECONDS_TO_WAIT_FOR_FILE 10
--- udev-032/udevd.c.rhsec 2004-09-14 07:55:33.000000000 +0200
+++ udev-032/udevd.c 2004-09-14 15:14:52.024461872 +0200
@@ -45,9 +45,9 @@
static int pipefds[2];
static long expected_seqnum = 0;
-volatile static int children_waiting;
-volatile static int run_msg_q;
-volatile static int sig_flag;
+static volatile int children_waiting;
+static volatile int run_msg_q;
+static volatile int sig_flag;
static int run_exec_q;
static LIST_HEAD(msg_list);
@@ -398,7 +398,7 @@
int ssock, maxsockplus;
struct sockaddr_un saddr;
socklen_t addrlen;
- int retval;
+ int retval, fd;
const int on = 1;
struct sigaction act;
fd_set readfds;
@@ -410,6 +410,22 @@
dbg("need to be root, exit");
exit(1);
}
+ /* make sure we are at top of dir */
+ chdir("/");
+ umask( umask( 077 ) | 022 );
+ /* Set fds to dev/null */
+ fd = open( "/dev/null", O_RDWR );
+ if ( fd < 0 ) {
+ dbg("error opening /dev/null %s", strerror(errno));
+ exit(1);
+ }
+ dup2(fd, 0);
+ dup2(fd, 1);
+ dup2(fd, 2);
+ if (fd > 2)
+ close(fd);
+ /* Get new session id so stray signals don't come our way. */
+ setsid();
/* setup signal handler pipe */
retval = pipe(pipefds);
@@ -419,7 +435,12 @@
}
retval = fcntl(pipefds[0], F_SETFL, O_NONBLOCK);
- if (retval < 0) {
+ if (retval < 0) {
+ dbg("error fcntl on read pipe: %s", strerror(errno));
+ exit(1);
+ }
+ retval = fcntl(pipefds[0], F_SETFD, FD_CLOEXEC);
+ if (retval < 0) {
dbg("error fcntl on read pipe: %s", strerror(errno));
exit(1);
}
@@ -429,7 +450,13 @@
dbg("error fcntl on write pipe: %s", strerror(errno));
exit(1);
}
+ retval = fcntl(pipefds[1], F_SETFD, FD_CLOEXEC);
+ if (retval < 0) {
+ dbg("error fcntl on write pipe: %s", strerror(errno));
+ exit(1);
+ }
+
/* set signal handlers */
act.sa_handler = sig_handler;
sigemptyset(&act.sa_mask);
@@ -457,15 +484,22 @@
dbg("bind failed, exit");
goto exit;
}
+ retval = fcntl(ssock, F_SETFD, FD_CLOEXEC);
+ if (retval < 0) {
+ dbg("error fcntl on ssock: %s", strerror(errno));
+ exit(1);
+ }
/* enable receiving of the sender credentials */
setsockopt(ssock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on));
/* possible override of udev binary, used for testing */
+#ifdef DEBUG
udev_bin = getenv("UDEV_BIN");
if (udev_bin != NULL)
dbg("udev binary is set to '%s'", udev_bin);
else
+#endif
udev_bin = UDEV_BIN;
FD_ZERO(&readfds);
--- udev-032/dev_d.c.rhsec 2004-09-14 07:55:37.000000000 +0200
+++ udev-032/dev_d.c 2004-09-14 15:13:58.914535808 +0200
@@ -78,6 +78,7 @@
strfieldcpy(env_devname, dev->name);
setenv("DEVPATH", devpath, 1);
}
+ else env_devname[0] = 0;
setenv("DEVNAME", env_devname, 1);
dbg("DEVNAME='%s'", env_devname);
--- udev-032/udev-remove.c.rhsec 2004-09-14 07:55:33.000000000 +0200
+++ udev-032/udev-remove.c 2004-09-14 15:13:58.918535200 +0200
@@ -105,7 +105,7 @@
char filename[NAME_SIZE];
char linkname[NAME_SIZE];
char partitionname[NAME_SIZE];
- int retval;
+ int retval = 0;
int i;
char *pos;
int len;
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: PATCH some cleanups and security fixes
@ 2004-10-05 23:49 Greg KH
0 siblings, 0 replies; 2+ messages in thread
From: Greg KH @ 2004-10-05 23:49 UTC (permalink / raw)
To: linux-hotplug
On Mon, Sep 20, 2004 at 03:32:06PM +0200, Harald Hoyer wrote:
> posted by Steve Grubb on
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id\x130351
> --- udev-032/tdb/spinlock.c.rhsec 2004-09-14 07:55:34.000000000 +0200
> +++ udev-032/tdb/spinlock.c 2004-09-14 15:13:58.916535504 +0200
> @@ -23,7 +23,7 @@
> #define HAVE_MMAP 1
> #include "../udev.h"
>
> -#if HAVE_CONFIG_H
> +#ifdef HAVE_CONFIG_H
> #include <config.h>
> #endif
>
Not needed.
> --- udev-032/udevstart.c.rhsec 2004-09-14 07:55:36.000000000 +0200
> +++ udev-032/udevstart.c 2004-09-14 15:13:58.919535048 +0200
> @@ -211,7 +211,7 @@
> dir2 = opendir(dirname);
> if (dir2 != NULL) {
> for (dent2 = readdir(dir2); dent2 != NULL; dent2 = readdir(dir2)) {
> - char dirname2[MAX_PATHLEN-1];
> + char dirname2[MAX_PATHLEN];
> DIR *dir3;
> struct dirent *dent3;
>
Applied.
> --- udev-032/namedev.c.rhsec 2004-09-14 07:55:36.000000000 +0200
> +++ udev-032/namedev.c 2004-09-14 15:13:58.915535656 +0200
> @@ -350,7 +350,7 @@
> { .bus = "usb-serial", .file = "detach_state" },
> { .bus = "ide", .file = "detach_state" },
> { .bus = "pci", .file = "vendor" },
> - {}
> + { NULL, NULL }
> };
>
> #define SECONDS_TO_WAIT_FOR_FILE 10
Not needed.
> --- udev-032/udevd.c.rhsec 2004-09-14 07:55:33.000000000 +0200
> +++ udev-032/udevd.c 2004-09-14 15:14:52.024461872 +0200
> @@ -45,9 +45,9 @@
>
> static int pipefds[2];
> static long expected_seqnum = 0;
> -volatile static int children_waiting;
> -volatile static int run_msg_q;
> -volatile static int sig_flag;
> +static volatile int children_waiting;
> +static volatile int run_msg_q;
> +static volatile int sig_flag;
> static int run_exec_q;
>
> static LIST_HEAD(msg_list);
> @@ -398,7 +398,7 @@
> int ssock, maxsockplus;
> struct sockaddr_un saddr;
> socklen_t addrlen;
> - int retval;
> + int retval, fd;
> const int on = 1;
> struct sigaction act;
> fd_set readfds;
> @@ -410,6 +410,22 @@
> dbg("need to be root, exit");
> exit(1);
> }
> + /* make sure we are at top of dir */
> + chdir("/");
> + umask( umask( 077 ) | 022 );
> + /* Set fds to dev/null */
> + fd = open( "/dev/null", O_RDWR );
> + if ( fd < 0 ) {
> + dbg("error opening /dev/null %s", strerror(errno));
> + exit(1);
> + }
> + dup2(fd, 0);
> + dup2(fd, 1);
> + dup2(fd, 2);
> + if (fd > 2)
> + close(fd);
> + /* Get new session id so stray signals don't come our way. */
> + setsid();
>
> /* setup signal handler pipe */
> retval = pipe(pipefds);
> @@ -419,7 +435,12 @@
> }
>
> retval = fcntl(pipefds[0], F_SETFL, O_NONBLOCK);
> - if (retval < 0) {
> + if (retval < 0) {
> + dbg("error fcntl on read pipe: %s", strerror(errno));
> + exit(1);
> + }
> + retval = fcntl(pipefds[0], F_SETFD, FD_CLOEXEC);
> + if (retval < 0) {
> dbg("error fcntl on read pipe: %s", strerror(errno));
> exit(1);
> }
> @@ -429,7 +450,13 @@
> dbg("error fcntl on write pipe: %s", strerror(errno));
> exit(1);
> }
> + retval = fcntl(pipefds[1], F_SETFD, FD_CLOEXEC);
> + if (retval < 0) {
> + dbg("error fcntl on write pipe: %s", strerror(errno));
> + exit(1);
> + }
>
> +
> /* set signal handlers */
> act.sa_handler = sig_handler;
> sigemptyset(&act.sa_mask);
> @@ -457,15 +484,22 @@
> dbg("bind failed, exit");
> goto exit;
> }
> + retval = fcntl(ssock, F_SETFD, FD_CLOEXEC);
> + if (retval < 0) {
> + dbg("error fcntl on ssock: %s", strerror(errno));
> + exit(1);
> + }
>
Applied.
> /* enable receiving of the sender credentials */
> setsockopt(ssock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on));
>
> /* possible override of udev binary, used for testing */
> +#ifdef DEBUG
> udev_bin = getenv("UDEV_BIN");
> if (udev_bin != NULL)
> dbg("udev binary is set to '%s'", udev_bin);
> else
> +#endif
> udev_bin = UDEV_BIN;
>
> FD_ZERO(&readfds);
Not applied.
> --- udev-032/dev_d.c.rhsec 2004-09-14 07:55:37.000000000 +0200
> +++ udev-032/dev_d.c 2004-09-14 15:13:58.914535808 +0200
> @@ -78,6 +78,7 @@
> strfieldcpy(env_devname, dev->name);
> setenv("DEVPATH", devpath, 1);
> }
> + else env_devname[0] = 0;
> setenv("DEVNAME", env_devname, 1);
> dbg("DEVNAME='%s'", env_devname);
>
I fixed this up by hand.
> --- udev-032/udev-remove.c.rhsec 2004-09-14 07:55:33.000000000 +0200
> +++ udev-032/udev-remove.c 2004-09-14 15:13:58.918535200 +0200
> @@ -105,7 +105,7 @@
> char filename[NAME_SIZE];
> char linkname[NAME_SIZE];
> char partitionname[NAME_SIZE];
> - int retval;
> + int retval = 0;
> int i;
> char *pos;
> int len;
Not needed.
thanks,
greg k-h
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-10-05 23:49 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-09-20 13:32 PATCH some cleanups and security fixes Harald Hoyer
-- strict thread matches above, loose matches on Subject: below --
2004-10-05 23:49 Greg KH
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).