libffi3.1/libffi-3.1-libffi_tmpdir.patch
2021-06-28 21:19:58 -04:00

18 lines
789 B
Diff

Most temp file directories need to be hardened against execution, but
libffi needs execute privileges. Add a libffi-specific temp directory
that can be set up by sysadmins as needed with suitable permissions.
This both ensures that libffi will have a valid temp directory to use
as well as preventing attempts to access other directories.
diff -rup a/src/closures.c b/src/closures.c
--- a/src/closures.c 2014-05-11 09:54:19.000000000 -0400
+++ b/src/closures.c 2020-04-29 20:50:00.454853909 -0400
@@ -362,6 +362,7 @@ static struct
const char *arg;
int repeat;
} open_temp_exec_file_opts[] = {
+ { open_temp_exec_file_env, "LIBFFI_TMPDIR", 0 },
{ open_temp_exec_file_env, "TMPDIR", 0 },
{ open_temp_exec_file_dir, "/tmp", 0 },
{ open_temp_exec_file_dir, "/var/tmp", 0 },