rpm/rpm-4.12.0.x-CVE-2013-6435.patch
Lubos Kardos 2474acb1d0 - Add check against malicious CPIO file name size
- Fixes CVE-2014-8118
- Resolves #1168715
- Fix race condidition where unchecked data is exposed in the file system
- Fixes CVE-2013-6435
- Resolves #1039811
2014-12-12 17:06:03 +01:00

17 lines
482 B
Diff

--- rpm-4.12.0.1/lib/fsm.c.orig 2014-12-12 16:05:51.683430313 +0100
+++ rpm-4.12.0.1/lib/fsm.c 2014-12-12 16:08:28.046025597 +0100
@@ -215,7 +215,12 @@ static int expandRegular(rpmfi fi, const
FD_t wfd = NULL;
int rc = 0;
- wfd = Fopen(dest, "w.ufdio");
+ /* Create the file with 000 permissions. */
+ {
+ mode_t old_umask = umask(0777);
+ wfd = Fopen(dest, "w.ufdio");
+ umask(old_umask);
+ }
if (Ferror(wfd)) {
rc = RPMERR_OPEN_FAILED;
goto exit;