aboutsummaryrefslogtreecommitdiffstats
path: root/main/guile/CVE-2016-8605.patch
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2016-11-08 16:08:23 +0100
committerNatanael Copa <ncopa@alpinelinux.org>2016-11-08 16:08:23 +0100
commit6c9dd3be0e2be5db55ba41079e715b8c79b86678 (patch)
tree5fc25ac23123942dadcfb7b90fbbd916eb44386f /main/guile/CVE-2016-8605.patch
parent8ffd18baa02a14a04ea58debd2c12ae688502b5f (diff)
downloadaports-6c9dd3be0e2be5db55ba41079e715b8c79b86678.tar.gz
aports-6c9dd3be0e2be5db55ba41079e715b8c79b86678.tar.bz2
aports-6c9dd3be0e2be5db55ba41079e715b8c79b86678.tar.xz
main/guile: fix CVE-2016-8605 and CVE-2016-8606
fixes #6365
Diffstat (limited to 'main/guile/CVE-2016-8605.patch')
-rw-r--r--main/guile/CVE-2016-8605.patch86
1 files changed, 86 insertions, 0 deletions
diff --git a/main/guile/CVE-2016-8605.patch b/main/guile/CVE-2016-8605.patch
new file mode 100644
index 0000000000..aee593fbd5
--- /dev/null
+++ b/main/guile/CVE-2016-8605.patch
@@ -0,0 +1,86 @@
+From 245608911698adb3472803856019bdd5670b6614 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
+Date: Tue, 11 Oct 2016 10:14:26 +0200
+Subject: Remove 'umask' calls from 'mkdir'.
+
+Fixes <http://bugs.gnu.org/24659>.
+
+* libguile/filesys.c (SCM_DEFINE): Remove calls to 'umask' when MODE is
+unbound; instead, use 0777 as the mode. Update docstring to clarify
+this.
+* doc/ref/posix.texi (File System): Adjust accordingly.
+* NEWS: Mention it.
+---
+ NEWS | 14 +++++++++++++-
+ doc/ref/posix.texi | 7 ++++---
+ libguile/filesys.c | 25 ++++++++++---------------
+ 3 files changed, 27 insertions(+), 19 deletions(-)
+
+diff --git a/doc/ref/posix.texi b/doc/ref/posix.texi
+index 2b9011d..a818604 100644
+--- a/doc/ref/posix.texi
++++ b/doc/ref/posix.texi
+@@ -864,9 +864,10 @@ Create a symbolic link named @var{newpath} with the value (i.e., pointing to)
+ @deffn {Scheme Procedure} mkdir path [mode]
+ @deffnx {C Function} scm_mkdir (path, mode)
+ Create a new directory named by @var{path}. If @var{mode} is omitted
+-then the permissions of the directory file are set using the current
+-umask (@pxref{Processes}). Otherwise they are set to the decimal
+-value specified with @var{mode}. The return value is unspecified.
++then the permissions of the directory are set to @code{#o777}
++masked with the current umask (@pxref{Processes, @code{umask}}).
++Otherwise they are set to the value specified with @var{mode}.
++The return value is unspecified.
+ @end deffn
+
+ @deffn {Scheme Procedure} rmdir path
+diff --git a/libguile/filesys.c b/libguile/filesys.c
+index e6e1db5..e6e37b0 100644
+--- a/libguile/filesys.c
++++ b/libguile/filesys.c
+@@ -1,5 +1,5 @@
+ /* Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2004, 2006,
+- * 2009, 2010, 2011, 2012, 2013, 2014 Free Software Foundation, Inc.
++ * 2009, 2010, 2011, 2012, 2013, 2014, 2016 Free Software Foundation, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+@@ -1255,26 +1255,21 @@ SCM_DEFINE (scm_getcwd, "getcwd", 0, 0, 0,
+ SCM_DEFINE (scm_mkdir, "mkdir", 1, 1, 0,
+ (SCM path, SCM mode),
+ "Create a new directory named by @var{path}. If @var{mode} is omitted\n"
+- "then the permissions of the directory file are set using the current\n"
+- "umask. Otherwise they are set to the decimal value specified with\n"
+- "@var{mode}. The return value is unspecified.")
++ "then the permissions of the directory are set to @code{#o777}\n"
++ "masked with the current umask (@pxref{Processes, @code{umask}}).\n"
++ "Otherwise they are set to the value specified with @var{mode}.\n"
++ "The return value is unspecified.")
+ #define FUNC_NAME s_scm_mkdir
+ {
+ int rv;
+- mode_t mask;
++ mode_t c_mode;
+
+- if (SCM_UNBNDP (mode))
+- {
+- mask = umask (0);
+- umask (mask);
+- STRING_SYSCALL (path, c_path, rv = mkdir (c_path, 0777 ^ mask));
+- }
+- else
+- {
+- STRING_SYSCALL (path, c_path, rv = mkdir (c_path, scm_to_uint (mode)));
+- }
++ c_mode = SCM_UNBNDP (mode) ? 0777 : scm_to_uint (mode);
++
++ STRING_SYSCALL (path, c_path, rv = mkdir (c_path, c_mode));
+ if (rv != 0)
+ SCM_SYSERROR;
++
+ return SCM_UNSPECIFIED;
+ }
+ #undef FUNC_NAME
+--
+cgit v1.0
+