1 files changed, 86 insertions, 0 deletions
diff --git a/main/guile/CVE-2016-8605.patch b/main/guile/CVE-2016-8605.patch
new file mode 100644
index 00000000000..aee593fbd53
--- /dev/null
+++ b/main/guile/CVE-2016-8605.patch
@@ -0,0 +1,86 @@
+From 245608911698adb3472803856019bdd5670b6614 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
+Date: Tue, 11 Oct 2016 10:14:26 +0200
+Subject: Remove 'umask' calls from 'mkdir'.
+
+Fixes <http://bugs.gnu.org/24659>.
+
+* libguile/filesys.c (SCM_DEFINE): Remove calls to 'umask' when MODE is
+unbound; instead, use 0777 as the mode.  Update docstring to clarify
+this.
+* doc/ref/posix.texi (File System): Adjust accordingly.
+* NEWS: Mention it.
+---
+ NEWS               | 14 +++++++++++++-
+ doc/ref/posix.texi |  7 ++++---
+ libguile/filesys.c | 25 ++++++++++---------------
+ 3 files changed, 27 insertions(+), 19 deletions(-)
+
+diff --git a/doc/ref/posix.texi b/doc/ref/posix.texi
+index 2b9011d..a818604 100644
+--- a/doc/ref/posix.texi
++++ b/doc/ref/posix.texi
+@@ -864,9 +864,10 @@ Create a symbolic link named @var{newpath} with the value (i.e., pointing to)
+ @deffn {Scheme Procedure} mkdir path [mode]
+ @deffnx {C Function} scm_mkdir (path, mode)
+ Create a new directory named by @var{path}.  If @var{mode} is omitted
+-then the permissions of the directory file are set using the current
+-umask (@pxref{Processes}).  Otherwise they are set to the decimal
+-value specified with @var{mode}.  The return value is unspecified.
++then the permissions of the directory are set to @code{#o777}
++masked with the current umask (@pxref{Processes, @code{umask}}).
++Otherwise they are set to the value specified with @var{mode}.
++The return value is unspecified.
+ @end deffn
+ 
+ @deffn {Scheme Procedure} rmdir path
+diff --git a/libguile/filesys.c b/libguile/filesys.c
+index e6e1db5..e6e37b0 100644
+--- a/libguile/filesys.c
++++ b/libguile/filesys.c
+@@ -1,5 +1,5 @@
+ /* Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2004, 2006,
+- *   2009, 2010, 2011, 2012, 2013, 2014 Free Software Foundation, Inc.
++ *   2009, 2010, 2011, 2012, 2013, 2014, 2016 Free Software Foundation, Inc.
+  *
+  * This library is free software; you can redistribute it and/or
+  * modify it under the terms of the GNU Lesser General Public License
+@@ -1255,26 +1255,21 @@ SCM_DEFINE (scm_getcwd, "getcwd", 0, 0, 0,
+ SCM_DEFINE (scm_mkdir, "mkdir", 1, 1, 0,
+             (SCM path, SCM mode),
+ 	    "Create a new directory named by @var{path}.  If @var{mode} is omitted\n"
+-	    "then the permissions of the directory file are set using the current\n"
+-	    "umask.  Otherwise they are set to the decimal value specified with\n"
+-	    "@var{mode}.  The return value is unspecified.")
++	    "then the permissions of the directory are set to @code{#o777}\n"
++	    "masked with the current umask (@pxref{Processes, @code{umask}}).\n"
++	    "Otherwise they are set to the value specified with @var{mode}.\n"
++	    "The return value is unspecified.")
+ #define FUNC_NAME s_scm_mkdir
+ {
+   int rv;
+-  mode_t mask;
++  mode_t c_mode;
+ 
+-  if (SCM_UNBNDP (mode))
+-    {
+-      mask = umask (0);
+-      umask (mask);
+-      STRING_SYSCALL (path, c_path, rv = mkdir (c_path, 0777 ^ mask));
+-    }
+-  else
+-    {
+-      STRING_SYSCALL (path, c_path, rv = mkdir (c_path, scm_to_uint (mode)));
+-    }
++  c_mode = SCM_UNBNDP (mode) ? 0777 : scm_to_uint (mode);
++
++  STRING_SYSCALL (path, c_path, rv = mkdir (c_path, c_mode));
+   if (rv != 0)
+     SCM_SYSERROR;
++
+   return SCM_UNSPECIFIED;
+ }
+ #undef FUNC_NAME
+-- 
+cgit v1.0
+