pkgs/raven-rhel6
1
0
Fork 0
Code Issues Pull Requests Wiki Activity
raven-rhel6/rpm/rpm-4.8.0-CVE-2013-6435.patch
Raven 8e3477b473 first commit
2024-02-21 20:14:44 +06:00

28 lines
1003 B
Diff
Raw Permalink Blame History

diff -up rpm-4.8.0/lib/fsm.c.CVE-2013-6435 rpm-4.8.0/lib/fsm.c
--- rpm-4.8.0/lib/fsm.c.CVE-2013-6435 2014-11-11 10:02:00.488073575 +0100
+++ rpm-4.8.0/lib/fsm.c 2014-11-11 13:00:00.618877113 +0100
@@ -798,7 +798,7 @@ static int fsmMapAttrs(FSM_t fsm)
static int expandRegular(FSM_t fsm)
{
const struct stat * st = &fsm->sb;
- rpm_loff_t left = st->st_size;
+ rpm_loff_t left = rpmfiFSizeIndex(fsmGetFi(fsm), fsm->ix);
int rc = 0;
rc = fsmNext(fsm, FSM_WOPEN);
@@ -2317,7 +2317,12 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS
fsm->rfd = NULL;
break;
case FSM_WOPEN:
- fsm->wfd = Fopen(fsm->path, "w.ufdio");
+ /* Create the file with 000 permissions. */
+ {
+ mode_t old_umask = umask(0777);
+ fsm->wfd = Fopen(fsm->path, "w.ufdio");
+ umask(old_umask);
+ }
if (fsm->wfd == NULL || Ferror(fsm->wfd)) {
if (fsm->wfd != NULL) (void) fsmNext(fsm, FSM_WCLOSE);
fsm->wfd = NULL;
diff -up rpm-4.8.0/rpmio/rpmio.c.CVE-2013-6435 rpm-4.8.0/rpmio/rpmio.c
Reference in New Issue View Git Blame Copy Permalink