head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.8 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.6 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.4 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.2 pkgsrc-2011Q2-base:1.2 pkgsrc-2010Q1:1.1.0.22 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.20 pkgsrc-2009Q4-base:1.1 pkgsrc-2009Q3:1.1.0.18 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.16 pkgsrc-2009Q2-base:1.1 pkgsrc-2009Q1:1.1.0.14 pkgsrc-2009Q1-base:1.1 pkgsrc-2008Q4:1.1.0.12 pkgsrc-2008Q4-base:1.1 pkgsrc-2008Q3:1.1.0.10 pkgsrc-2008Q3-base:1.1 cube-native-xorg:1.1.0.8 cube-native-xorg-base:1.1 pkgsrc-2008Q2:1.1.0.6 pkgsrc-2008Q2-base:1.1 cwrapper:1.1.0.4 pkgsrc-2008Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2010.06.03.09.33.24; author wiz; state dead; branches; next 1.1; 1.1 date 2008.05.12.15.49.30; author tonnerre; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2008.05.12.15.49.30; author rtr; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2008.05.13.12.35.13; author rtr; state Exp; branches; next ; desc @@ 1.2 log @Remove patches that were not in distinfo after 2.4.5 update. @ text @$NetBSD: patch-ai,v 1.1 2008/05/12 15:49:30 tonnerre Exp $ --- netserver.c.orig 2004-09-21 23:33:40.000000000 +0200 +++ netserver.c @@@@ -138,6 +138,9 @@@@ FILE *afp; short listen_port_num; extern char *optarg; extern int optind, opterr; +#ifndef WIN32 +char debuglog[] = "/tmp/netperf.debugXXXXXX"; +#endif #ifndef WIN32 #define SERVER_ARGS "dn:p:v:46" @@@@ -181,8 +184,14 @@@@ process_requests() netperf_response.content.response_type = DEBUG_OK; send_response(); //+*+SAF why??? - if (!debug) + if (!debug) + { fclose(where); +#ifndef WIN32 + unlink(debuglog); + close(fd); +#endif + } break; case CPU_CALIBRATE: @@@@ -730,7 +739,13 @@@@ struct sockaddr name; /* unlink(DEBUG_LOG_FILE); */ #ifndef WIN32 - if ((where = fopen(DEBUG_LOG_FILE, "w")) == NULL) { + if ((fd = mkstemp(debuglog)) == -1 || (where = fdopen(fd, "w+")) == NULL) + { + if (fd != -1) + { + unlink(debuglog); + close(fd); + } perror("netserver: debug file"); exit(1); } @@@@ -761,10 +776,6 @@@@ struct sockaddr name; } #endif -#ifndef WIN32 - chmod(DEBUG_LOG_FILE,0644); -#endif - #if WIN32 if (child) { server_sock = (SOCKET)GetStdHandle(STD_INPUT_HANDLE); @ 1.1 log @Use mkstemp in netperf code to open the debug log in order to avoid a symlink vulnerability. This fixes CVE-2007-1444. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ai was added on branch pkgsrc-2008Q1 on 2008-05-13 12:35:13 +0000 @ text @d1 56 @ 1.1.2.2 log @pullup ticket #2374 - requested by tonnerre netperf: fix for symlink vulnerability revisions pulled up: - pkgsrc/benchmarks/netperf/Makefile 1.5 - pkgsrc/benchmarks/netperf/distinfo 1.3 - pkgsrc/benchmarks/netperf/patches/patch-ah 1.1 - pkgsrc/benchmarks/netperf/patches/patch-ai 1.1 - pkgsrc/benchmarks/netperf/patches/patch-ak 1.1 Module Name: pkgsrc Committed By: tonnerre Date: Mon May 12 15:49:31 UTC 2008 Modified Files: pkgsrc/benchmarks/netperf: Makefile distinfo Added Files: pkgsrc/benchmarks/netperf/patches: patch-ah patch-ai patch-ak Log Message: Use mkstemp in netperf code to open the debug log in order to avoid a symlink vulnerability. This fixes CVE-2007-1444. @ text @a0 56 $NetBSD: patch-ai,v 1.1 2008/05/12 15:49:30 tonnerre Exp $ --- netserver.c.orig 2004-09-21 23:33:40.000000000 +0200 +++ netserver.c @@@@ -138,6 +138,9 @@@@ FILE *afp; short listen_port_num; extern char *optarg; extern int optind, opterr; +#ifndef WIN32 +char debuglog[] = "/tmp/netperf.debugXXXXXX"; +#endif #ifndef WIN32 #define SERVER_ARGS "dn:p:v:46" @@@@ -181,8 +184,14 @@@@ process_requests() netperf_response.content.response_type = DEBUG_OK; send_response(); //+*+SAF why??? - if (!debug) + if (!debug) + { fclose(where); +#ifndef WIN32 + unlink(debuglog); + close(fd); +#endif + } break; case CPU_CALIBRATE: @@@@ -730,7 +739,13 @@@@ struct sockaddr name; /* unlink(DEBUG_LOG_FILE); */ #ifndef WIN32 - if ((where = fopen(DEBUG_LOG_FILE, "w")) == NULL) { + if ((fd = mkstemp(debuglog)) == -1 || (where = fdopen(fd, "w+")) == NULL) + { + if (fd != -1) + { + unlink(debuglog); + close(fd); + } perror("netserver: debug file"); exit(1); } @@@@ -761,10 +776,6 @@@@ struct sockaddr name; } #endif -#ifndef WIN32 - chmod(DEBUG_LOG_FILE,0644); -#endif - #if WIN32 if (child) { server_sock = (SOCKET)GetStdHandle(STD_INPUT_HANDLE); @