cluster: RHEL5 - gfs2: randomize debugfs mount point even more

public inbox for cluster-cvs@sourceware.org
help / color / mirror / Atom feed

From: Bob Peterson <rpeterso@fedoraproject.org>
To: cluster-cvs-relay@redhat.com
Subject: cluster: RHEL5 - gfs2: randomize debugfs mount point even more
Date: Mon, 04 May 2009 19:31:00 -0000	[thread overview]
Message-ID: <20090504193100.4997712025B@lists.fedorahosted.org> (raw)

Gitweb:        http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=1ea6d6c4680dfd0cdd43c4df8580d84789f75870
Commit:        1ea6d6c4680dfd0cdd43c4df8580d84789f75870
Parent:        07ff0098221e31673e0b61ac5dcd679dcd13c9f5
Author:        Bob Peterson <rpeterso@redhat.com>
AuthorDate:    Mon May 4 11:26:56 2009 -0500
Committer:     Bob Peterson <rpeterso@redhat.com>
CommitterDate: Mon May 4 11:26:56 2009 -0500

gfs2: randomize debugfs mount point even more

bz 498950 - cluster product is affected by several symlink attack vulnerabilities

18b24ae55c3e4abdc256a3b6c4f15ae0116a0f14 didn't introduce enough
security.

Switch to mkdtemp(3) and cleanup unrequired code as a consequence.
---
 gfs2/edit/savemeta.c |   15 ++++++++++-----
 1 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/gfs2/edit/savemeta.c b/gfs2/edit/savemeta.c
index de99cb7..29ddbb8 100644
--- a/gfs2/edit/savemeta.c
+++ b/gfs2/edit/savemeta.c
@@ -36,7 +36,7 @@
 #include "libgfs2.h"
 
 #define BUFSIZE (4096)
-#define DFT_SAVE_FILE "/tmp/gfsmeta"
+#define DFT_SAVE_FILE "/tmp/gfsmeta.XXXXXX"
 #define MAX_JOURNALS_SAVED 256
 
 struct saved_metablock {
@@ -418,7 +418,7 @@ void get_journal_inode_blocks(void)
 	}
 }
 
-void savemeta(const char *out_fn, int saveoption)
+void savemeta(char *out_fn, int saveoption)
 {
 	int out_fd;
 	int slow;
@@ -431,9 +431,14 @@ void savemeta(const char *out_fn, int saveoption)
 	slow = (saveoption == 1);
 	sbd.md.journals = 1;
 
-	if (!out_fn)
-		out_fn = DFT_SAVE_FILE;
-	out_fd = open(out_fn, O_RDWR | O_CREAT, 0644);
+	if (!out_fn) {
+		out_fn = strdup(DFT_SAVE_FILE);
+		if (!out_fn)
+			die("Can't allocate memory for the operation.\n");
+		out_fd = mkstemp(out_fn);
+	} else
+		out_fd = open(out_fn, O_RDWR | O_CREAT, 0644);
+
 	if (out_fd < 0)
 		die("Can't open %s: %s\n", out_fn, strerror(errno));

next             reply	other threads:[~2009-05-04 19:31 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-05-04 19:31 Bob Peterson [this message]
2009-05-04 19:31 Bob Peterson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20090504193100.4997712025B@lists.fedorahosted.org \
    --to=rpeterso@fedoraproject.org \
    --cc=cluster-cvs-relay@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).