public inbox for cluster-cvs@sourceware.org
help / color / mirror / Atom feed
* cluster: RHEL5 - gfs2: randomize debugfs mount point even more
@ 2009-05-04 19:31 Bob Peterson
0 siblings, 0 replies; 2+ messages in thread
From: Bob Peterson @ 2009-05-04 19:31 UTC (permalink / raw)
To: cluster-cvs-relay
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=1ea6d6c4680dfd0cdd43c4df8580d84789f75870
Commit: 1ea6d6c4680dfd0cdd43c4df8580d84789f75870
Parent: 07ff0098221e31673e0b61ac5dcd679dcd13c9f5
Author: Bob Peterson <rpeterso@redhat.com>
AuthorDate: Mon May 4 11:26:56 2009 -0500
Committer: Bob Peterson <rpeterso@redhat.com>
CommitterDate: Mon May 4 11:26:56 2009 -0500
gfs2: randomize debugfs mount point even more
bz 498950 - cluster product is affected by several symlink attack vulnerabilities
18b24ae55c3e4abdc256a3b6c4f15ae0116a0f14 didn't introduce enough
security.
Switch to mkdtemp(3) and cleanup unrequired code as a consequence.
---
gfs2/edit/savemeta.c | 15 ++++++++++-----
1 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/gfs2/edit/savemeta.c b/gfs2/edit/savemeta.c
index de99cb7..29ddbb8 100644
--- a/gfs2/edit/savemeta.c
+++ b/gfs2/edit/savemeta.c
@@ -36,7 +36,7 @@
#include "libgfs2.h"
#define BUFSIZE (4096)
-#define DFT_SAVE_FILE "/tmp/gfsmeta"
+#define DFT_SAVE_FILE "/tmp/gfsmeta.XXXXXX"
#define MAX_JOURNALS_SAVED 256
struct saved_metablock {
@@ -418,7 +418,7 @@ void get_journal_inode_blocks(void)
}
}
-void savemeta(const char *out_fn, int saveoption)
+void savemeta(char *out_fn, int saveoption)
{
int out_fd;
int slow;
@@ -431,9 +431,14 @@ void savemeta(const char *out_fn, int saveoption)
slow = (saveoption == 1);
sbd.md.journals = 1;
- if (!out_fn)
- out_fn = DFT_SAVE_FILE;
- out_fd = open(out_fn, O_RDWR | O_CREAT, 0644);
+ if (!out_fn) {
+ out_fn = strdup(DFT_SAVE_FILE);
+ if (!out_fn)
+ die("Can't allocate memory for the operation.\n");
+ out_fd = mkstemp(out_fn);
+ } else
+ out_fd = open(out_fn, O_RDWR | O_CREAT, 0644);
+
if (out_fd < 0)
die("Can't open %s: %s\n", out_fn, strerror(errno));
^ permalink raw reply [flat|nested] 2+ messages in thread
* cluster: RHEL5 - gfs2: randomize debugfs mount point even more
@ 2009-05-04 19:31 Bob Peterson
0 siblings, 0 replies; 2+ messages in thread
From: Bob Peterson @ 2009-05-04 19:31 UTC (permalink / raw)
To: cluster-cvs-relay
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=07ff0098221e31673e0b61ac5dcd679dcd13c9f5
Commit: 07ff0098221e31673e0b61ac5dcd679dcd13c9f5
Parent: 423ba66a2c5a08a000c8e971589c94b3fbebf701
Author: Bob Peterson <rpeterso@redhat.com>
AuthorDate: Mon May 4 11:06:20 2009 -0500
Committer: Bob Peterson <rpeterso@redhat.com>
CommitterDate: Mon May 4 11:06:20 2009 -0500
gfs2: randomize debugfs mount point even more
bz 498950 - cluster product is affected by several symlink attack vulnerabilities
18b24ae55c3e4abdc256a3b6c4f15ae0116a0f14 didn't introduce enough
security.
Switch to mkdtemp(3) and cleanup unrequired code as a consequence.
---
gfs2/tool/misc.c | 32 ++++++++++++++------------------
1 files changed, 14 insertions(+), 18 deletions(-)
diff --git a/gfs2/tool/misc.c b/gfs2/tool/misc.c
index 103df2f..dec78d7 100644
--- a/gfs2/tool/misc.c
+++ b/gfs2/tool/misc.c
@@ -115,27 +115,26 @@ print_lockdump(int argc, char **argv)
char *name, line[PATH_MAX];
char *debugfs;
FILE *file;
- int rc = -1, debug_dir_existed = 1;
+ int rc = -1;
/* See if debugfs is mounted, and if not, mount it. */
debugfs = find_debugfs_mount();
if (!debugfs) {
- debugfs = malloc(20);
+ debugfs = malloc(PATH_MAX);
if (!debugfs)
die("Can't allocate memory for debugfs.\n");
- memset(debugfs, 0, 20);
- strcpy(debugfs, "/tmp/debugfs");
-
- if (access(debugfs, F_OK)) {
- debug_dir_existed = mkdir(debugfs, 644);
- if (debug_dir_existed) {
- fprintf(stderr,
- "Can't create %s mount point.\n",
- debugfs);
- free(debugfs);
- exit(-1);
- }
+
+ memset(debugfs, 0, PATH_MAX);
+ sprintf(debugfs, "/tmp/debugfs.XXXXXX");
+
+ if (!mkdtemp(debugfs)) {
+ fprintf(stderr,
+ "Can't create %s mount point.\n",
+ debugfs);
+ free(debugfs);
+ exit(-1);
}
+
rc = mount("none", debugfs, "debugfs", 0, NULL);
if (rc) {
fprintf(stderr,
@@ -166,10 +165,7 @@ print_lockdump(int argc, char **argv)
/* Check if we mounted the debugfs and if so, unmount it. */
if (!rc) {
umount(debugfs);
- /* Check if we created the debugfs mount point and if so,
- delete it. */
- if (!debug_dir_existed)
- rmdir(debugfs);
+ rmdir(debugfs);
}
free(debugfs);
}
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2009-05-04 19:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-05-04 19:31 cluster: RHEL5 - gfs2: randomize debugfs mount point even more Bob Peterson
2009-05-04 19:31 Bob Peterson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).