SOURCES: groff-safer.patch (NEW) - resurrected for 1.18.1.4
baggins
baggins at pld-linux.org
Tue Nov 7 15:24:40 CET 2006
Author: baggins Date: Tue Nov 7 14:24:40 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- resurrected for 1.18.1.4
---- Files affected:
SOURCES:
groff-safer.patch (1.5 -> 1.6) (NEW)
---- Diffs:
================================================================
Index: SOURCES/groff-safer.patch
diff -u /dev/null SOURCES/groff-safer.patch:1.6
--- /dev/null Tue Nov 7 15:24:40 2006
+++ SOURCES/groff-safer.patch Tue Nov 7 15:24:35 2006
@@ -0,0 +1,37 @@
+--- groff-1.17/src/roff/troff/input.cc.safer Wed Jun 7 21:47:48 2000
++++ groff-1.17/src/roff/troff/input.cc Wed Jun 7 21:50:37 2000
+@@ -4404,12 +4406,28 @@
+ else {
+ while (!tok.newline() && !tok.eof())
+ tok.next();
+- errno = 0;
+- FILE *fp = fopen(nm.contents(), "r");
+- if (fp)
+- input_stack::push(new file_iterator(fp, nm.contents()));
+- else
+- error("can't open `%1': %2", nm.contents(), strerror(errno));
++ char cbuf[PATH_MAX], * cwd;
++ char pbuf[PATH_MAX], * path;
++ struct stat st;
++
++ if ((cwd = realpath(".", cbuf)) == NULL)
++ error("realpath on `%1' failed: %2", ".", strerror(errno));
++ else if ((path = realpath(nm.contents(), pbuf)) == NULL)
++ error("realpath on `%1' failed: %2", nm.contents(), strerror(errno));
++ else if (safer_flag && strncmp(cwd, path, strlen(cwd)))
++ error("won't source `%1' outside of `%2' without -U flag", path, cwd);
++ else if (stat(path, &st) < 0)
++ error("can't stat `%1': %2", path, strerror(errno));
++ else if (safer_flag && !S_ISREG(st.st_mode))
++ error("won't source non-file `%1' without -U flag", path);
++ else {
++ errno = 0;
++ FILE *fp = fopen(path, "r");
++ if (fp)
++ input_stack::push(new file_iterator(fp, nm.contents()));
++ else
++ error("can't open `%1': %2", path, strerror(errno));
++ }
+ tok.next();
+ }
+ }
================================================================
More information about the pld-cvs-commit
mailing list