SOURCES: arts-branch.diff - security fix
arekm
arekm at pld-linux.org
Fri Jun 9 17:10:05 CEST 2006
Author: arekm Date: Fri Jun 9 15:10:05 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- security fix
---- Files affected:
SOURCES:
arts-branch.diff (1.1 -> 1.2)
---- Diffs:
================================================================
Index: SOURCES/arts-branch.diff
diff -u SOURCES/arts-branch.diff:1.1 SOURCES/arts-branch.diff:1.2
--- SOURCES/arts-branch.diff:1.1 Thu Mar 24 13:42:26 2005
+++ SOURCES/arts-branch.diff Fri Jun 9 17:10:00 2006
@@ -1,118 +1,54 @@
-diff -urN -x CVS arts.orig/admin/acinclude.m4.in arts/admin/acinclude.m4.in
---- arts.orig/admin/acinclude.m4.in 2005-02-09 23:21:09.000000000 +0100
-+++ arts/admin/acinclude.m4.in 2005-03-09 11:53:14.000000000 +0100
-@@ -3194,6 +3194,51 @@
- ifdef([AM_DEPENDENCIES], AC_REQUIRE([KDE_ADD_DEPENDENCIES]), [])
- ])
+Index: arts/soundserver/artswrapper.c
+===================================================================
+--- arts/soundserver/artswrapper.c (.../tags/arts/1.5.3) (revision 549703)
++++ arts/soundserver/artswrapper.c (.../branches/arts/1.5) (revision 549703)
+@@ -95,6 +95,10 @@
+ #else
+ setreuid(-1, getuid());
+ #endif
++ if (geteuid() != getuid()) {
++ perror("setuid()");
++ return 2;
++ }
+ }
-+AC_DEFUN([KDE_CHECK_VISIBILITY_GCC_BUG],
-+ [
-+ AC_CACHE_CHECK([for gcc -fvisibility-inlines-hidden bug], kde_cv_val_gcc_visibility_bug,
-+ [
-+ AC_LANG_SAVE
-+ AC_LANG_CPLUSPLUS
-+
-+ safe_CXXFLAGS=$CXXFLAGS
-+ safe_LDFLAGS=$LDFLAGS
-+ CXXFLAGS="$CXXFLAGS -fPIC -fvisibility-inlines-hidden -O0"
-+ LDFLAGS="$LDFLAGS -shared -fPIC"
-+
-+ AC_TRY_LINK(
-+ [
-+ /* http://gcc.gnu.org/bugzilla/show_bug.cgi?id=19664 */
-+ template<typename CharT>
-+ struct VisTest
-+ {
-+ inline VisTest ();
-+ };
-+ template<typename CharT>
-+ inline VisTest<CharT>::VisTest()
-+ {}
-+ extern template class VisTest<char>; // It works if we drop that line
-+ int some_function( int do_something ) __attribute__ ((visibility("default")));
-+ int some_function( int )
-+ {
-+ VisTest<char> a;
-+ return 0;
+ if(argc == 0)
+Index: arts/soundserver/crashhandler.cc
+===================================================================
+--- arts/soundserver/crashhandler.cc (.../tags/arts/1.5.3) (revision 549703)
++++ arts/soundserver/crashhandler.cc (.../branches/arts/1.5) (revision 549703)
+@@ -196,7 +196,12 @@
+ argv[i++] = NULL;
+
+ setgid(getgid());
+- setuid(getuid());
++ if (getuid() != geteuid())
++ setuid(getuid());
++ if (getuid() != geteuid()) {
++ perror("setuid()");
++ exit(255);
+ }
-+ ], [/* elvis is alive */],
-+ kde_cv_val_gcc_visibility_bug=no, kde_cv_val_gcc_visibility_bug=yes)
-+
-+ CXXFLAGS=$safe_CXXFLAGS
-+ LDFLAGS=$safe_LDFLAGS
-+ AC_LANG_RESTORE
-+ ]
-+ )
-+
-+ if test x$kde_cv_val_gcc_visibility_bug = xno; then
-+ CXXFLAGS="$CXXFLAGS -fvisibility-inlines-hidden"
-+ fi
-+ ]
-+)
-+
- AC_DEFUN([KDE_CHECK_AND_ADD_HIDDEN_VISIBILITY],
- [
- if test "$GXX" = "yes"; then
-@@ -3202,7 +3247,9 @@
- KDE_CHECK_COMPILER_FLAG(fno-common, [CXXFLAGS="$CXXFLAGS -fno-common"])
- KDE_CHECK_COMPILER_FLAG(fvisibility=hidden,
- [
-- CXXFLAGS="$CXXFLAGS -fvisibility=hidden -fvisibility-inlines-hidden"
-+ CXXFLAGS="$CXXFLAGS -fvisibility=hidden"
-+ KDE_CHECK_VISIBILITY_GCC_BUG
-+
- HAVE_GCC_VISIBILITY=1
- AC_DEFINE_UNQUOTED(__KDE_HAVE_GCC_VISIBILITY, "$HAVE_GCC_VISIBILITY", [define to 1 if -fvisibility is supported])
- ])
-diff -urN -x CVS arts.orig/flow/audioioalsa9.cc arts/flow/audioioalsa9.cc
---- arts.orig/flow/audioioalsa9.cc 2004-05-26 20:50:18.000000000 +0200
-+++ arts/flow/audioioalsa9.cc 2005-03-09 15:07:43.000000000 +0100
-@@ -394,7 +394,9 @@
- int frames = snd_pcm_bytes_to_frames(m_pcm_capture, size);
- int length;
- while ((length = snd_pcm_readi(m_pcm_capture, buffer, frames)) < 0) {
-- if (length == -EPIPE)
-+ if (length == -EINTR)
-+ continue; // Try again
-+ else if (length == -EPIPE)
- length = xrun(m_pcm_capture);
- #ifdef HAVE_SND_PCM_RESUME
- else if (length == -ESTRPIPE)
-@@ -413,7 +415,9 @@
- int frames = snd_pcm_bytes_to_frames(m_pcm_playback, size);
- int length;
- while ((length = snd_pcm_writei(m_pcm_playback, buffer, frames)) < 0) {
-- if (length == -EPIPE)
-+ if (length == -EINTR)
-+ continue; // Try again
-+ else if (length == -EPIPE)
- length = xrun(m_pcm_playback);
- #ifdef HAVE_SND_PCM_RESUME
- else if (length == -ESTRPIPE)
-diff -urN -x CVS arts.orig/flow/audioioalsa.cc arts/flow/audioioalsa.cc
---- arts.orig/flow/audioioalsa.cc 2001-11-05 18:29:57.000000000 +0100
-+++ arts/flow/audioioalsa.cc 2005-03-09 15:07:43.000000000 +0100
-@@ -374,7 +374,10 @@
- int AudioIOALSA::read(void *buffer, int size)
- {
-- int length = snd_pcm_read(m_pcm_handle, buffer, size);
-+ int length;
-+ do {
-+ length = snd_pcm_read(m_pcm_handle, buffer, size);
-+ } while (length == -EINTR);
- if(length == -EPIPE) {
- snd_pcm_channel_status_t status;
- (void)memset(&status, 0, sizeof(status));
-@@ -409,7 +412,10 @@
+ execvp(crashApp, argv);
+
+Index: arts/flow/gsl/gslmagic.c
+===================================================================
+--- arts/flow/gsl/gslmagic.c (.../tags/arts/1.5.3) (revision 549703)
++++ arts/flow/gsl/gslmagic.c (.../branches/arts/1.5) (revision 549703)
+@@ -616,7 +616,7 @@
+ return FALSE;
- int AudioIOALSA::write(void *buffer, int size)
- {
-- while(snd_pcm_write(m_pcm_handle, buffer, size) != size) {
-+ int length;
-+ while((length = snd_pcm_write(m_pcm_handle, buffer, size)) != size) {
-+ if (length == -EINTR)
-+ continue; // Try again
- snd_pcm_channel_status_t status;
- (void)memset(&status, 0, sizeof(status));
- status.channel = SND_PCM_CHANNEL_PLAYBACK;
+ do
+- ret = fstat (bfile->fd, &buf) < 0;
++ ret = fstat (bfile->fd, &buf);
+ while (ret < 0 && errno == EINTR);
+ if (ret < 0)
+ {
+
+Property changes on: arts
+___________________________________________________________________
+Name: svn:externals
+ + libltdl https://svn.kde.org/home/kde/branches/KDE/3.5/kdelibs/libltdl
+admin https://svn.kde.org/home/kde/branches/KDE/3.5/kde-common/admin
+
+
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/arts-branch.diff?r1=1.1&r2=1.2&f=u
More information about the pld-cvs-commit
mailing list