diff options
| author | Joe Marcus Clarke <marcus@FreeBSD.org> | 2002-09-13 04:03:50 +0000 |
|---|---|---|
| committer | Joe Marcus Clarke <marcus@FreeBSD.org> | 2002-09-13 04:03:50 +0000 |
| commit | 572d0b6afcda42ad2244898c502ffa56f41b26a2 (patch) | |
| tree | 6acdea1de6e6a7887e5599f4db2850ac5827d6c9 /textproc | |
| parent | Use offical vendor patches 1-4. (diff) | |
Attempt to fix a security bug in scrollkeeper in which the code will follow
symlinks when attempting to locate a temp file. Note, this is not the
author's patch, but one of my own. I think this should fix it, but I'm
not sure if I'm missing something. The patch is based on the description
from securityfocus.com.
See http://online.securityfocus.com/bid/5602/info/ for more details.
Reported by: Daniel Harris <dh@askdh.com>
Notes
Notes:
svn path=/head/; revision=66225
Diffstat (limited to 'textproc')
| -rw-r--r-- | textproc/scrollkeeper/Makefile | 2 | ||||
| -rw-r--r-- | textproc/scrollkeeper/files/patch-cl_src_get-cl.c | 11 |
2 files changed, 12 insertions, 1 deletions
diff --git a/textproc/scrollkeeper/Makefile b/textproc/scrollkeeper/Makefile index 94d72cb39060..24956167a44b 100644 --- a/textproc/scrollkeeper/Makefile +++ b/textproc/scrollkeeper/Makefile @@ -7,7 +7,7 @@ PORTNAME= scrollkeeper PORTVERSION= 0.3.11 -PORTREVISION= 1 +PORTREVISION= 2 PORTEPOCH= 1 CATEGORIES= textproc gnome MASTER_SITES= ${MASTER_SITE_GNOME} diff --git a/textproc/scrollkeeper/files/patch-cl_src_get-cl.c b/textproc/scrollkeeper/files/patch-cl_src_get-cl.c new file mode 100644 index 000000000000..c19108275e2c --- /dev/null +++ b/textproc/scrollkeeper/files/patch-cl_src_get-cl.c @@ -0,0 +1,11 @@ +--- cl/src/get-cl.c.orig Thu Sep 12 23:54:01 2002 ++++ cl/src/get-cl.c Thu Sep 12 23:54:44 2002 +@@ -44,7 +44,7 @@ + + for(i = 0; i < 5; i++) { + snprintf(path, PATHLEN, "/tmp/scrollkeeper-tempfile.%d", i); +- if (stat(path, &buf) == -1) { ++ if (lstat(path, &buf) == -1) { + if (errno == ENOENT) { + /* this is an empty slot so use it */ + |