|
Jakub Filak |
d596add |
From fce92be28e87f4bbcf637ec06cc3e28652628684 Mon Sep 17 00:00:00 2001
|
|
Jakub Filak |
d596add |
From: Jakub Filak <jfilak@redhat.com>
|
|
Jakub Filak |
d596add |
Date: Wed, 30 Sep 2015 12:24:32 +0200
|
|
Jakub Filak |
d596add |
Subject: [PATCH] ccpp: save abrt core files only to new files
|
|
Jakub Filak |
d596add |
|
|
Jakub Filak |
d596add |
Prior this commit abrt-hook-ccpp saved a core file generated by a
|
|
Jakub Filak |
d596add |
process running a program whose name starts with "abrt" in
|
|
Jakub Filak |
d596add |
DUMP_LOCATION/$(basename program)-coredump. If the file was a symlink,
|
|
Jakub Filak |
d596add |
the hook followed and wrote core file to the symlink's target.
|
|
Jakub Filak |
d596add |
|
|
Jakub Filak |
d596add |
Addresses CVE-2015-5287
|
|
Jakub Filak |
d596add |
|
|
Jakub Filak |
d596add |
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
|
Jakub Filak |
d596add |
---
|
|
Jakub Filak |
d596add |
src/hooks/abrt-hook-ccpp.c | 3 ++-
|
|
Jakub Filak |
d596add |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
Jakub Filak |
d596add |
|
|
Jakub Filak |
d596add |
diff --git a/src/hooks/abrt-hook-ccpp.c b/src/hooks/abrt-hook-ccpp.c
|
|
Jakub Filak |
d596add |
index 4a31b81..58d9c28 100644
|
|
Jakub Filak |
d596add |
--- a/src/hooks/abrt-hook-ccpp.c
|
|
Jakub Filak |
d596add |
+++ b/src/hooks/abrt-hook-ccpp.c
|
|
Jakub Filak |
d596add |
@@ -718,7 +718,8 @@ int main(int argc, char** argv)
|
|
Jakub Filak |
d596add |
if (snprintf(path, sizeof(path), "%s/%s-coredump", g_settings_dump_location, last_slash) >= sizeof(path))
|
|
Jakub Filak |
d596add |
error_msg_and_die("Error saving '%s': truncated long file path", path);
|
|
Jakub Filak |
d596add |
|
|
Jakub Filak |
d596add |
- int abrt_core_fd = xopen3(path, O_WRONLY | O_CREAT | O_TRUNC, 0600);
|
|
Jakub Filak |
d596add |
+ unlink(path);
|
|
Jakub Filak |
d596add |
+ int abrt_core_fd = xopen3(path, O_WRONLY | O_CREAT | O_EXCL, 0600);
|
|
Jakub Filak |
d596add |
off_t core_size = copyfd_eof(STDIN_FILENO, abrt_core_fd, COPYFD_SPARSE);
|
|
Jakub Filak |
d596add |
if (core_size < 0 || fsync(abrt_core_fd) != 0)
|
|
Jakub Filak |
d596add |
{
|
|
Jakub Filak |
d596add |
--
|
|
Jakub Filak |
d596add |
2.6.3
|
|
Jakub Filak |
d596add |
|