redis/CVE-2013-7458.patch

48 lines
1.4 KiB
Diff

From 71536684a788dc859e42132a2c5a2b7373414375 Mon Sep 17 00:00:00 2001
From: antirez <antirez@gmail.com>
Date: Fri, 29 Jul 2016 11:28:16 +0200
Subject: [PATCH] Update linenoise to fix insecure redis-cli history file
creation.
The problem was fixed in antirez/linenoise repository applying a patch
contributed by @lamby. Here the new version is updated in the Redis
source tree.
Close #1418
Close #3322
---
deps/linenoise/linenoise.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/deps/linenoise/linenoise.c b/deps/linenoise/linenoise.c
index a807d9b..fce14a7 100644
--- a/deps/linenoise/linenoise.c
+++ b/deps/linenoise/linenoise.c
@@ -111,6 +111,7 @@
#include <string.h>
#include <stdlib.h>
#include <ctype.h>
+#include <sys/stat.h>
#include <sys/types.h>
#include <sys/ioctl.h>
#include <unistd.h>
@@ -1160,10 +1161,14 @@ int linenoiseHistorySetMaxLen(int len) {
/* Save the history in the specified file. On success 0 is returned
* otherwise -1 is returned. */
int linenoiseHistorySave(const char *filename) {
- FILE *fp = fopen(filename,"w");
+ mode_t old_umask = umask(S_IXUSR|S_IRWXG|S_IRWXO);
+ FILE *fp;
int j;
+ fp = fopen(filename,"w");
+ umask(old_umask);
if (fp == NULL) return -1;
+ chmod(filename,S_IRUSR|S_IWUSR);
for (j = 0; j < history_len; j++)
fprintf(fp,"%s\n",history[j]);
fclose(fp);
--
2.6.6