Overview

File ncpfs-CVE-2011-1679-CVE-2011-1680.patch of Package ncpfs

Index: ncpfs-2.2.6/sutil/ncpm_common.c
===================================================================
--- ncpfs-2.2.6.orig/sutil/ncpm_common.c
+++ ncpfs-2.2.6/sutil/ncpm_common.c
@@ -1446,6 +1446,7 @@ void add_mnt_entry(char* mount_name, cha
 	struct mntent ment;
 	int fd;
 	FILE* mtab;
+	off_t	goodoffset;
 
 	if (check_name(mount_name) == -1 || check_name(mpnt) == -1)
 		errexit(107, _("Illegal character in mount entry\n"));
@@ -1480,14 +1481,25 @@ void add_mnt_entry(char* mount_name, cha
 
 	if ((mtab = setmntent(MOUNTED, "a+")) == NULL)
 	{
+		unlink(MOUNTED "~");
 		errexit(59, _("Can't open %s\n"), MOUNTED);
 	}
+	fseek (mtab, 0, SEEK_END);
+	goodoffset = ftell(mtab);
 	if (addmntent(mtab, &ment) == 1)
 	{
+		/* restore good state */
+		ftruncate(fileno(mtab), goodoffset);
+		endmntent(mtab);
+		unlink(MOUNTED "~");
 		errexit(60, _("Can't write mount entry\n"));
 	}
 	if (fchmod(fileno(mtab), 0644) == -1)
 	{
+		/* restore good state */
+		ftruncate(fileno(mtab), goodoffset);
+		endmntent(mtab);
+		unlink(MOUNTED "~");
 		errexit(61, _("Can't set perms on %s\n"), MOUNTED);
 	}
 	endmntent(mtab);
Index: ncpfs-2.2.6/sutil/ncpumount.c
===================================================================
--- ncpfs-2.2.6.orig/sutil/ncpumount.c
+++ ncpfs-2.2.6/sutil/ncpumount.c
@@ -210,7 +210,12 @@ static int __clearMtab (const char* moun
 			i++;
 		}
 		if (!found) {
-			addmntent(new_mtab, mnt);
+			if (addmntent(new_mtab, mnt)) {
+				eprintf(_("Can't addmntent to %s: %s\n"), MOUNTED_TMP,
+					strerror(errno));
+				endmntent(mtab);
+				return 1;
+			}
 		}
 	}
openSUSE Build Service is sponsored by
Places