Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.1:Update
nsd.15253
CVE-2020-28935.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2020-28935.patch of Package nsd.15253
backported from commit a4caec3137a1bc9eca05d38d66e2bce572ca9bd3 Author: W.C.A. Wijngaards <wouter@nlnetlabs.nl> Date: Mon Nov 23 13:42:51 2020 +0100 - Fix for CVE-2020-28935 : Fix that symlink does not interfere with chown of pidfile. Index: nsd-4.1.27/nsd.c =================================================================== --- nsd-4.1.27.orig/nsd.c +++ nsd-4.1.27/nsd.c @@ -210,24 +210,34 @@ readpid(const char *file) int writepid(struct nsd *nsd) { - FILE * fd; + int fd; char pidbuf[32]; + size_t count = 0; + + if(!nsd->pidfile || !nsd->pidfile[0]) + return 0; snprintf(pidbuf, sizeof(pidbuf), "%lu\n", (unsigned long) nsd->pid); - if ((fd = fopen(nsd->pidfile, "w")) == NULL ) { + if((fd = open(nsd->pidfile, O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW, 0644)) == -1) { log_msg(LOG_ERR, "cannot open pidfile %s: %s", nsd->pidfile, strerror(errno)); return -1; } - if (!write_data(fd, pidbuf, strlen(pidbuf))) { - log_msg(LOG_ERR, "cannot write pidfile %s: %s", - nsd->pidfile, strerror(errno)); - fclose(fd); - return -1; - } - fclose(fd); + while(count < strlen(pidbuf)) { + ssize_t r = write(fd, pidbuf+count, strlen(pidbuf)-count); + if(r == -1) { + if(errno == EAGAIN || errno == EINTR) + continue; + log_msg(LOG_ERR, "cannot write pidfile %s: %s", + nsd->pidfile, strerror(errno)); + close(fd); + return -1; + } + count += r; + } + close(fd); if (chown(nsd->pidfile, nsd->uid, nsd->gid) == -1) { log_msg(LOG_ERR, "cannot chown %u.%u %s: %s",
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor