File v4l-conf-fix-CVE-2020-13696.patch of Package xawtv

Overview Repositories Revisions Requests Users Attributes Meta

File v4l-conf-fix-CVE-2020-13696.patch of Package xawtv

From 31f31f9cbaee7be806cba38e0ff5431bd44b20a3 Mon Sep 17 00:00:00 2001
From: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Date: Sat, 16 May 2020 01:22:07 +0200
Subject: [PATCH 1/3] v4l-conf: check file type before opening it

Let's avoid open the file if it doesn't exist or it is not
a file of the right type.

Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
---
 console/v4l-conf.c | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/console/v4l-conf.c b/console/v4l-conf.c
index c38bf16..c96886b 100644
--- a/console/v4l-conf.c
+++ b/console/v4l-conf.c
@@ -141,20 +141,23 @@ dev_open(const char *device, int major)
 	exit(1);
     }
 
-    /* open & check v4l device */
-    if (-1 == (fd = open(device,O_RDWR))) {
-	fprintf(stderr, "can't open %s: %s\n", device, strerror(errno));
+    /* First check if the device is really a devnode of the right type */
+    if (-1 == stat(device, &stb)) {
+	fprintf(stderr, "stat(%s): %s\n", device, strerror(errno));
 	exit(1);
     }
 
-    if (-1 == fstat(fd,&stb)) {
-	fprintf(stderr, "fstat(%s): %s\n", device, strerror(errno));
-	exit(1);
-    }
     if (!S_ISCHR(stb.st_mode) || (major(stb.st_rdev) != major)) {
 	fprintf(stderr, "%s: wrong device\n", device);
 	exit(1);
     }
+
+    /* Then open it */
+    if (-1 == (fd = open(device,O_RDWR))) {
+	fprintf(stderr, "can't open %s: %s\n", device, strerror(errno));
+	exit(1);
+    }
+
     return fd;
 }
 
-- 
2.26.2

From 36dc44e68e5886339b4a0fbe3f404fb1a4fd2292 Mon Sep 17 00:00:00 2001
From: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Date: Thu, 28 May 2020 11:58:34 +0200
Subject: [PATCH 3/3] v4l-conf: simplify stat message

No need to print an error code here.

Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
---
 console/v4l-conf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/console/v4l-conf.c b/console/v4l-conf.c
index c96886b..0e8d3e3 100644
--- a/console/v4l-conf.c
+++ b/console/v4l-conf.c
@@ -143,7 +143,7 @@ dev_open(const char *device, int major)
 
     /* First check if the device is really a devnode of the right type */
     if (-1 == stat(device, &stb)) {
-	fprintf(stderr, "stat(%s): %s\n", device, strerror(errno));
+	fprintf(stderr, "stat failed on %s\n", device);
 	exit(1);
     }
 
-- 
2.26.2

diff --git a/console/v4l-conf.c b/console/v4l-conf.c
index 0e8d3e3..d6fb960 100644
--- a/console/v4l-conf.c
+++ b/console/v4l-conf.c
@@ -143,12 +143,12 @@ dev_open(const char *device, int major)
 
     /* First check if the device is really a devnode of the right type */
     if (-1 == stat(device, &stb)) {
-	fprintf(stderr, "stat failed on %s\n", device);
+	fprintf(stderr, "invalid path or file is not of the right type %s\n", device);
 	exit(1);
     }
 
     if (!S_ISCHR(stb.st_mode) || (major(stb.st_rdev) != major)) {
-	fprintf(stderr, "%s: wrong device\n", device);
+	fprintf(stderr, "invalid path or file is not of the right type %s\n", device);
 	exit(1);
     }

Places

File v4l-conf-fix-CVE-2020-13696.patch of Package xawtv

Places