File 0002-Fix-CVE-2014-0012.patch of Package python-Jinja2
From 6189a7b66c538dce39bf0015f4c612f4aef301b2 Mon Sep 17 00:00:00 2001
From: Tomas Hoger <thoger@redhat.com>
Date: Sun, 9 Feb 2014 09:40:59 +0100
Subject: [PATCH 2/2] Fix CVE-2014-0012
Add checks for the per-user temporary directory. If it already exists, make
sure that it:
- is owned by the current user
- is directory
- has expected permissions
This commit also fixes:
- nt -> n typo pointed out in the review of acb672b
- replace 448 with stat.S_IRWXU when setting directory mode
Signed-off-by: Armin Ronacher <armin.ronacher@active-4.com>
Cherry-picked-from: 964c61ce
Conflicts:
jinja2/bccache.py
---
jinja2/bccache.py | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/jinja2/bccache.py b/jinja2/bccache.py
index 28e3542..0b58db8 100644
--- a/jinja2/bccache.py
+++ b/jinja2/bccache.py
@@ -16,6 +16,7 @@
"""
from os import path, listdir
import os
+import stat
import sys
import errno
import marshal
@@ -220,7 +221,7 @@ class FileSystemBytecodeCache(BytecodeCache):
# On windows the temporary directory is used specific unless
# explicitly forced otherwise. We can just use that.
- if os.name == 'n':
+ if os.name == 'nt':
return tmpdir
if not hasattr(os, 'getuid'):
raise RuntimeError('Cannot determine safe temp directory. You '
@@ -229,11 +230,18 @@ class FileSystemBytecodeCache(BytecodeCache):
dirname = '_jinja2-cache-%d' % os.getuid()
actual_dir = os.path.join(tmpdir, dirname)
try:
- os.mkdir(actual_dir, 0700)
+ os.mkdir(actual_dir, stat.S_IRWXU) # 0o700
except OSError as e:
if e.errno != errno.EEXIST:
raise
+ actual_dir_stat = os.lstat(actual_dir)
+ if actual_dir_stat.st_uid != os.getuid() \
+ or not stat.S_ISDIR(actual_dir_stat.st_mode) \
+ or stat.S_IMODE(actual_dir_stat.st_mode) != stat.S_IRWXU:
+ raise RuntimeError('Temporary directory \'%s\' has an incorrect '
+ 'owner, permissions, or type.' % actual_dir)
+
return actual_dir
def _get_cache_filename(self, bucket):
--
1.8.1.4
