Hello community, here is the log from the commit of package ppc64-diag for openSUSE:Factory checked in at 2014-06-24 15:16:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ppc64-diag (Old) and /work/SRC/openSUSE:Factory/.ppc64-diag.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ppc64-diag" Changes: -------- --- /work/SRC/openSUSE:Factory/ppc64-diag/ppc64-diag.changes 2014-06-18 07:52:36.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ppc64-diag.new/ppc64-diag.changes 2014-06-24 15:16:27.000000000 +0200 @@ -1,0 +2,7 @@ +Mon Jun 23 13:47:37 UTC 2014 - [email protected] + +- fix /tmp race (BNC#882667, CVE-2014-4038) + +- added patches: + * ppc64-diag-tmpraces.patch +------------------------------------------------------------------- New: ---- ppc64-diag-tmpraces.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ppc64-diag.spec ++++++ --- /var/tmp/diff_new_pack.5xmkdU/_old 2014-06-24 15:16:28.000000000 +0200 +++ /var/tmp/diff_new_pack.5xmkdU/_new 2014-06-24 15:16:28.000000000 +0200 @@ -57,6 +57,7 @@ #PATCH-FIX-OPENSUSE - ppc64-diag.opal_errd.patch - fix opal_errd initscript to comply with openSUSE standards Patch3: %{name}.opal_errd.patch Patch4: ppc64-diag.add_ncurses_include_path.patch +Patch5: ppc64-diag-tmpraces.patch %description This package contains various diagnostic tools for PowerLinux. @@ -79,6 +80,7 @@ %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 %build make ++++++ ppc64-diag-tmpraces.patch ++++++ Index: ppc64-diag-2.6.6/rtas_errd/diag_support.c =================================================================== --- ppc64-diag-2.6.6.orig/rtas_errd/diag_support.c +++ ppc64-diag-2.6.6/rtas_errd/diag_support.c @@ -230,27 +230,23 @@ get_dt_status(char *dev) char loc_file[80]; char target[80]; char *ptr; - char command[]="/usr/bin/find /proc/device-tree -name status -print > /tmp/get_dt_files"; + char command[]="/usr/bin/find /proc/device-tree -name status -print"; - if (system(command) != 0) { + fp1 = popen(command,"r"); + + if (!fp1) { fprintf(stderr, "get_dt_status find command failed\n"); return NULL; } - /* results of the find command */ - fp1 = fopen("/tmp/get_dt_files", "r"); - if (fp1 == 0) { - fprintf(stderr, "open failed on /tmp/get_dt_files\n"); - return NULL; - } - while (fscanf (fp1, "%s", loc_file) != EOF) { - dbg("read from /tmp/get_dt_files, \"%s\"", loc_file); + dbg("read from find, \"%s\"", loc_file); /* read the status in case this is the one */ fp2 = fopen(loc_file, "r"); if (fp2 == 0) { fprintf(stderr, "open failed on %s\n", loc_file); + pclose(fp1); return NULL; } if (fscanf(fp2, "%s", target_status)) { @@ -259,6 +255,7 @@ get_dt_status(char *dev) } else { fprintf(stderr, "read failed on %s\n", loc_file); + pclose(fp1); return NULL; } @@ -270,6 +267,7 @@ get_dt_status(char *dev) fp2 = fopen(loc_file, "r"); if (fp2 == 0) { fprintf(stderr, "open failed on %s\n", loc_file); + pclose(fp1); return NULL; } @@ -285,11 +283,12 @@ get_dt_status(char *dev) } else { fprintf(stderr, "read failed on %s\n", loc_file); + pclose(fp1); return NULL; } } - fclose(fp1); + pclose(fp1); fprintf(stderr, "error: status NOT FOUND\n"); return NULL; } Index: ppc64-diag-2.6.6/lpd/test/lpd_ela_test.sh =================================================================== --- ppc64-diag-2.6.6.orig/lpd/test/lpd_ela_test.sh +++ ppc64-diag-2.6.6/lpd/test/lpd_ela_test.sh @@ -22,7 +22,7 @@ EXECUTION_LOG="$LOG_DIR/$SCRIPT_NAME.log ERROR_LOG="$LOG_DIR/$SCRIPT_NAME.err" TMP_DIR="/var/tmp/ras" -mkdir -p $TMP_DIR +mkdir $TMP_DIR || exit 1 MESSAGE_FILE="$TMP_DIR/messages" TMP_FILE="$TMP_DIR/$SCRIPT_NAME.tmp" Index: ppc64-diag-2.6.6/scripts/ppc64_diag_mkrsrc =================================================================== --- ppc64-diag-2.6.6.orig/scripts/ppc64_diag_mkrsrc +++ ppc64-diag-2.6.6/scripts/ppc64_diag_mkrsrc @@ -123,7 +123,7 @@ if (-e "/proc/device-tree/ibm,converged- } # Retrieve Extended Error Data (EED) -mkdir "/tmp/diagSEsnap", 0775; +mkdir "/tmp/diagSEsnap", 0775 || die "mkdir failed: $!"; $general_eed_file = "/tmp/diagSEsnap/snapH.tar.gz"; system("/usr/sbin/snap -o $general_eed_file 2>/dev/null 1>&2"); $cstop_eed_file = ""; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
