Hi, the problem is that HAVE_FCHOWN & others are missing from config.h.in. I've attached an update for 0002-CVE-2009-1299 which fixes this problem.
best, Torsten -- .: Torsten Marek .: http://shlomme.diotavelli.net .: tors...@diotavelli.net -- GnuPG: 1024D/A244C858
# From d3efa43d85ac132c6a5a416a2b6f2115f5d577ee Mon Sep 17 00:00:00 2001
# From: Kees Cook <k...@ubuntu.com>
# Date: Tue, 2 Mar 2010 21:33:34 -0800
# Subject: [PATCH] core-util: ensure that we chmod only the dir we ourselves created
diff --git a/configure.ac b/configure.ac
index 1b80788..abcce13 100644
--- a/configure.ac
+++ b/configure.ac
@@ -424,7 +424,7 @@ AC_CHECK_FUNCS_ONCE([lrintf strtof])
AC_FUNC_FORK
AC_FUNC_GETGROUPS
AC_FUNC_SELECT_ARGTYPES
-AC_CHECK_FUNCS_ONCE([chmod chown clock_gettime getaddrinfo getgrgid_r getgrnam_r \
+AC_CHECK_FUNCS_ONCE([chmod chown fstat fchown fchmod clock_gettime getaddrinfo getgrgid_r getgrnam_r \
getpwnam_r getpwuid_r gettimeofday getuid inet_ntop inet_pton mlock nanosleep \
pipe posix_fadvise posix_madvise posix_memalign setpgid setsid shm_open \
sigaction sleep sysconf pthread_setaffinity_np])
diff --git a/src/pulsecore/core-util.c b/src/pulsecore/core-util.c
index d6017b9..a642553 100644
--- a/src/pulsecore/core-util.c
+++ b/src/pulsecore/core-util.c
@@ -199,7 +199,7 @@ void pa_make_fd_cloexec(int fd) {
/** Creates a directory securely */
int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) {
struct stat st;
- int r, saved_errno;
+ int r, saved_errno, fd;
pa_assert(dir);
@@ -217,16 +217,45 @@ int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) {
if (r < 0 && errno != EEXIST)
return -1;
-#ifdef HAVE_CHOWN
+#ifdef HAVE_FSTAT
+ if ((fd = open(dir,
+#ifdef O_CLOEXEC
+ O_CLOEXEC|
+#endif
+#ifdef O_NOCTTY
+ O_NOCTTY|
+#endif
+#ifdef O_NOFOLLOW
+ O_NOFOLLOW|
+#endif
+ O_RDONLY)) < 0)
+ goto fail;
+
+ if (fstat(fd, &st) < 0) {
+ pa_assert_se(pa_close(fd) >= 0);
+ goto fail;
+ }
+
+ if (!S_ISDIR(st.st_mode)) {
+ pa_assert_se(pa_close(fd) >= 0);
+ errno = EEXIST;
+ goto fail;
+ }
+
+#ifdef HAVE_FCHOWN
if (uid == (uid_t)-1)
uid = getuid();
if (gid == (gid_t)-1)
gid = getgid();
- (void) chown(dir, uid, gid);
+ (void) fchown(fd, uid, gid);
+#endif
+
+#ifdef HAVE_FCHMOD
+ (void) fchmod(fd, m);
#endif
-#ifdef HAVE_CHMOD
- chmod(dir, m);
+ pa_assert_se(pa_close(fd) >= 0);
+
#endif
#ifdef HAVE_LSTAT
--- a/config.h.in 2010-04-05 12:28:24.878676900 +0200
+++ b/config.h.in 2010-04-05 12:28:51.000000000 +0200
@@ -92,9 +92,18 @@
/* Define to 1 if you have the <execinfo.h> header file. */
#undef HAVE_EXECINFO_H
+/* Define to 1 if you have the `fchmod' function. */
+#undef HAVE_FCHMOD
+
+/* Define to 1 if you have the `fchown' function. */
+#undef HAVE_FCHOWN
+
/* Define to 1 if you have the `fork' function. */
#undef HAVE_FORK
+/* Define to 1 if you have the `fstat' function. */
+#undef HAVE_FSTAT
+
/* Have gdbm? */
#undef HAVE_GDBM
signature.asc
Description: This is a digitally signed message part
