commit: 24d22f45656fb88c63763ca319a2275b8f642d9e
Author: Zac Medico <zmedico <AT> gentoo <DOT> org>
AuthorDate: Thu Oct 9 02:38:51 2014 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Thu Oct 9 02:38:51 2014 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/elfix.git;a=commit;h=24d22f45
misc/install-xattr: correct potential fork bomb
The which() function compares portage_helper_path, to canpath
and skips it when appropriate:
if (portage_helper_path)
if (!strcmp(portage_helper_path, canpath))
goto skip;
However, portage_helper_path has not been canonicalized with
the realpath function, so strcmp can return false even though
the paths are equivalent. This may occurs when /usr/lib is a
symlink to /usr/lib64.
X-Gentoo-Bug: 523994
X-Gentoo-Bug-URL: https://bugs.gentoo.org/523994
---
misc/install-xattr/install-xattr.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/misc/install-xattr/install-xattr.c
b/misc/install-xattr/install-xattr.c
index 805c0a4..2f349df 100644
--- a/misc/install-xattr/install-xattr.c
+++ b/misc/install-xattr/install-xattr.c
@@ -325,6 +325,7 @@ main(int argc, char* argv[])
*/
char *oldpwd = getenv("OLDPWD");
char *portage_helper_path = getenv("__PORTAGE_HELPER_PATH");
+ char *portage_helper_canpath = NULL;
if (portage_helper_path)
chdir(oldpwd);
@@ -334,8 +335,11 @@ main(int argc, char* argv[])
case 0:
/* find system install avoiding mypath and
portage_helper_path! */
- install = which(mypath, portage_helper_path);
+ if (portage_helper_path)
+ portage_helper_canpath =
realpath(portage_helper_path, NULL);
+ install = which(mypath, portage_helper_canpath);
free(mypath);
+ free(portage_helper_canpath);
argv[0] = install; /* so coreutils'
lib/program.c behaves */
execv(install, argv); /* The kernel will
free(install). */
err(1, "execv() failed");
