Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 137399 Details for
Bug 200856
kde-base/kdm and kde-base/kdebase: Local Denial of Service (CVE-2007-5963)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
post-3.5.8-kdebase-kdm.diff
post-3.5.8-kdebase-kdm.diff (text/plain), 921 bytes, created by
Robert Buchholz (RETIRED)
on 2007-11-30 18:15:58 UTC
(
hide
)
Description:
post-3.5.8-kdebase-kdm.diff
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2007-11-30 18:15:58 UTC
Size:
921 bytes
patch
obsolete
>--- kdm/backend/inifile.c >+++ kdm/backend/inifile.c >@@ -37,6 +37,7 @@ > #include "dm_error.h" > > #include <sys/types.h> >+#include <sys/stat.h> > #include <unistd.h> > #include <stdlib.h> > #include <string.h> >@@ -47,17 +48,27 @@ > { > char *data; > int fd, len; >+ struct stat st; > > if ((fd = open( fname, O_RDONLY | O_NONBLOCK )) < 0) { > Debug( "cannot open ini-file %\"s: %m", fname ); > return 0; > } >- len = lseek( fd, 0, SEEK_END ); >+ if (fstat( fd, &st ) || !S_ISREG( st.st_mode )) { >+ LogWarn( "Ini-file %\"s is no regular file\n", fname ); >+ close( fd ); >+ return 0; >+ } >+ if (st.st_size >= 0x10000) { >+ LogWarn( "Ini-file %\"s is too big\n", fname ); >+ close( fd ); >+ return 0; >+ } >+ len = st.st_size; > if (!(data = Malloc( len + 2 ))) { > close( fd ); > return 0; > } >- lseek( fd, 0, SEEK_SET ); > if (read( fd, data, len ) != len) { > Debug( "cannot read ini-file %\"s: %m", fname ); > free( data );
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=137399">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 200856
: 137399 |
137716
