Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 123751 Details for
Bug 184071
media-video/nvclock: insecure temporary file usage (CVE-2007-3531)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
use $HOME/.nvclock instead of /tmp/nvclock
nvclock-insecure-tmp.diff (text/plain), 1.07 KB, created by
Tavis Ormandy (RETIRED)
on 2007-07-03 10:05:24 UTC
(
hide
)
Description:
use $HOME/.nvclock instead of /tmp/nvclock
Filename:
MIME Type:
Creator:
Tavis Ormandy (RETIRED)
Created:
2007-07-03 10:05:24 UTC
Size:
1.07 KB
patch
obsolete
>--- nvclock0.7.orig/src/backend/backend.c 2003-07-29 16:20:01.000000000 +0100 >+++ nvclock0.7/src/backend/backend.c 2007-07-03 11:01:06.000000000 +0100 >@@ -282,12 +282,18 @@ void set_card(int number) > void set_default_speeds(int num) > { > int i, eof; >- char buffer[100]; >+ char buffer[100], fname[1024], *home; > volatile unsigned int *PEXTDEV; > volatile unsigned int *PRAMDAC; > FILE *fp; > >- if((fp = fopen("/tmp/nvclock", "r")) != NULL) >+ if ((home = getenv("HOME")) == NULL) >+ return; >+ >+ if (snprintf(fname, sizeof(fname), "%s/.nvclock", home) == -1) >+ return; >+ >+ if((fp = fopen(fname, "r")) != NULL) > { > /* Read the file .. */ > for(eof = fscanf(fp, "%s",&buffer); eof != EOF; eof = fscanf(fp, "%s", &buffer)) >@@ -312,7 +318,7 @@ void set_default_speeds(int num) > else > { > /* Write the config file */ >- fp = fopen("/tmp/nvclock", "w+"); >+ fp = fopen(fname, "w+"); > fprintf(fp, "#This file is used by nvclock to be able to restore the card's speeds\n#Do not edit this file!\n"); > > for(i = 0; i <= num; i++)
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 184071
: 123751