Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 271021 Details for
Bug 364291
<media-gfx/blender-2.57-r1 arbitrary code exec (sort of CVE-2009-3850)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Proposed patch for CVE-2009-3850 against Blender 2.57 (v1)
blender-2.57-CVE-2009-3850-v1.patch (text/plain), 4.78 KB, created by
Sebastian Pipping
on 2011-04-24 16:50:58 UTC
(
hide
)
Description:
Proposed patch for CVE-2009-3850 against Blender 2.57 (v1)
Filename:
MIME Type:
Creator:
Sebastian Pipping
Created:
2011-04-24 16:50:58 UTC
Size:
4.78 KB
patch
obsolete
>From dfb6ecd9a4a129b976b7a8d2002e32146125340f Mon Sep 17 00:00:00 2001 >From: Sebastian Pipping <sebastian@pipping.org> >Date: Sun, 24 Apr 2011 18:26:47 +0200 >Subject: [PATCH] Disable execution of embedded Python code unless run with > --enable-autoexec|-y|-666 (CVE-2009-3850) > >--- > source/blender/blenkernel/intern/blender.c | 3 ++- > source/blender/makesrna/intern/rna_userdef.c | 9 ++++++--- > source/blender/windowmanager/intern/wm_files.c | 3 ++- > source/creator/creator.c | 10 ++++++---- > 4 files changed, 16 insertions(+), 9 deletions(-) > >diff --git a/source/blender/blenkernel/intern/blender.c b/source/blender/blenkernel/intern/blender.c >index 5f08505..9c27ac7 100644 >--- a/source/blender/blenkernel/intern/blender.c >+++ b/source/blender/blenkernel/intern/blender.c >@@ -141,7 +141,8 @@ void initglobals(void) > G.charmin = 0x0000; > G.charmax = 0xffff; > >- G.f |= G_SCRIPT_AUTOEXEC; >+ G.f &= ~G_SCRIPT_AUTOEXEC; >+ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */ > } > > /***/ >diff --git a/source/blender/makesrna/intern/rna_userdef.c b/source/blender/makesrna/intern/rna_userdef.c >index e9a9ddc..a120857 100644 >--- a/source/blender/makesrna/intern/rna_userdef.c >+++ b/source/blender/makesrna/intern/rna_userdef.c >@@ -99,9 +99,12 @@ static void rna_userdef_show_manipulator_update(Main *bmain, Scene *scene, Point > > static void rna_userdef_script_autoexec_update(Main *bmain, Scene *scene, PointerRNA *ptr) > { >- UserDef *userdef = (UserDef*)ptr->data; >- if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC; >- else G.f |= G_SCRIPT_AUTOEXEC; >+ if ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) { >+ /* Blender run with --enable-autoexec */ >+ UserDef *userdef = (UserDef*)ptr->data; >+ if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC; >+ else G.f |= G_SCRIPT_AUTOEXEC; >+ } > } > > static void rna_userdef_mipmap_update(Main *bmain, Scene *scene, PointerRNA *ptr) >diff --git a/source/blender/windowmanager/intern/wm_files.c b/source/blender/windowmanager/intern/wm_files.c >index f4f7af0..c1bacc6 100644 >--- a/source/blender/windowmanager/intern/wm_files.c >+++ b/source/blender/windowmanager/intern/wm_files.c >@@ -270,7 +270,8 @@ static void wm_init_userdef(bContext *C) > > /* set the python auto-execute setting from user prefs */ > /* enabled by default, unless explicitly enabled in the command line which overrides */ >- if((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) { >+ if (! G.background && ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0)) { >+ /* Blender run with --enable-autoexec */ > if ((U.flag & USER_SCRIPT_AUTOEXEC_DISABLE) == 0) G.f |= G_SCRIPT_AUTOEXEC; > else G.f &= ~G_SCRIPT_AUTOEXEC; > } >diff --git a/source/creator/creator.c b/source/creator/creator.c >index c687cc2..1da282f 100644 >--- a/source/creator/creator.c >+++ b/source/creator/creator.c >@@ -278,6 +278,7 @@ static int print_help(int UNUSED(argc), const char **UNUSED(argv), void *data) > > printf("\n"); > >+ BLI_argsPrintArgDoc(ba, "-666"); > BLI_argsPrintArgDoc(ba, "--enable-autoexec"); > BLI_argsPrintArgDoc(ba, "--disable-autoexec"); > >@@ -359,14 +360,14 @@ static int end_arguments(int UNUSED(argc), const char **UNUSED(argv), void *UNUS > static int enable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data)) > { > G.f |= G_SCRIPT_AUTOEXEC; >- G.f |= G_SCRIPT_OVERRIDE_PREF; >+ G.f &= ~G_SCRIPT_OVERRIDE_PREF; /* Enables turning G_SCRIPT_AUTOEXEC off from user prefs */ > return 0; > } > > static int disable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data)) > { > G.f &= ~G_SCRIPT_AUTOEXEC; >- G.f |= G_SCRIPT_OVERRIDE_PREF; >+ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */ > return 0; > } > >@@ -1075,8 +1076,9 @@ static void setupArguments(bContext *C, bArgs *ba, SYS_SystemHandle *syshandle) > > BLI_argsAdd(ba, 1, "-v", "--version", "\n\tPrint Blender version and exit", print_version, NULL); > >- BLI_argsAdd(ba, 1, "-y", "--enable-autoexec", "\n\tEnable automatic python script execution (default)", enable_python, NULL); >- BLI_argsAdd(ba, 1, "-Y", "--disable-autoexec", "\n\tDisable automatic python script execution (pydrivers, pyconstraints, pynodes)", disable_python, NULL); >+ BLI_argsAdd(ba, 1, NULL, "-666", "\n\tEnable automatic python script execution (port from CVE-2009-3850 patch to Blender 2.49b)", enable_python, NULL); >+ BLI_argsAdd(ba, 1, "-y", "--enable-autoexec", "\n\tEnable automatic python script execution", enable_python, NULL); >+ BLI_argsAdd(ba, 1, "-Y", "--disable-autoexec", "\n\tDisable automatic python script execution (pydrivers, pyconstraints, pynodes) (default)", disable_python, NULL); > > BLI_argsAdd(ba, 1, "-b", "--background", "<file>\n\tLoad <file> in background (often used for UI-less rendering)", background_mode, NULL); > >-- >1.7.5.rc1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 364291
:
271021
|
273671
|
273673