1 |
ulm 07/10/06 17:37:14 |
2 |
|
3 |
Added: emacs-cvs-make-tramp-temp-file.patch |
4 |
digest-emacs-cvs-22.1.50_p20070829-r1 |
5 |
Removed: digest-emacs-cvs-22.1.50_p20070829 |
6 |
Log: |
7 |
Fix tramp-make-tramp-temp-file vulnerability, bug #194713. |
8 |
(Portage version: 2.1.3.12) |
9 |
|
10 |
Revision Changes Path |
11 |
1.1 app-editors/emacs-cvs/files/emacs-cvs-make-tramp-temp-file.patch |
12 |
|
13 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-editors/emacs-cvs/files/emacs-cvs-make-tramp-temp-file.patch?rev=1.1&view=markup |
14 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-editors/emacs-cvs/files/emacs-cvs-make-tramp-temp-file.patch?rev=1.1&content-type=text/plain |
15 |
|
16 |
Index: emacs-cvs-make-tramp-temp-file.patch |
17 |
=================================================================== |
18 |
--- emacs-orig/lisp/net/tramp-fish.el 2007-07-29 17:32:55.000000000 +0200 |
19 |
+++ emacs/lisp/net/tramp-fish.el 2007-10-06 17:39:38.000000000 +0200 |
20 |
@@ -752,8 +752,8 @@ |
21 |
(error "Implementation does not handle immediate return")) |
22 |
|
23 |
(with-parsed-tramp-file-name default-directory nil |
24 |
- (let ((temp-name-prefix (tramp-make-tramp-temp-file v)) |
25 |
- command input output stderr outbuf tmpfil ret) |
26 |
+ (let (command input tmpinput output tmpoutput stderr tmpstderr |
27 |
+ outbuf tmpfil ret) |
28 |
;; Compute command. |
29 |
(setq command (mapconcat 'tramp-shell-quote-argument |
30 |
(cons program args) " ")) |
31 |
@@ -765,15 +765,14 @@ |
32 |
;; INFILE is on the same remote host. |
33 |
(setq input (with-parsed-tramp-file-name infile nil localname)) |
34 |
;; INFILE must be copied to remote host. |
35 |
- (setq input (concat temp-name-prefix ".in")) |
36 |
- (copy-file |
37 |
- infile |
38 |
- (tramp-make-tramp-file-name method user host input) |
39 |
- t))) |
40 |
+ (setq input (tramp-make-tramp-temp-file v) |
41 |
+ tmpinput (tramp-make-tramp-file-name method user host input)) |
42 |
+ (copy-file infile tmpinput t))) |
43 |
(when input (setq command (format "%s <%s" command input))) |
44 |
|
45 |
;; Determine output. |
46 |
- (setq output (concat temp-name-prefix ".out")) |
47 |
+ (setq output (tramp-make-tramp-temp-file v) |
48 |
+ tmpoutput (tramp-make-tramp-file-name method user host output)) |
49 |
(cond |
50 |
;; Just a buffer |
51 |
((bufferp destination) |
52 |
@@ -799,7 +798,9 @@ |
53 |
(cadr destination) nil localname)) |
54 |
;; stderr must be copied to remote host. The temporary |
55 |
;; file must be deleted after execution. |
56 |
- (setq stderr (concat temp-name-prefix ".err")))) |
57 |
+ (setq stderr (tramp-make-tramp-temp-file v) |
58 |
+ tmpstderr (tramp-make-tramp-file-name |
59 |
+ method user host stderr)))) |
60 |
;; stderr to be discarded |
61 |
((null (cadr destination)) |
62 |
(setq stderr "/dev/null")))) |
63 |
@@ -808,9 +809,6 @@ |
64 |
(setq outbuf (current-buffer)))) |
65 |
(when stderr (setq command (format "%s 2>%s" command stderr))) |
66 |
|
67 |
- ;; If we have a temporary file, it must be removed after operation. |
68 |
- (when (and input (string-match temp-name-prefix input)) |
69 |
- (setq command (format "%s; rm %s" command input))) |
70 |
;; Goto working directory. |
71 |
(unless |
72 |
(tramp-fish-send-command-and-check |
73 |
@@ -838,16 +836,15 @@ |
74 |
;; We should show the output anyway. |
75 |
(when outbuf |
76 |
(with-current-buffer outbuf (insert-file-contents tmpfil)) |
77 |
- (when display (display-buffer outbuf))) |
78 |
- ;; Remove output file. |
79 |
- (delete-file (tramp-make-tramp-file-name method user host output))) |
80 |
+ (when display (display-buffer outbuf)))) |
81 |
;; When the user did interrupt, we should do it also. |
82 |
(error (setq ret 1))) |
83 |
- (unless ret |
84 |
- ;; Provide error file. |
85 |
- (when (and stderr (string-match temp-name-prefix stderr)) |
86 |
- (rename-file (tramp-make-tramp-file-name method user host stderr) |
87 |
- (cadr destination) t))) |
88 |
+ |
89 |
+ ;; Provide error file. |
90 |
+ (when tmpstderr (rename-file tmpstderr (cadr destination) t)) |
91 |
+ ;; Cleanup. |
92 |
+ (when tmpinput (delete-file tmpinput)) |
93 |
+ (when tmpoutput (delete-file tmpoutput)) |
94 |
;; Return exit status. |
95 |
ret))) |
96 |
|
97 |
--- emacs-orig/lisp/net/tramp.el 2007-08-28 22:09:58.000000000 +0200 |
98 |
+++ emacs/lisp/net/tramp.el 2007-10-06 17:39:38.000000000 +0200 |
99 |
@@ -3175,7 +3175,7 @@ |
100 |
|
101 |
;; Compose copy command. |
102 |
(setq spec `((?h . ,host) (?u . ,user) (?p . ,port) |
103 |
- (?t . ,(tramp-make-tramp-temp-file v)) |
104 |
+ (?t . ,(tramp-make-tramp-temp-file v 'dont-create)) |
105 |
(?k . ,(if keep-date " " ""))) |
106 |
copy-program (tramp-get-method-parameter |
107 |
method 'tramp-copy-program) |
108 |
@@ -3584,13 +3584,42 @@ |
109 |
(tramp-temporary-file-directory))) |
110 |
(file-name-extension filename t))) |
111 |
|
112 |
-(defsubst tramp-make-tramp-temp-file (vec) |
113 |
- (format |
114 |
- "/tmp/%s%s" |
115 |
- tramp-temp-name-prefix |
116 |
- (if (get-buffer-process (tramp-get-connection-buffer vec)) |
117 |
- (process-id (get-buffer-process (tramp-get-connection-buffer vec))) |
118 |
- (emacs-pid)))) |
119 |
+(defsubst tramp-make-tramp-temp-file (vec &optional dont-create) |
120 |
+ "Create a temporary file on the remote host identified by VEC. |
121 |
+Return the local name of the temporary file. |
122 |
+If DONT-CREATE is non-nil, just the file name is returned without |
123 |
+creation of the temporary file. This is not the preferred way to run, |
124 |
+but it is necessary during connection setup, because we cannot create |
125 |
+a remote file at this time. This parameter shall NOT be set to |
126 |
+non-nil else." |
127 |
+ (if dont-create |
128 |
+ ;; It sounds a little bit stupid to create a LOCAL file name. |
129 |
+ ;; But we intend to use the remote directory "/tmp", and we have |
130 |
+ ;; no chance to check whether a temporary file exists already |
131 |
+ ;; remotely, because we have no working connection yet. |
132 |
+ (make-temp-name (expand-file-name tramp-temp-name-prefix "/tmp")) |
133 |
+ |
134 |
+ (let ((prefix |
135 |
+ (tramp-make-tramp-file-name |
136 |
+ (tramp-file-name-method vec) |
137 |
+ (tramp-file-name-user vec) |
138 |
+ (tramp-file-name-host vec) |
139 |
+ (expand-file-name tramp-temp-name-prefix "/tmp"))) |
140 |
+ result) |
141 |
+ (while (not result) |
142 |
+ ;; `make-temp-file' would be the first choice for |
143 |
+ ;; implementation. But it calls `write-region' internally, |
144 |
+ ;; which also needs a temporary file - we would end in an |
145 |
+ ;; infinite loop. |
146 |
+ (setq result (make-temp-name prefix)) |
147 |
+ (if (file-exists-p result) |
148 |
+ (setq result nil) |
149 |
+ ;; This creates the file by side effect. |
150 |
+ (set-file-times result) |
151 |
+ (set-file-modes result (tramp-octal-to-decimal "0700")))) |
152 |
+ |
153 |
+ ;; Return the local part. |
154 |
+ (with-parsed-tramp-file-name result nil localname)))) |
155 |
|
156 |
(defun tramp-handle-executable-find (command) |
157 |
"Like `executable-find' for Tramp files." |
158 |
@@ -3642,8 +3671,7 @@ |
159 |
(error "Implementation does not handle immediate return")) |
160 |
|
161 |
(with-parsed-tramp-file-name default-directory nil |
162 |
- (let ((temp-name-prefix (tramp-make-tramp-temp-file v)) |
163 |
- command input stderr outbuf ret) |
164 |
+ (let (command input tmpinput stderr tmpstderr outbuf ret) |
165 |
;; Compute command. |
166 |
(setq command (mapconcat 'tramp-shell-quote-argument |
167 |
(cons program args) " ")) |
168 |
@@ -3655,11 +3683,9 @@ |
169 |
;; INFILE is on the same remote host. |
170 |
(setq input (with-parsed-tramp-file-name infile nil localname)) |
171 |
;; INFILE must be copied to remote host. |
172 |
- (setq input (concat temp-name-prefix ".in")) |
173 |
- (copy-file |
174 |
- infile |
175 |
- (tramp-make-tramp-file-name method user host input) |
176 |
- t))) |
177 |
+ (setq input (tramp-make-tramp-temp-file v) |
178 |
+ tmpinput (tramp-make-tramp-file-name method user host input)) |
179 |
+ (copy-file infile tmpinput t))) |
180 |
(when input (setq command (format "%s <%s" command input))) |
181 |
|
182 |
;; Determine output. |
183 |
@@ -3688,7 +3714,9 @@ |
184 |
(cadr destination) nil localname)) |
185 |
;; stderr must be copied to remote host. The temporary |
186 |
;; file must be deleted after execution. |
187 |
- (setq stderr (concat temp-name-prefix ".err")))) |
188 |
+ (setq stderr (tramp-make-tramp-temp-file v) |
189 |
+ tmpstderr (tramp-make-tramp-file-name |
190 |
+ method user host stderr)))) |
191 |
;; stderr to be discarded |
192 |
((null (cadr destination)) |
193 |
(setq stderr "/dev/null")))) |
194 |
@@ -3697,9 +3725,6 @@ |
195 |
(setq outbuf (current-buffer)))) |
196 |
(when stderr (setq command (format "%s 2>%s" command stderr))) |
197 |
|
198 |
- ;; If we have a temporary file, it must be removed after operation. |
199 |
- (when (and input (string-match temp-name-prefix input)) |
200 |
- (setq command (format "%s; rm %s" command input))) |
201 |
;; Goto working directory. |
202 |
(tramp-send-command |
203 |
v (format "cd %s" (tramp-shell-quote-argument localname))) |
204 |
@@ -3719,13 +3744,13 @@ |
205 |
(error |
206 |
(kill-buffer (tramp-get-connection-buffer v)) |
207 |
(setq ret 1))) |
208 |
- (unless ret |
209 |
- ;; Check return code. |
210 |
- (setq ret (tramp-send-command-and-check v nil)) |
211 |
- ;; Provide error file. |
212 |
- (when (and stderr (string-match temp-name-prefix stderr)) |
213 |
- (rename-file (tramp-make-tramp-file-name method user host stderr) |
214 |
- (cadr destination) t))) |
215 |
+ |
216 |
+ ;; Check return code. |
217 |
+ (unless ret (setq ret (tramp-send-command-and-check v nil))) |
218 |
+ ;; Provide error file. |
219 |
+ (when tmpstderr (rename-file tmpstderr (cadr destination) t)) |
220 |
+ ;; Cleanup. |
221 |
+ (when tmpinput (delete-file tmpinput)) |
222 |
;; Return exit status. |
223 |
ret))) |
224 |
|
225 |
@@ -6113,7 +6138,7 @@ |
226 |
l-user (or l-user "") |
227 |
l-port (or l-port "") |
228 |
spec `((?h . ,l-host) (?u . ,l-user) (?p . ,l-port) |
229 |
- (?t . ,(tramp-make-tramp-temp-file vec))) |
230 |
+ (?t . ,(tramp-make-tramp-temp-file vec 'dont-create))) |
231 |
command |
232 |
(concat |
233 |
command " " |
234 |
|
235 |
|
236 |
|
237 |
1.1 app-editors/emacs-cvs/files/digest-emacs-cvs-22.1.50_p20070829-r1 |
238 |
|
239 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-editors/emacs-cvs/files/digest-emacs-cvs-22.1.50_p20070829-r1?rev=1.1&view=markup |
240 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-editors/emacs-cvs/files/digest-emacs-cvs-22.1.50_p20070829-r1?rev=1.1&content-type=text/plain |
241 |
|
242 |
Index: digest-emacs-cvs-22.1.50_p20070829-r1 |
243 |
=================================================================== |
244 |
MD5 43f9c1306726f4b69d5ab8e3edca6c44 emacs-cvs-22.1.50_p20070829.tar.bz2 20915594 |
245 |
RMD160 47f3c1c543de65c49deadbcdf4e83236aaa68f1b emacs-cvs-22.1.50_p20070829.tar.bz2 20915594 |
246 |
SHA256 c27196e9359d5ad4f30e3552c7897c995798324a323a4b47060b98426a71891f emacs-cvs-22.1.50_p20070829.tar.bz2 20915594 |
247 |
|
248 |
|
249 |
|
250 |
-- |
251 |
gentoo-commits@g.o mailing list |