fix CAN-2004-0884.
Obtained from: security/cyrus-sasl2
This commit is contained in:
parent
fcd00d8763
commit
73812a559b
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=121648
@ -7,7 +7,7 @@
|
||||
|
||||
PORTNAME= cyrus-sasl
|
||||
PORTVERSION= 1.5.28
|
||||
PORTREVISION= 3
|
||||
PORTREVISION= 4
|
||||
CATEGORIES= security ipv6
|
||||
|
||||
MAINTAINER= ports@FreeBSD.org
|
||||
|
19
security/cyrus-sasl/files/patch-lib::common.c
Normal file
19
security/cyrus-sasl/files/patch-lib::common.c
Normal file
@ -0,0 +1,19 @@
|
||||
Index: lib/common.c
|
||||
diff -u lib/common.c.orig lib/common.c
|
||||
--- lib/common.c.orig Mon Nov 15 18:23:04 2004
|
||||
+++ lib/common.c Mon Nov 15 18:24:43 2004
|
||||
@@ -684,7 +684,13 @@
|
||||
|
||||
if (! path_dest)
|
||||
return SASL_BADPARAM;
|
||||
- path = getenv(SASL_PATH_ENV_VAR);
|
||||
+
|
||||
+ path = NULL;
|
||||
+
|
||||
+ /* Honor external variable only in a safe environment */
|
||||
+ if (getuid() == geteuid() && getgid() == getegid())
|
||||
+ path = getenv(SASL_PATH_ENV_VAR);
|
||||
+
|
||||
if (! path)
|
||||
path = PLUGINDIR;
|
||||
return _sasl_strdup(path, path_dest, NULL);
|
Loading…
Reference in New Issue
Block a user