SECURITY:

fix an insecure temporary file creation in fixproc; bump PKGNAME http://www.vuxml.org/openbsd/75ecb34c-cc7d-11d9-8e94-00065bd5b0b6.html ok naddy@
2005-05-26 03:34:21 +00:00 · 2005-05-26 03:34:21 +00:00 · 5dac6a8388
commit 5dac6a8388
parent 95a07ae0d6
2 changed files with 74 additions and 2 deletions
--- a/net/net-snmp/Makefile
+++ b/net/net-snmp/Makefile
@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.8 2005/04/09 23:31:28 espie Exp $
+# $OpenBSD: Makefile,v 1.9 2005/05/26 03:34:21 robert Exp $

 SHARED_ONLY=	Yes

@ -6,7 +6,7 @@ COMMENT=	"extendable SNMP implementation"
 COMMENT-perl=	"SNMP modules for Perl"

 DISTNAME=	net-snmp-5.1.2
-PKGNAME=	${DISTNAME}p0
+PKGNAME=	${DISTNAME}p1
 FULLPKGNAME-perl= p5-SNMP-5.1.2p0
 CATEGORIES=	net
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=net-snmp/}
--- a/net/net-snmp/patches/patch-local_fixproc
+++ b/net/net-snmp/patches/patch-local_fixproc
@ -0,0 +1,72 @@
+$OpenBSD: patch-local_fixproc,v 1.1 2005/05/26 03:34:21 robert Exp $
+--- local/fixproc.orig	Wed May 25 19:21:01 2005
+++ local/fixproc	Wed May 25 19:24:51 2005
+@@ -129,6 +129,8 @@
+ #
+ # Timothy Kong		3/1995
+ 
+use File::Temp qw(tempfile);
+
+ $database_file = '/local/etc/fixproc.conf';
+ 
+ $debug = 0;			# specify debug level using -dN
+@@ -191,20 +193,19 @@
+ sub create_sh_script
+ {
+   local ($file) = pop (@_);
+  local ($fh) = pop (@_);
+   local ($i) = pop (@_);
+ 
+   printf (stderr "create_sh_script\n") if ($debug > 0);
+ 
+   $! = $fixproc_error;
+-  open (file, ">"."$file") || die "$0: cannot open $file\n";
+   while ( $shell_lines[$i] ne $shell_end_marker )
+     {
+-      printf (file "%s", $shell_lines[$i]);
+      printf ($fh "%s", $shell_lines[$i]);
+       $i++;
+     }
+-  close (file);
+-  system "chmod +x $file";
+-  return file;
+  close ($fh);
+  chmod 0755, $file;
+ }
+ 
+ 
+@@ -230,14 +231,13 @@
+   else
+     {
+       # it must be "shell", so execute the shell script defined in database
+      local ($tmpfh, $tmpfile) = tempfile("fix_XXXXXXXX", DIR => "/tmp");
+ 
+-      local ($tmpfile) = "/tmp/fix_$$";
+      &create_sh_script ($fix{$proc}, $tmpfh, $tmpfile);
+ 
+-      &create_sh_script ($fix{$proc}, $tmpfile);
+-
+       	# return code is number divided by 256
+       $error_code = (system "$tmpfile") / 256;
+-      system "rm $tmpfile";
+      unlink($tmpfile);
+       return ($fix_failed_error) if ($error_code != 0);
+         # sleep needed here?
+       return &do_exist ($proc);
+@@ -262,13 +262,13 @@
+       # if not "exist", then it must be "shell", so execute the shell script
+       # defined in database
+ 
+-      local ($tmpfile) = "/tmp/check_$$";
+      local ($tmpfh, $tmpfile) = tempfile("check_XXXXXXXX", DIR => "/tmp");
+ 
+-      &create_sh_script ($check{$proc}, $tmpfile);
+      &create_sh_script ($fix{$proc}, $tmpfh, $tmpfile);
+ 
+       	# return code is number divided by 256
+       $error_code = (system "$tmpfile") / 256;
+-      system "rm $tmpfile";
+      unlink($tmpfile);
+       return ($check_failed_error) if ($error_code != 0);
+ 
+       # check passed, continue