Bugzilla – Attachment 21703 Details for
Bug 57486
VUL-0: CVE-2004-0689: KDE: problems with filename
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
IDP Log In
|
Forgot Password
[patch]
patch
kstandarddirs_tmplinks.patch (text/plain), 1.38 KB, created by
Waldo Bastian
on 2004-06-26 22:48:03 UTC
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Waldo Bastian
Created:
2004-06-26 22:48:03 UTC
Size:
1.38 KB
patch
obsolete
>Index: kstandarddirs.cpp >=================================================================== >RCS file: /home/kde/kdelibs/kdecore/kstandarddirs.cpp,v >retrieving revision 1.180 >retrieving revision 1.181 >diff -b -p -u -r1.180 -r1.181 >--- kstandarddirs.cpp 8 Jun 2004 09:28:30 -0000 1.180 >+++ kstandarddirs.cpp 26 Jun 2004 12:22:39 -0000 1.181 >@@ -650,7 +650,28 @@ void KStandardDirs::createSpecialResourc > char link[1024]; > link[1023] = 0; > int result = readlink(QFile::encodeName(dir).data(), link, 1023); >- if ((result == -1) && (errno == ENOENT)) >+ bool relink = (result == -1) && (errno == ENOENT); >+ if ((result > 0) && (link[0] == '/')) >+ { >+ link[result] = 0; >+ struct stat stat_buf; >+ int res = lstat(link, &stat_buf); >+ if ((res == -1) && (errno == ENOENT)) >+ { >+ relink = true; >+ } >+ else if ((res == -1) || (!S_ISDIR(stat_buf.st_mode))) >+ { >+ fprintf(stderr, "Error: \"%s\" is not a directory.\n", link); >+ relink = true; >+ } >+ else if (stat_buf.st_uid != getuid()) >+ { >+ fprintf(stderr, "Error: \"%s\" is owned by uid %d instead of uid %d.\n", link, stat_buf.st_uid, getuid()); >+ relink = true; >+ } >+ } >+ if (relink) > { > QString srv = findExe(QString::fromLatin1("lnusertemp"), KDEDIR+QString::fromLatin1("/bin")); > if (srv.isEmpty())
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=21703">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 57486
: 21703 |
22205
|
22206
|
22209
|
22219
|
22317
|
22360
|
22361
|
22362
|
22363
|
22566
|
22567
|
22575
|
22576