Attachment #28150 for bug #65317

View | Details | Raw Unified | Return to bug 65317
Collapse All | Expand All

Lines 668-676 Link Here

(-)abuse_sdl-0.7.0_9.0/src/cache.cpp (-1 / +15 lines)
668	char *prefix="c:\\";	668	char *prefix="c:\\";
669	#else	669	#else
670	char *prefix="/tmp/"; // for UNIX store lisp cache in tmp dir	670	char *prefix="/tmp/"; // for UNIX store lisp cache in tmp dir
671	int flags=O_CREAT \| O_RDWR;	671	int flags=O_CREAT \| O_EXCL \| O_RDWR;
672	#endif	672	#endif
673		673
		674	// drop privileges prior to creating file.
		675	uid_t euid;
		676	gid_t egid;
		677	euid = geteuid();
		678	egid = getegid();
		679
		680	if(setgid(getgid()) != 0 \|\| setuid(getuid()) != 0) {
		681	printf("Error : can not drop privileges");
		682	return;
		683	}
		684
674	int cfail = 1, num = 0;	685	int cfail = 1, num = 0;
675	do	686	do
676	{	687	{
Lines 697-702 Link Here
697		708
698	} while (cfail && num<15);	709	} while (cfail && num<15);
699		710
		711	setuid(euid);
		712	setgid(egid);
		713
700	if (cfail)	714	if (cfail)
701	{	715	{
702	fprintf(stderr,"Error : Unable to open cache file for compiled code.\n"	716	fprintf(stderr,"Error : Unable to open cache file for compiled code.\n"

Lines 874-880 Link Here

(-)abuse_sdl-0.7.0_9.0/src/dev.cpp (-1 / +2 lines)
874	else if (!strcmp(argv[i],"-f"))	874	else if (!strcmp(argv[i],"-f"))
875	{	875	{
876	i++;	876	i++;
877	strcpy(level_file,argv[i]);	877	strncpy(level_file,argv[i],sizeof(level_file)-1);
		878	level_file[sizeof(level_file)-1] = '\0';
878	} else if (!strcmp(argv[i],"-2"))	879	} else if (!strcmp(argv[i],"-2"))
879	start_doubled=1;	880	start_doubled=1;
880	else if (!strcmp(argv[i],"-demo"))	881	else if (!strcmp(argv[i],"-demo"))

Lines 280-291 Link Here

(-)abuse_sdl-0.7.0_9.0/src/imlib/specs.cpp (+14 lines)
280		280
281	void fast_load_start_recording(char *filename)	281	void fast_load_start_recording(char *filename)
282	{	282	{
		283	// drop privileges prior to creating file.
		284	uid_t euid;
		285	gid_t egid;
		286	euid = geteuid();
		287	egid = getegid();
		288
		289	if(setgid(getgid()) != 0 \|\| setuid(getuid()) != 0) {
		290	dprintf("Specs : can not drop privileges");
		291	return;
		292	}
		293
283	#if (defined(__APPLE__) && !defined(__MACH__))	294	#if (defined(__APPLE__) && !defined(__MACH__))
284	fast_load_fd = ::open(macify_name(filename),O_BINARY\|O_CREAT\|O_RDWR);	295	fast_load_fd = ::open(macify_name(filename),O_BINARY\|O_CREAT\|O_RDWR);
285	#else	296	#else
286	fast_load_fd = ::open(filename,O_CREAT\|O_RDWR,S_IRWXU \| S_IRWXG \| S_IRWXO);	297	fast_load_fd = ::open(filename,O_CREAT\|O_RDWR,S_IRWXU \| S_IRWXG \| S_IRWXO);
287	#endif	298	#endif
288	fast_load_mode = 1;	299	fast_load_mode = 1;
		300
		301	setuid(euid);
		302	setgid(egid);
289	}	303	}
290		304
291	void fast_load_stop_recording()	305	void fast_load_stop_recording()

Lines 83-89 Link Here

(-)abuse_sdl-0.7.0_9.0/src/innet.cpp (-1 / +2 lines)
83	else if( !strcmp( argv[i], "-net" ) && i < argc-1 )	83	else if( !strcmp( argv[i], "-net" ) && i < argc-1 )
84	{	84	{
85	i++;	85	i++;
86	strcpy( main_net_cfg->server_name, argv[i] );	86	strncpy(main_net_cfg->server_name,argv[i],sizeof(main_net_cfg->server_name)-1);
		87	main_net_cfg->server_name[sizeof(main_net_cfg->server_name)-1]='\0';
87	main_net_cfg->state = net_configuration::CLIENT;	88	main_net_cfg->state = net_configuration::CLIENT;
88	}	89	}
89	else if (!strcmp(argv[i],"-ndb"))	90	else if (!strcmp(argv[i],"-ndb"))




  if (fp->open_failure()) 
  { 
    delete fp;
    snprintf(fn,sizeof(fn),"art/%s",filename);  
    fp=open_file(fn,"rb");
    if (fp->open_failure()) 
    { 

      if (!strcmp(argv[i],"-lsf"))
      {
	i++;
	strncpy(lsf,argv[i],sizeof(lsf)-1);
	lsf[sizeof(lsf)-1]='\0';
      }
      if (!strcmp(argv[i],"-a"))
      {
	i++;
	snprintf(lsf,sizeof(lsf),"addon/%s/%s.lsp",argv[i],argv[i]);      
      }
    }
  } else if (!get_remote_lsf(net_server,lsf))

Lines 269-275 Link Here

(-)abuse_sdl-0.7.0_9.0/src/net/engine.cpp (-1 / +3 lines)
269	else if (!strcmp(argv[i],"-game_port"))	269	else if (!strcmp(argv[i],"-game_port"))
270	game_port=atoi(argv[i+1]);	270	game_port=atoi(argv[i+1]);
271	else if (!strcmp(argv[i],"-net"))	271	else if (!strcmp(argv[i],"-net"))
272	{ strcpy(net_server,argv[i+1]); }	272	{ strncpy(net_server,argv[i+1],sizeof(net_server));
		273	net_server[sizeof(net_server)-1]='\0';
		274	}
273		275
274	if (game_port==-1) game_port=DEFAULT_GAME_PORT+1;	276	if (game_port==-1) game_port=DEFAULT_GAME_PORT+1;
275		277

Lines 81-87 Link Here

(-)abuse_sdl-0.7.0_9.0/src/old_server.cpp (-1 / +2 lines)
81	} else if (!strcmp(argv[i],"-name")) // name player uses when connecting	81	} else if (!strcmp(argv[i],"-name")) // name player uses when connecting
82	{	82	{
83	i++;	83	i++;
84	strcpy(name,argv[i]);	84	strncpy(name,argv[i],sizeof(name)-1);
		85	name[sizeof(name)-1]='\0';
85	} else if (!strcmp(argv[i],"-nonet"))	86	} else if (!strcmp(argv[i],"-nonet"))
86	{	87	{
87	dprintf("Network bypassed, no player will be able to connect\n");	88	dprintf("Network bypassed, no player will be able to connect\n");

Return to bug 65317

Lines 83-89 Link Here

(-)abuse_sdl-0.7.0_9.0/src/loader2.cpp (-3 / +4 lines)
83	if (fp->open_failure())	83	if (fp->open_failure())
84	{	84	{
85	delete fp;	85	delete fp;
86	sprintf(fn,"art/%s",filename);	86	snprintf(fn,sizeof(fn),"art/%s",filename);
87	fp=open_file(fn,"rb");	87	fp=open_file(fn,"rb");
88	if (fp->open_failure())	88	if (fp->open_failure())
89	{	89	{
Lines 305-316 Link Here
305	if (!strcmp(argv[i],"-lsf"))	305	if (!strcmp(argv[i],"-lsf"))
306	{	306	{
307	i++;	307	i++;
308	strcpy(lsf,argv[i]);	308	strncpy(lsf,argv[i],sizeof(lsf)-1);
		309	lsf[sizeof(lsf)-1]='\0';
309	}	310	}
310	if (!strcmp(argv[i],"-a"))	311	if (!strcmp(argv[i],"-a"))
311	{	312	{
312	i++;	313	i++;
313	sprintf(lsf,"addon/%s/%s.lsp",argv[i],argv[i]);	314	snprintf(lsf,sizeof(lsf),"addon/%s/%s.lsp",argv[i],argv[i]);
314	}	315	}
315	}	316	}
316	} else if (!get_remote_lsf(net_server,lsf))	317	} else if (!get_remote_lsf(net_server,lsf))