diff options
Diffstat (limited to 'meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-3.patch')
-rw-r--r-- | meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-3.patch | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-3.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-3.patch new file mode 100644 index 0000000000..a82febd26e --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-3.patch | |||
@@ -0,0 +1,57 @@ | |||
1 | Backport of: | ||
2 | |||
3 | From ce0eb088a68171eed3ac217cb92a72e36eb57d1b Mon Sep 17 00:00:00 2001 | ||
4 | From: Philip Withnall <pwithnall@endlessos.org> | ||
5 | Date: Wed, 10 Mar 2021 16:05:55 +0000 | ||
6 | Subject: [PATCH 3/5] glocalfileoutputstream: Factor out a flag check | ||
7 | |||
8 | This clarifies the code a little. It introduces no functional changes. | ||
9 | |||
10 | Signed-off-by: Philip Withnall <pwithnall@endlessos.org> | ||
11 | |||
12 | Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] | ||
13 | CVE: CVE-2021-28153 | ||
14 | Signed-off-by: Neetika Singh <Neetika.Singh@kpit.com> | ||
15 | Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> | ||
16 | |||
17 | --- | ||
18 | gio/glocalfileoutputstream.c | 7 ++++--- | ||
19 | 1 file changed, 4 insertions(+), 3 deletions(-) | ||
20 | |||
21 | --- a/gio/glocalfileoutputstream.c | ||
22 | +++ b/gio/glocalfileoutputstream.c | ||
23 | @@ -847,6 +847,7 @@ handle_overwrite_open (const char *fi | ||
24 | int res; | ||
25 | int mode; | ||
26 | int errsv; | ||
27 | + gboolean replace_destination_set = (flags & G_FILE_CREATE_REPLACE_DESTINATION); | ||
28 | |||
29 | mode = mode_from_flags_or_info (flags, reference_info); | ||
30 | |||
31 | @@ -954,7 +955,7 @@ handle_overwrite_open (const char *fi | ||
32 | * to a backup file and rewrite the contents of the file. | ||
33 | */ | ||
34 | |||
35 | - if ((flags & G_FILE_CREATE_REPLACE_DESTINATION) || | ||
36 | + if (replace_destination_set || | ||
37 | (!(original_stat.st_nlink > 1) && !is_symlink)) | ||
38 | { | ||
39 | char *dirname, *tmp_filename; | ||
40 | @@ -973,7 +974,7 @@ handle_overwrite_open (const char *fi | ||
41 | |||
42 | /* try to keep permissions (unless replacing) */ | ||
43 | |||
44 | - if ( ! (flags & G_FILE_CREATE_REPLACE_DESTINATION) && | ||
45 | + if (!replace_destination_set && | ||
46 | ( | ||
47 | #ifdef HAVE_FCHOWN | ||
48 | fchown (tmpfd, original_stat.st_uid, original_stat.st_gid) == -1 || | ||
49 | @@ -1112,7 +1113,7 @@ handle_overwrite_open (const char *fi | ||
50 | } | ||
51 | } | ||
52 | |||
53 | - if (flags & G_FILE_CREATE_REPLACE_DESTINATION) | ||
54 | + if (replace_destination_set) | ||
55 | { | ||
56 | g_close (fd, NULL); | ||
57 | |||