fix CVE-2020-28935
(cherry picked from commit 978756643925c1a7de50ea339497f6ff6a67760a)
This commit is contained in:
sherlock2010
openeuler-sync-bot
parent
c9f30d5380
commit
02b0895549
54
CVE-2020-28935.patch
Normal file
54
CVE-2020-28935.patch
Normal file
@ -0,0 +1,54 @@
|
||||
From ad387832979b6ce4c93f64fe706301cd7d034e87 Mon Sep 17 00:00:00 2001
|
||||
From: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
|
||||
Date: Mon, 23 Nov 2020 13:42:11 +0100
|
||||
Subject: [PATCH] - Fix for #303 CVE-2020-28935 : Fix that symlink does not
|
||||
interfere with chown of pidfile.
|
||||
|
||||
---
|
||||
daemon/unbound.c | 26 ++++++++++++++++++++------
|
||||
doc/Changelog | 2 ++
|
||||
2 files changed, 22 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/daemon/unbound.c b/daemon/unbound.c
|
||||
index cd0fd69f2..45537d5c9 100644
|
||||
--- a/daemon/unbound.c
|
||||
+++ b/daemon/unbound.c
|
||||
@@ -341,18 +341,32 @@ readpid (const char* file)
|
||||
static void
|
||||
writepid (const char* pidfile, pid_t pid)
|
||||
{
|
||||
- FILE* f;
|
||||
+ int fd;
|
||||
+ char pidbuf[32];
|
||||
+ size_t count = 0;
|
||||
+ snprintf(pidbuf, sizeof(pidbuf), "%lu\n", (unsigned long)pid);
|
||||
|
||||
- if ((f = fopen(pidfile, "w")) == NULL ) {
|
||||
+ if((fd = open(pidfile, O_WRONLY | O_CREAT | O_TRUNC
|
||||
+#ifdef O_NOFOLLOW
|
||||
+ | O_NOFOLLOW
|
||||
+#endif
|
||||
+ , 0644)) == -1) {
|
||||
log_err("cannot open pidfile %s: %s",
|
||||
pidfile, strerror(errno));
|
||||
return;
|
||||
}
|
||||
- if(fprintf(f, "%lu\n", (unsigned long)pid) < 0) {
|
||||
- log_err("cannot write to pidfile %s: %s",
|
||||
- pidfile, strerror(errno));
|
||||
+ while(count < strlen(pidbuf)) {
|
||||
+ ssize_t r = write(fd, pidbuf+count, strlen(pidbuf)-count);
|
||||
+ if(r == -1) {
|
||||
+ if(errno == EAGAIN || errno == EINTR)
|
||||
+ continue;
|
||||
+ log_err("cannot write to pidfile %s: %s",
|
||||
+ pidfile, strerror(errno));
|
||||
+ break;
|
||||
+ }
|
||||
+ count += r;
|
||||
}
|
||||
- fclose(f);
|
||||
+ close(fd);
|
||||
}
|
||||
|
||||
/**
|
||||
12
unbound.spec
12
unbound.spec
@ -2,7 +2,7 @@
|
||||
|
||||
Name: unbound
|
||||
Version: 1.11.0
|
||||
Release: 1
|
||||
Release: 2
|
||||
Summary: Unbound is a validating, recursive, caching DNS resolver
|
||||
License: BSD
|
||||
Url: https://nlnetlabs.nl/projects/unbound/about/
|
||||
@ -21,6 +21,8 @@ Source11: unbound.sysconfig
|
||||
Source12: unbound-anchor.timer
|
||||
Source13: unbound-anchor.service
|
||||
|
||||
Patch0: CVE-2020-28935.patch
|
||||
|
||||
BuildRequires: make flex swig pkgconfig systemd python-unversioned-command
|
||||
BuildRequires: libevent-devel expat-devel openssl-devel python3-devel
|
||||
BuildRequires: unbound-libs
|
||||
@ -71,6 +73,8 @@ Package help includes includes man pages for unbound.
|
||||
|
||||
pushd %{name}-%{version}
|
||||
|
||||
%patch0 -p1
|
||||
|
||||
cp -pr doc pythonmod libunbound ../
|
||||
popd
|
||||
|
||||
@ -225,6 +229,12 @@ popd
|
||||
%{_mandir}/man*
|
||||
|
||||
%changelog
|
||||
* Tue Feb 23 2021 zhouyihang <zhouyihang3@huawei.com> - 1.11.0-2
|
||||
- Type:CVE
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
- DESC:fix CVE-2020-28935
|
||||
|
||||
* Sat Aug 29 2020 xiaqirong <xiaqirong1@huawei.com> - 1.11.0-1
|
||||
- Type:requirement
|
||||
- ID:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user