[Bf-committers] Patches for CVE-20008-1103
Jochen Schmitt
Jochen at herr-schmitt.de
Wed May 7 18:22:59 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hallo,
I have found the following patch for CVE-2008-1103 from the debian
project:
diff -urN blender-2.36.orig/source/blender/blenkernel/intern/blender.c
blender-2.36/source/blender/blenkernel/intern/blender.c
- ---
blender-2.36.orig/source/blender/blenkernel/intern/blender.c
2005-03-11 01:54:56.000000000 +0900
+++ blender-2.36/source/blender/blenkernel/intern/blender.c
2005-03-11 01:57:26.000000000 +0900
@@ -647,7 +647,7 @@
BLI_make_file_string("/", str, U.tempdir, "quit.blend");
- - file = open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC, 0666);
+ file = open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC+O_EXCL, 0666);
if(file == -1) {
printf("Unable to save %s\n", str);
return;
diff -up blender-2.45/source/blender/src/usiblender.c.cve3
blender-2.45/source/blender/src/usiblender.c
- --- blender-2.45/source/blender/src/usiblender.c.cve3 2007-09-18
06:58:42.000000000 +0200
+++ blender-2.45/source/blender/src/usiblender.c 2008-05-07
17:32:10.000000000 +0200
@@ -172,10 +172,12 @@ static void init_userdef_file(void)
U.tb_rightmouse= 5;
}
if(U.mixbufsize==0) U.mixbufsize= 2048;
- - if (BLI_streq(U.tempdir, "/")) {
+ if (BLI_streq(U.tempdir, "/") || BLI_streq(U.tempdir, "/tmp/")) {
char *tmp= getenv("TEMP");
+ char *home= getenv("HOME");
- - strcpy(U.tempdir, tmp?tmp:"/tmp/");
+ strcpy(U.tempdir, tmp?tmp:home);
+ if (!tmp) strcat(U.tempdir, "/.blender/");
}
if (U.savetime <= 0) {
U.savetime = 1;
Unfortunately, I have no idea how I have to modified the second patch
for applying on blender-2.45rc3.
I may be happy for any assistance.
Best Regards:
Jochen Schmitt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFIIddZT2AHK6txfgwRAuS2AKD4gDAp0GbaSo4/nih0f5lcmKz5egCdG3s/
6TSu6YNqghig00DhMEESxJQ=
=Qz/T
-----END PGP SIGNATURE-----
More information about the Bf-committers
mailing list