[Bf-committers] [PATCH] Re-occurance of CVE-2008-1103 on blender-2.63a
Jochen Schmitt
Jochen at herr-schmitt.de
Sat Sep 8 15:30:11 CEST 2012
Hallo,
unfortunately, I have got an complaint about the re-occurance of the
security flaw CVE-2008-1103 on blender-2.63a. Please refer to
BZ #855092 on https://bugzilla.redhat.com for further informationen.
Therefor I have created the following patch attached on the end of this
mail to fix the reported issue.
It may be nice, if can anyone can take a review of the patch and integrate
the patch in the next upcomming release of blender.
Best Regards:
Jochen Schmitt
diff -up blender-2.63a/source/blender/blenkernel/intern/blender.c.cve blender-2.63a/source/blender/blenkernel/intern/blender.c
--- blender-2.63a/source/blender/blenkernel/intern/blender.c.cve 2012-05-10 16:50:20.000000000 +0200
+++ blender-2.63a/source/blender/blenkernel/intern/blender.c 2012-09-07 10:10:05.518999947 +0200
@@ -40,6 +40,7 @@
# define write _write
#endif
+#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include <stddef.h>
@@ -706,7 +707,8 @@ void BKE_undo_save_quit(void)
{
UndoElem *uel;
MemFileChunk *chunk;
- int file;
+ int file = -1;
+ int flags = O_BINARY+O_WRONLY+O_CREAT+O_TRUNC+O_EXCL;
char str[FILE_MAX];
if ( (U.uiflag & USER_GLOBALUNDO)==0) return;
@@ -722,10 +724,16 @@ void BKE_undo_save_quit(void)
BLI_make_file_string("/", str, BLI_temporary_dir(), "quit.blend");
- file = BLI_open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC, 0666);
- if (file == -1) {
- //XXX error("Unable to save %s, check you have permissions", str);
- return;
+ while (file == -1) {
+ file = BLI_open(str,flags, 0666);
+ if (file == -1) {
+ if (errno == EEXIST) {
+ flags ^= O_CREAT;
+ } else {
+ //XXX error("Unable to save %s, check you have permissions", str);
+ return;
+ }
+ }
}
chunk= uel->memfile.chunks.first;
More information about the Bf-committers
mailing list