diff options
author | Florian Festi <ffesti@redhat.com> | 2015-07-23 11:56:13 +0200 |
---|---|---|
committer | Panu Matilainen <pmatilai@redhat.com> | 2016-11-02 10:41:53 +0200 |
commit | eec854932d50010e4b3c6fb237f37d8f0a93bd23 (patch) | |
tree | 1c244ca1b0568bc7e26ab52db78007fca881ccd9 | |
parent | b1cb0cb18fc9b98b44f5f7381a2ab4558ae7c0cb (diff) | |
download | rpm-eec854932d50010e4b3c6fb237f37d8f0a93bd23.tar.gz |
Create files with with 000 permissions to avoid leaking yet unchecked data
As we are calculating the check sum while writing we only know the file
content is correct after it being written comletely. CVE-2013-6435
(cherry picked from commit 7e26e2bd726f48836be289400c7d82cb8b067dc1)
-rw-r--r-- | lib/fsm.c | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -215,7 +215,12 @@ static int expandRegular(rpmfi fi, const char *dest, rpmpsm psm, int nodigest, i FD_t wfd = NULL; int rc = 0; - wfd = Fopen(dest, "w.ufdio"); + /* Create the file with 000 permissions. */ + { + mode_t old_umask = umask(0777); + wfd = Fopen(dest, "w.ufdio"); + umask(old_umask); + } if (Ferror(wfd)) { rc = RPMERR_OPEN_FAILED; goto exit; |