diff options
Diffstat (limited to '')
-rw-r--r-- | patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff b/patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff new file mode 100644 index 000000000..352d00f03 --- /dev/null +++ b/patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff @@ -0,0 +1,85 @@ +--- ./src/fontfile/fileio.c.orig 2014-01-07 10:25:08.000000000 -0600 ++++ ./src/fontfile/fileio.c 2017-11-29 00:37:05.450068487 -0600 +@@ -36,6 +36,9 @@ + #ifndef O_BINARY + #define O_BINARY O_RDONLY + #endif ++#ifndef O_NOFOLLOW ++#define O_NOFOLLOW 0 ++#endif + + FontFilePtr + FontFileOpen (const char *name) +@@ -44,7 +47,7 @@ + int len; + BufFilePtr raw, cooked; + +- fd = open (name, O_BINARY); ++ fd = open (name, O_BINARY|O_CLOEXEC|O_NOFOLLOW); + if (fd < 0) + return 0; + raw = BufFileOpenRead (fd); +--- ./src/fontfile/dirfile.c.orig 2014-01-07 10:25:08.000000000 -0600 ++++ ./src/fontfile/dirfile.c 2017-11-29 00:35:44.400069349 -0600 +@@ -41,6 +41,7 @@ + #include <stdio.h> + #include <sys/types.h> + #include <sys/stat.h> ++#include <fcntl.h> + #include <errno.h> + + static Bool AddFileNameAliases ( FontDirectoryPtr dir ); +@@ -57,8 +58,9 @@ + char dir_file[MAXFONTFILENAMELEN]; + char dir_path[MAXFONTFILENAMELEN]; + char *ptr; +- FILE *file; +- int count, ++ FILE *file = 0; ++ int file_fd, ++ count, + num_fonts, + status; + struct stat statb; +@@ -88,7 +90,14 @@ + if (dir_file[strlen(dir_file) - 1] != '/') + strcat(dir_file, "/"); + strcat(dir_file, FontDirFile); ++#ifndef WIN32 ++ file_fd = open(dir_file, O_RDONLY | O_NOFOLLOW); ++ if (file_fd >= 0) { ++ file = fdopen(file_fd, "rt"); ++ } ++#else + file = fopen(dir_file, "rt"); ++#endif + if (file) { + #ifndef WIN32 + if (fstat (fileno(file), &statb) == -1) +@@ -258,7 +267,8 @@ + char alias[MAXFONTNAMELEN]; + char font_name[MAXFONTNAMELEN]; + char alias_file[MAXFONTFILENAMELEN]; +- FILE *file; ++ int file_fd; ++ FILE *file = 0; + FontDirectoryPtr dir; + int token; + char *lexToken; +@@ -276,7 +286,16 @@ + strcat(alias_file, "/"); + strcat(alias_file, FontAliasFile); + } ++ ++#ifndef WIN32 ++ file_fd = open(alias_file, O_RDONLY | O_NOFOLLOW); ++ if (file_fd >= 0) { ++ file = fdopen(file_fd, "rt"); ++ } ++#else + file = fopen(alias_file, "rt"); ++#endif ++ + if (!file) + return ((errno == ENOENT) ? Successful : BadFontPath); + if (!dir) |