summaryrefslogtreecommitdiffstats
path: root/source/a/nvi/patches/nvi-21-exrc_writability_check.patch
diff options
context:
space:
mode:
Diffstat (limited to 'source/a/nvi/patches/nvi-21-exrc_writability_check.patch')
-rw-r--r--source/a/nvi/patches/nvi-21-exrc_writability_check.patch61
1 files changed, 61 insertions, 0 deletions
diff --git a/source/a/nvi/patches/nvi-21-exrc_writability_check.patch b/source/a/nvi/patches/nvi-21-exrc_writability_check.patch
new file mode 100644
index 000000000..a93dbc5bc
--- /dev/null
+++ b/source/a/nvi/patches/nvi-21-exrc_writability_check.patch
@@ -0,0 +1,61 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 21exrc_writability_check.dpatch by <hesso@pool.math.tu-berlin.de>
+##
+## DP: No description.
+
+@DPATCH@
+diff -Naur nvi-1.81.6.orig/ex/ex_init.c nvi-1.81.6/ex/ex_init.c
+--- nvi-1.81.6.orig/ex/ex_init.c 2007-11-18 17:41:42.000000000 +0100
++++ nvi-1.81.6/ex/ex_init.c 2008-05-01 18:24:45.000000000 +0200
+@@ -26,6 +26,9 @@
+ #include <string.h>
+ #include <unistd.h>
+
++#include <pwd.h>
++#include <grp.h>
++
+ #include "../common/common.h"
+ #include "tag.h"
+ #include "pathnames.h"
+@@ -346,6 +349,9 @@
+ int nf1, nf2;
+ char *a, *b, buf[MAXPATHLEN];
+
++ struct group *grp_p;
++ struct passwd *pwd_p;
++
+ /* Check for the file's existence. */
+ if (stat(path, sbp))
+ return (NOEXIST);
+@@ -359,10 +365,30 @@
+ }
+
+ /* Check writeability. */
+- if (sbp->st_mode & (S_IWGRP | S_IWOTH)) {
++ if (sbp->st_mode & S_IWOTH) {
+ etype = WRITER;
+ goto denied;
+ }
++ if (sbp->st_mode & S_IWGRP) {
++ /* on system error (getgrgid or getpwnam return NULL) set etype to WRITER
++ * and continue execution */
++ if( (grp_p = getgrgid(sbp->st_gid)) == NULL) {
++ etype = WRITER;
++ goto denied;
++ }
++
++ /* lookup the group members' uids for an uid different from euid */
++ while( ( *(grp_p->gr_mem) ) != NULL) { /* gr_mem is a null-terminated array */
++ if( (pwd_p = getpwnam(*(grp_p->gr_mem)++)) == NULL) {
++ etype = WRITER;
++ goto denied;
++ }
++ if(pwd_p->pw_uid != euid) {
++ etype = WRITER;
++ goto denied;
++ }
++ }
++ }
+ return (RCOK);
+
+ denied: a = msg_print(sp, path, &nf1);