1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
--- ./src/fontfile/fileio.c.orig 2014-01-07 10:25:08.000000000 -0600
+++ ./src/fontfile/fileio.c 2017-11-29 00:37:05.450068487 -0600
@@ -36,6 +36,9 @@
#ifndef O_BINARY
#define O_BINARY O_RDONLY
#endif
+#ifndef O_NOFOLLOW
+#define O_NOFOLLOW 0
+#endif
FontFilePtr
FontFileOpen (const char *name)
@@ -44,7 +47,7 @@
int len;
BufFilePtr raw, cooked;
- fd = open (name, O_BINARY);
+ fd = open (name, O_BINARY|O_CLOEXEC|O_NOFOLLOW);
if (fd < 0)
return 0;
raw = BufFileOpenRead (fd);
--- ./src/fontfile/dirfile.c.orig 2014-01-07 10:25:08.000000000 -0600
+++ ./src/fontfile/dirfile.c 2017-11-29 00:35:44.400069349 -0600
@@ -41,6 +41,7 @@
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
+#include <fcntl.h>
#include <errno.h>
static Bool AddFileNameAliases ( FontDirectoryPtr dir );
@@ -57,8 +58,9 @@
char dir_file[MAXFONTFILENAMELEN];
char dir_path[MAXFONTFILENAMELEN];
char *ptr;
- FILE *file;
- int count,
+ FILE *file = 0;
+ int file_fd,
+ count,
num_fonts,
status;
struct stat statb;
@@ -88,7 +90,14 @@
if (dir_file[strlen(dir_file) - 1] != '/')
strcat(dir_file, "/");
strcat(dir_file, FontDirFile);
+#ifndef WIN32
+ file_fd = open(dir_file, O_RDONLY | O_NOFOLLOW);
+ if (file_fd >= 0) {
+ file = fdopen(file_fd, "rt");
+ }
+#else
file = fopen(dir_file, "rt");
+#endif
if (file) {
#ifndef WIN32
if (fstat (fileno(file), &statb) == -1)
@@ -258,7 +267,8 @@
char alias[MAXFONTNAMELEN];
char font_name[MAXFONTNAMELEN];
char alias_file[MAXFONTFILENAMELEN];
- FILE *file;
+ int file_fd;
+ FILE *file = 0;
FontDirectoryPtr dir;
int token;
char *lexToken;
@@ -276,7 +286,16 @@
strcat(alias_file, "/");
strcat(alias_file, FontAliasFile);
}
+
+#ifndef WIN32
+ file_fd = open(alias_file, O_RDONLY | O_NOFOLLOW);
+ if (file_fd >= 0) {
+ file = fdopen(file_fd, "rt");
+ }
+#else
file = fopen(alias_file, "rt");
+#endif
+
if (!file)
return ((errno == ENOENT) ? Successful : BadFontPath);
if (!dir)
|