CVE-2016-8605: Thread-unsafe umask modification
---
main/guile/APKBUILD | 4 ++-
main/guile/CVE-2016-8605.patch | 70 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 73 insertions(+), 1 deletion(-)
create mode 100644 main/guile/CVE-2016-8605.patch
diff --git a/main/guile/APKBUILD b/main/guile/APKBUILD
index c4563e3..7fe67c8 100644
--- a/main/guile/APKBUILD
+++ b/main/guile/APKBUILD
@@ -1,7 +1,8 @@
+# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=guile
pkgver=1.8.8
-pkgrel=2
+pkgrel=3
pkgdesc="Guile is a portable, embeddable Scheme implementation written in C"
url="http://www.gnu.org/software/guile/"
arch="all"
@@ -13,6 +14,7 @@ install=
source="ftp://ftp.gnu.org/pub/gnu/$pkgname/$pkgname-$pkgver.tar.gz
guile-1.8.7-gcc45.patch
fix-defines.patch
+ CVE-2016-8605.patch
"
_builddir="$srcdir"/$pkgname-$pkgver
diff --git a/main/guile/CVE-2016-8605.patch b/main/guile/CVE-2016-8605.patch
new file mode 100644
index 0000000..0f179ce
--- /dev/null
+++ b/main/guile/CVE-2016-8605.patch
@@ -0,0 +1,70 @@
+CVE-2016-8605: Thread-unsafe umask modification
+https://bugs.alpinelinux.org/issues/6367
+http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=245608911698adb3472803856019bdd5670b6614
+
+Remove 'umask' calls from 'mkdir'.
+Fixes <http://bugs.gnu.org/24659>.
+
+* libguile/filesys.c (SCM_DEFINE): Remove calls to 'umask' when MODE is
+unbound; instead, use 0777 as the mode. Update docstring to clarify
+this.
+* doc/ref/posix.texi (File System): Adjust accordingly.
+
+diff -ru guile-1.8.8.orig/doc/ref/posix.texi guile-1.8.8/doc/ref/posix.texi
+--- guile-1.8.8.orig/doc/ref/posix.texi
++++ guile-1.8.8/doc/ref/posix.texi
+@@ -815,9 +815,10 @@
+ @deffn {Scheme Procedure} mkdir path [mode]
+ @deffnx {C Function} scm_mkdir (path, mode)
+ Create a new directory named by @var{path}. If @var{mode} is omitted
+-then the permissions of the directory file are set using the current
+-umask (@pxref{Processes}). Otherwise they are set to the decimal
+-value specified with @var{mode}. The return value is unspecified.
++then the permissions of the directory are set to @code{#o777}
++masked with the current umask (@pxref{Processes, @code{umask}}).
++Otherwise they are set to the value specified with @var{mode}.
++The return value is unspecified.
+ @end deffn
+
+ @deffn {Scheme Procedure} rmdir path
+diff -ru guile-1.8.8.orig/libguile/filesys.c guile-1.8.8/libguile/filesys.c
+--- guile-1.8.8.orig/libguile/filesys.c
++++ guile-1.8.8/libguile/filesys.c
+@@ -790,27 +790,22 @@
+ #ifdef HAVE_MKDIR
+ SCM_DEFINE (scm_mkdir, "mkdir", 1, 1, 0,
+ (SCM path, SCM mode),
+- "Create a new directory named by @var{path}. If @var{mode} is omitted\n"
+- "then the permissions of the directory file are set using the current\n"
+- "umask. Otherwise they are set to the decimal value specified with\n"
+- "@var{mode}. The return value is unspecified.")
++ "Create a new directory named by @var{path}. If @var{mode} is omitted\n"
++ "then the permissions of the directory are set to @code{#o777}\n"
++ "masked with the current umask (@pxref{Processes, @code{umask}}).\n"
++ "Otherwise they are set to the value specified with @var{mode}.\n"
++ "The return value is unspecified.")
+ #define FUNC_NAME s_scm_mkdir
+ {
+ int rv;
+- mode_t mask;
++ mode_t c_mode;
+
+- if (SCM_UNBNDP (mode))
+- {
+- mask = umask (0);
+- umask (mask);
+- STRING_SYSCALL (path, c_path, rv = mkdir (c_path, 0777 ^ mask));
+- }
+- else
+- {
+- STRING_SYSCALL (path, c_path, rv = mkdir (c_path, scm_to_uint (mode)));
+- }
++ c_mode = SCM_UNBNDP (mode) ? 0777 : scm_to_uint (mode);
++
++ STRING_SYSCALL (path, c_path, rv = mkdir (c_path, c_mode));
+ if (rv != 0)
+ SCM_SYSERROR;
++
+ return SCM_UNSPECIFIED;
+ }
+ #undef FUNC_NAME
--
2.4.11
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---
On Mon, 23 Jan 2017 09:37:07 +0000
Sergei Lukin <sergej.lukin@gmail.com> wrote:
> CVE-2016-8605: Thread-unsafe umask modification
> ---
> main/guile/APKBUILD | 4 ++-
> main/guile/CVE-2016-8605.patch | 70 ++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 73 insertions(+), 1 deletion(-)
> create mode 100644 main/guile/CVE-2016-8605.patch
applied with some fixes:
- add checksum for the patch
- remove the texi hunk as it made the build fail
thanks!
-nc
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---