~ubuntu-branches/ubuntu/lucid/samba/lucid-security

« back to all changes in this revision

Viewing changes to debian/patches/security-mask-signals.patch

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2011-09-30 11:51:06 UTC
  • Revision ID: package-import@ubuntu.com-20110930115106-i2gtgkiwu0p1p3yu
Tags: 2:3.4.7~dfsg-1ubuntu3.8
* SECURITY UPDATE: denial of service via stale mtab lockfile
  - debian/patches/security-mask-signals.patch: mask signals while
    updating the mtab file in source3/client/mount.cifs.c.
  - CVE-2011-3585
* SECURITY UPDATE: mtab corruption via resource limits
  - debian/patches/CVE-2011-1678.patch: truncate mtab file if updating it
    failed in source3/client/{mount.cifs.c,mount.h,mtab.c}.
  - CVE-2011-1678
* SECURITY UPDATE: mtab corruption via incorrect new line check
  - debian/patches/CVE-2011-2724.patch: check proper return codes in
    source3/client/mount.cifs.c.
  - CVE-2011-2724

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
Description: fix denial of service via stale mtab lockfile
 
2
Origin: backport, http://git.samba.org/?p=cifs-utils.git;a=commitdiff;h=810f7e4e0f2dbcbee0294d9b371071cb08268200
 
3
 
 
4
Index: samba-3.4.7~dfsg/source3/client/mount.cifs.c
 
5
===================================================================
 
6
--- samba-3.4.7~dfsg.orig/source3/client/mount.cifs.c   2011-09-29 09:21:45.361326382 -0400
 
7
+++ samba-3.4.7~dfsg/source3/client/mount.cifs.c        2011-09-29 09:25:33.893332232 -0400
 
8
@@ -40,6 +40,7 @@
 
9
 #include <fcntl.h>
 
10
 #include <limits.h>
 
11
 #include "mount.h"
 
12
+#include <signal.h>
 
13
 
 
14
 #define MOUNT_CIFS_VERSION_MAJOR "1"
 
15
 #define MOUNT_CIFS_VERSION_MINOR "12"
 
16
@@ -182,9 +183,9 @@
 
17
 }
 
18
 
 
19
 /* caller frees username if necessary */
 
20
-static char * getusername(void) {
 
21
+static char * getusername(uid_t uid) {
 
22
        char *username = NULL;
 
23
-       struct passwd *password = getpwuid(getuid());
 
24
+       struct passwd *password = getpwuid(uid);
 
25
 
 
26
        if (password) {
 
27
                username = password->pw_name;
 
28
@@ -1082,6 +1083,7 @@
 
29
        const char * ipaddr = NULL;
 
30
        char * uuid = NULL;
 
31
        char * mountpoint = NULL;
 
32
+       char * mount_user = NULL;
 
33
        char * options = NULL;
 
34
        char * optionstail;
 
35
        char * resolved_path = NULL;
 
36
@@ -1105,6 +1107,7 @@
 
37
        struct sockaddr_in *addr4;
 
38
        struct sockaddr_in6 *addr6;
 
39
        FILE * pmntfile;
 
40
+       sigset_t mask, oldmask;
 
41
 
 
42
        /* setlocale(LC_ALL, "");
 
43
        bindtextdomain(PACKAGE, LOCALEDIR);
 
44
@@ -1367,7 +1370,7 @@
 
45
                if (getenv("USER"))
 
46
                        user_name = strdup(getenv("USER"));
 
47
                if (user_name == NULL)
 
48
-                       user_name = getusername();
 
49
+                       user_name = getusername(getuid());
 
50
                got_user = 1;
 
51
        }
 
52
        
 
53
@@ -1530,6 +1533,38 @@
 
54
 
 
55
        if (nomtab)
 
56
                goto mount_exit;
 
57
+
 
58
+       uid = getuid();
 
59
+       if (uid != 0)
 
60
+               mount_user = getusername(uid);
 
61
+
 
62
+       /*
 
63
+        * Set the real uid to the effective uid. This prevents unprivileged
 
64
+        * users from sending signals to this process, though ^c on controlling
 
65
+        * terminal should still work.
 
66
+        */
 
67
+       rc = setreuid(geteuid(), -1);
 
68
+       if (rc != 0) {
 
69
+               fprintf(stderr, "Unable to set real uid to effective uid: %s\n",
 
70
+                               strerror(errno));
 
71
+               rc = EX_FILEIO;
 
72
+               goto mount_exit;
 
73
+       }
 
74
+
 
75
+       rc = sigfillset(&mask);
 
76
+       if (rc) {
 
77
+               fprintf(stderr, "Unable to set filled signal mask\n");
 
78
+               rc = EX_FILEIO;
 
79
+               goto mount_exit;
 
80
+       }
 
81
+
 
82
+       rc = sigprocmask(SIG_SETMASK, &mask, &oldmask);
 
83
+       if (rc) {
 
84
+               fprintf(stderr, "Unable to make process ignore signals\n");
 
85
+               rc = EX_FILEIO;
 
86
+               goto mount_exit;
 
87
+       }
 
88
+
 
89
        atexit(unlock_mtab);
 
90
        rc = lock_mtab();
 
91
        if (rc) {
 
92
@@ -1548,7 +1583,6 @@
 
93
        mountent.mnt_type = CONST_DISCARD(char *,"cifs");
 
94
        mountent.mnt_opts = (char *)malloc(220);
 
95
        if(mountent.mnt_opts) {
 
96
-               char * mount_user = getusername();
 
97
                memset(mountent.mnt_opts,0,200);
 
98
                if(flags & MS_RDONLY)
 
99
                        strlcat(mountent.mnt_opts,"ro",220);
 
100
@@ -1581,6 +1615,7 @@
 
101
        SAFE_FREE(mountent.mnt_opts);
 
102
        if (rc)
 
103
                rc = EX_FILEIO;
 
104
+       sigprocmask(SIG_SETMASK, &oldmask, NULL);
 
105
 mount_exit:
 
106
        if(mountpassword) {
 
107
                int len = strlen(mountpassword);