1
Author: Frank Lahm <franklahm@googlemail.com>
2
Date: Thu Nov 26 10:41:43 2009 +0000
4
Fix a symlink attack problem and a race condition in cnid_maint script. From SATOH Fumiyasu.
6
diff --git a/bin/cnid/cnid_maint.in b/bin/cnid/cnid_maint.in
7
index b622caf..c8bf467 100755
8
--- a/bin/cnid/cnid_maint.in
9
+++ b/bin/cnid/cnid_maint.in
12
# cnid_maint: A script to maintain the consistency of CNID databases.
14
-# $Id: cnid_maint.in,v 1.15 2003/02/17 02:32:45 jmarcus Exp $
15
+# $Id: cnid_maint.in,v 1.15.8.1 2009/11/26 10:41:43 franklahm Exp $
24
@@ -20,6 +21,7 @@ use vars qw(
32
@@ -86,10 +88,13 @@ if (-f $LOCK_FILE) {
36
-unless (open(LOCK, ">" . $LOCK_FILE)) {
37
+$LOCK = IO::File->new($LOCK_FILE, O_RDWR|O_CREAT|O_EXCL, 0600);
38
+unless (defined($LOCK)) {
39
error(2, "Unable to create $LOCK_FILE: $!");
41
-flock(LOCK, LOCK_EX);
42
+unless (flock($LOCK, LOCK_EX|LOCK_NB)) {
43
+ error(2, "Unable to obtain lock: $LOCK_FILE: $!");
47
# Check to see if the AppleVolumes.default file exists. We will use this file
48
@@ -314,8 +319,8 @@ sub end {
56
print "\nRun of CNID DB Maintenance script ended at "
57
. scalar(localtime) . ".\n";