rpms / libreport

Clone
Source Code
GIT

Blame SOURCES/0138-dd-add-missing-return-statement.patch

c4 c5 c6 c7-beta c8 c8-beta
  1.   c7-beta
  2.   SOURCES
  3.   0138-dd-add-missing-return-statement.patch
Blob History Raw
4b6aa8 
From 82bea520c7c037f861cf27859a194bb64559f835 Mon Sep 17 00:00:00 2001
4b6aa8 
From: Jakub Filak <jfilak@redhat.com>
4b6aa8 
Date: Sat, 23 May 2015 01:10:16 +0200
4b6aa8 
Subject: [LIBREPORT PATCH] dd: add missing return statement
4b6aa8
4b6aa8 
The missing return allows abrt-dbus to read any file on system
4b6aa8 
(absolute paths do not work because of an assert but relative paths
4b6aa8 
 allow an attacker to read everything).
4b6aa8
4b6aa8 
Related: #1217484
4b6aa8
4b6aa8 
Signed-off-by: Jakub Filak <jfilak@redhat.com>
4b6aa8 
---
4b6aa8 
 src/lib/dump_dir.c | 6 ++++--
4b6aa8 
 1 file changed, 4 insertions(+), 2 deletions(-)
4b6aa8
4b6aa8 
diff --git a/src/lib/dump_dir.c b/src/lib/dump_dir.c
4b6aa8 
index 32f498b..796f947 100644
4b6aa8 
--- a/src/lib/dump_dir.c
4b6aa8 
+++ b/src/lib/dump_dir.c
4b6aa8 
@@ -1153,8 +1153,10 @@ char* dd_load_text_ext(const struct dump_dir *dd, const char *name, unsigned fla
4b6aa8 
     if (!str_is_correct_filename(name))
4b6aa8 
     {
4b6aa8 
         error_msg("Cannot load text. '%s' is not a valid file name", name);
4b6aa8 
-        if (!(flags & DD_LOAD_TEXT_RETURN_NULL_ON_FAILURE))
4b6aa8 
-            xfunc_die();
4b6aa8 
+        if ((flags & DD_LOAD_TEXT_RETURN_NULL_ON_FAILURE))
4b6aa8 
+            return NULL;
4b6aa8 
+
4b6aa8 
+        xfunc_die();
4b6aa8 
     }
4b6aa8
4b6aa8 
     /* Compat with old abrt dumps. Remove in abrt-2.1 */
4b6aa8 
--
4b6aa8 
1.8.3.1
4b6aa8

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation