cronie/fix-unsafe-code.patch

118 lines
3.7 KiB
Diff
Raw Normal View History

diff -ru cronie-1.5.2/src/cronnext.c cronie-1.5.2_patched/src/cronnext.c
--- cronie-1.5.2/src/cronnext.c 2018-05-03 18:41:12.000000000 +0200
+++ cronie-1.5.2_patched/src/cronnext.c 2018-09-07 15:17:54.555924440 +0200
@@ -71,13 +71,13 @@
/*
* print entry flags
*/
-char *flagname[]= {
- [MIN_STAR] = "MIN_STAR",
- [HR_STAR] = "HR_STAR",
- [DOM_STAR] = "DOM_STAR",
- [DOW_STAR] = "DOW_STAR",
- [WHEN_REBOOT] = "WHEN_REBOOT",
- [DONT_LOG] = "DONT_LOG"
+const char *flagname[]= {
+ "MIN_STAR",
+ "HR_STAR",
+ "DOM_STAR",
+ "DOW_STAR",
+ "WHEN_REBOOT",
+ "DONT_LOG"
};
void printflags(char *indent, int flags) {
@@ -85,8 +85,8 @@
int first = 1;
printf("%s flagnames:", indent);
- for (f = 1; f < sizeof(flagname); f = f << 1)
- if (flags & f) {
+ for (f = 0; f < sizeof(flagname)/sizeof(char *); f++)
+ if (flags & (int)1 << f) {
printf("%s%s", first ? " " : "|", flagname[f]);
first = 0;
}
diff -ru cronie-1.5.2/src/do_command.c cronie-1.5.2_patched/src/do_command.c
--- cronie-1.5.2/src/do_command.c 2017-09-14 13:53:21.000000000 +0200
+++ cronie-1.5.2_patched/src/do_command.c 2018-09-07 15:17:54.555924440 +0200
@@ -418,7 +418,7 @@
if (mailto && safe_p(usernm, mailto)
&& strncmp(MailCmd,"off",3) && !SyslogOutput) {
char **env;
- char mailcmd[MAX_COMMAND];
+ char mailcmd[MAX_COMMAND+1]; /* +1 for terminator */
char hostname[MAXHOSTNAMELEN];
char *content_type = env_get("CONTENT_TYPE", jobenv),
*content_transfer_encoding =
@@ -434,7 +434,7 @@
}
}
else {
- strncpy(mailcmd, MailCmd, MAX_COMMAND);
+ strncpy(mailcmd, MailCmd, MAX_COMMAND+1);
}
if (!(mail = cron_popen(mailcmd, "w", e->pwd, jobenv))) {
perror(mailcmd);
diff -ru cronie-1.5.2/src/env.c cronie-1.5.2_patched/src/env.c
--- cronie-1.5.2/src/env.c 2017-09-14 13:53:21.000000000 +0200
+++ cronie-1.5.2_patched/src/env.c 2018-09-07 15:17:54.554924435 +0200
@@ -63,7 +63,7 @@
for (i = 0; i < count; i++)
if ((p[i] = strdup(envp[i])) == NULL) {
save_errno = errno;
- while (--i >= 0)
+ while (i-- > 0)
free(p[i]);
free(p);
errno = save_errno;
@@ -263,7 +263,9 @@
}
if (state != FINI && state != EQ2 && !(state == VALUE && !quotechar)) {
Debug(DPARS, ("load_env, not an env var, state = %d\n", state));
- fseek(f, filepos, 0);
+ if (fseek(f, filepos, 0)) {
+ return ERR;
+ }
Set_LineNum(fileline);
return (FALSE);
}
diff -ru cronie-1.5.2/src/globals.h cronie-1.5.2_patched/src/globals.h
--- cronie-1.5.2/src/globals.h 2017-01-17 16:53:50.000000000 +0100
+++ cronie-1.5.2_patched/src/globals.h 2018-09-07 15:17:54.555924440 +0200
@@ -77,7 +77,7 @@
XTRN time_t StartTime;
XTRN int NoFork;
XTRN int PermitAnyCrontab;
-XTRN char MailCmd[MAX_COMMAND];
+XTRN char MailCmd[MAX_COMMAND+1]; /* +1 for terminator */
XTRN char cron_default_mail_charset[MAX_ENVSTR];
XTRN int EnableClustering;
XTRN int ChangePath;
diff -ru cronie-1.5.2/src/security.c cronie-1.5.2_patched/src/security.c
--- cronie-1.5.2/src/security.c 2017-09-14 13:29:47.000000000 +0200
+++ cronie-1.5.2_patched/src/security.c 2018-09-07 15:17:54.554924435 +0200
@@ -417,7 +417,7 @@
}
}
- if (strcmp(u->scontext, ucontext)) {
+ if (!ucontext || strcmp(u->scontext, ucontext)) {
if (!cron_authorize_range(u->scontext, ucontext)) {
if (security_getenforce() > 0) {
# ifdef WITH_AUDIT
diff -ru cronie-1.5.2/src/user.c cronie-1.5.2_patched/src/user.c
--- cronie-1.5.2/src/user.c 2017-01-17 16:53:50.000000000 +0100
+++ cronie-1.5.2_patched/src/user.c 2018-09-07 15:17:54.555924440 +0200
@@ -44,6 +44,10 @@
free_user (user * u) {
entry *e, *ne;
+ if (!u) {
+ return;
+ }
+
free(u->name);
free(u->tabname);
for (e = u->crontab; e != NULL; e = ne) {