New version 3.4.0
Fix for CVE-2020-26575, CVE-2020-28030
This commit is contained in:
parent
dcd6e4a42d
commit
0315112421
@ -111,43 +111,50 @@ index fde66c8..b9531d2 100644
|
||||
tempfile_->open();
|
||||
|
||||
diff --git a/wsutil/tempfile.c b/wsutil/tempfile.c
|
||||
index 8e1f8dc..dcf2f78 100644
|
||||
index 5082452..f751a7c 100644
|
||||
--- a/wsutil/tempfile.c
|
||||
+++ b/wsutil/tempfile.c
|
||||
@@ -36,6 +36,7 @@
|
||||
@@ -12,10 +12,12 @@
|
||||
|
||||
#include <glib.h>
|
||||
#include "tempfile.h"
|
||||
#include <wsutil/file_util.h>
|
||||
+#include <wsutil/file_util.h>
|
||||
+#include <wsutil/wstmpdir.h> /* for get_tmp_dir() */
|
||||
|
||||
#ifndef __set_errno
|
||||
#define __set_errno(x) errno=(x)
|
||||
@@ -83,13 +83,14 @@ mkstemps(char *path_template, int suffixlen)
|
||||
*/
|
||||
char *get_tempfile_path(const char *filename)
|
||||
{
|
||||
- return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", g_get_tmp_dir(), filename);
|
||||
+ return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", get_tmp_dir(), filename);
|
||||
}
|
||||
|
||||
#define MAX_TEMPFILES 3
|
||||
|
||||
/**
|
||||
- * Create a tempfile with the given prefix (e.g. "wireshark").
|
||||
+ * Create a tempfile with the given prefix (e.g. "wireshark"). The path
|
||||
+ * is created using get_tmp_dir and mkdtemp
|
||||
* Create a tempfile with the given prefix (e.g. "wireshark"). The path
|
||||
- * is created using g_file_open_tmp.
|
||||
+ * is created using get_tmp_dir.
|
||||
*
|
||||
* @param namebuf If not NULL, receives the full path of the temp file.
|
||||
* Should NOT be freed.
|
||||
@@ -199,7 +200,7 @@ create_tempfile(char **namebuf, const char *pfx, const char *sfx)
|
||||
tf[idx].path = (char *)g_malloc(tf[idx].len);
|
||||
}
|
||||
* @param namebuf [in,out] If not NULL, receives the full path of the temp file.
|
||||
* Must be freed.
|
||||
@@ -30,6 +31,9 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
|
||||
{
|
||||
int fd;
|
||||
gchar *safe_pfx = NULL;
|
||||
+ gchar *tmp_file;
|
||||
+ const char *tmp_dir;
|
||||
+ int old_mask;
|
||||
|
||||
- tmp_dir = g_get_tmp_dir();
|
||||
if (pfx) {
|
||||
/* The characters in "delimiters" come from:
|
||||
@@ -49,7 +53,15 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
|
||||
gchar* filetmpl = g_strdup_printf("%sXXXXXX%s", safe_pfx ? safe_pfx : "", sfx ? sfx : "");
|
||||
g_free(safe_pfx);
|
||||
|
||||
- fd = g_file_open_tmp(filetmpl, namebuf, err);
|
||||
+ tmp_dir = get_tmp_dir();
|
||||
+ tmp_file = g_strconcat(tmp_dir, "/", filetmpl, NULL);
|
||||
+
|
||||
+ if (namebuf)
|
||||
+ *namebuf = tmp_file;
|
||||
+
|
||||
+ old_mask = ws_umask(0077);
|
||||
+ fd = mkstemps(tmp_file, sfx ? (int) strlen(sfx) : 0);
|
||||
+ ws_umask(old_mask);
|
||||
|
||||
#ifdef _WIN32
|
||||
_tzset();
|
||||
g_free(filetmpl);
|
||||
return fd;
|
||||
diff --git a/wsutil/tempfile.h b/wsutil/tempfile.h
|
||||
index 1dca2df..bb3160c 100644
|
||||
--- a/wsutil/tempfile.h
|
||||
@ -156,17 +163,17 @@ index 1dca2df..bb3160c 100644
|
||||
|
||||
/**
|
||||
* Create a tempfile with the given prefix (e.g. "wireshark"). The path
|
||||
- * is created using g_get_tmp_dir and mkstemp.
|
||||
- * is created using g_file_open_tmp.
|
||||
+ * is created using get_tmp_dir and mkstemp.
|
||||
*
|
||||
* @param namebuf [in,out] If not NULL, receives the full path of the temp file.
|
||||
* Must NOT be freed.
|
||||
* Must be freed.
|
||||
diff --git a/wsutil/wstmpdir.c b/wsutil/wstmpdir.c
|
||||
new file mode 100644
|
||||
index 0000000..d8b733b
|
||||
--- /dev/null
|
||||
+++ b/wsutil/wstmpdir.c
|
||||
@@ -0,0 +1,70 @@
|
||||
@@ -0,0 +1,71 @@
|
||||
+/* wstmpdir.c
|
||||
+ *
|
||||
+ * Copyright (C) 2013 Red Hat, Inc. All right reserved.
|
||||
@ -224,6 +231,7 @@ index 0000000..d8b733b
|
||||
+ k = strlen(tmp);
|
||||
+ if (k > 1 && G_IS_DIR_SEPARATOR(tmp[k - 1]))
|
||||
+ tmp[k - 1] = '\0';
|
||||
+ fprintf(stderr, "Using P_tmpdir: %s\n", P_tmpdir);
|
||||
+ }
|
||||
+#endif /* P_tmpdir */
|
||||
+
|
||||
|
@ -1,14 +1,14 @@
|
||||
%undefine __cmake_in_source_build
|
||||
%global with_lua 1
|
||||
%global with_maxminddb 1
|
||||
%global plugins_version 3.2
|
||||
%global plugins_version 3.4
|
||||
# added temporarily due to errors in libqt5core
|
||||
%define _lto_cflags %{nil}
|
||||
|
||||
Summary: Network traffic analyzer
|
||||
Name: wireshark
|
||||
Version: 3.2.7
|
||||
Release: 2%{?dist}
|
||||
Version: 3.4.0
|
||||
Release: 1%{?dist}
|
||||
Epoch: 1
|
||||
License: GPL+
|
||||
Url: http://www.wireshark.org/
|
||||
@ -60,6 +60,7 @@ BuildRequires: flex
|
||||
BuildRequires: pcre-devel
|
||||
BuildRequires: perl(Pod::Html)
|
||||
BuildRequires: perl(Pod::Man)
|
||||
BuildRequires: perl(open)
|
||||
Buildrequires: libssh-devel
|
||||
BuildRequires: qt5-linguist
|
||||
BuildRequires: qt5-qtbase-devel
|
||||
@ -268,6 +269,10 @@ getent group usbmon >/dev/null || groupadd -r usbmon
|
||||
%{_libdir}/pkgconfig/%{name}.pc
|
||||
|
||||
%changelog
|
||||
* Wed Dec 02 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.4.0-1
|
||||
- New version 3.4.0
|
||||
- Fix for CVE-2020-26575, CVE-2020-28030
|
||||
|
||||
* Fri Oct 09 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.7-1
|
||||
- New version 3.2.7
|
||||
- Fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866
|
||||
|
Loading…
Reference in New Issue
Block a user