summaryrefslogtreecommitdiffstats
path: root/editors/joe/files
diff options
context:
space:
mode:
authortrevor <trevor@FreeBSD.org>2000-11-25 07:09:18 +0000
committertrevor <trevor@FreeBSD.org>2000-11-25 07:09:18 +0000
commit3fccb1b6d8157179d01581e6a246232144637ecb (patch)
tree8e275f732182c96f03803b9abc398d7b446b5956 /editors/joe/files
parent7a45d663ead352e438e5be5ac3af1219e3811db5 (diff)
downloadFreeBSD-ports-3fccb1b6d8157179d01581e6a246232144637ecb.zip
FreeBSD-ports-3fccb1b6d8157179d01581e6a246232144637ecb.tar.gz
- don't follow links (symbolic or hard) owned by another user when
creating a DEADJOE file (http://www.securityfocus.com/archive/1/145305) - make DEADJOE files with 0600 permissions, rather than using the user's umask (PR 12827) - do the PORTREVISION thing I am not sure whether the maintainer considers these ready. However, they work for me. Submitted by: maintainer
Diffstat (limited to 'editors/joe/files')
-rw-r--r--editors/joe/files/patch-ad46
1 files changed, 39 insertions, 7 deletions
diff --git a/editors/joe/files/patch-ad b/editors/joe/files/patch-ad
index a57f81e..47b1bb2 100644
--- a/editors/joe/files/patch-ad
+++ b/editors/joe/files/patch-ad
@@ -1,6 +1,7 @@
--- b.c.orig Fri Jan 20 13:38:25 1995
-+++ b.c Tue Dec 28 15:56:10 1999
-@@ -22,4 +22,7 @@
++++ b.c Fri Nov 24 00:24:52 2000
+@@ -21,6 +21,9 @@
+ #include <pwd.h>
#endif
#include <errno.h>
+#include <sys/file.h>
@@ -8,13 +9,17 @@
+#include <sys/stat.h>
#include "config.h"
-@@ -202,4 +205,5 @@
+ #include "blocks.h"
+@@ -201,6 +204,7 @@
+ if(prop) b->o=prop->o;
else b->o=pdefault;
mset(b->marks,0,sizeof(b->marks));
+ b->filehandle = -1; /* initialize filehandle &&& ob */
b->rdonly=0;
b->orphan=0;
-@@ -256,4 +260,8 @@
+ b->oldcur=0;
+@@ -255,6 +259,10 @@
+ {
if(b && !--b->count)
{
+ if (b->filehandle != -1) {
@@ -23,7 +28,9 @@
+ }
if(b->changed) abrerr(b->name);
if(b==errbuf) errbuf=0;
-@@ -1672,5 +1680,6 @@
+ if(b->undo) undorm(b->undo);
+@@ -1671,7 +1679,8 @@
+ B *b;
long skip,amnt;
char *n;
- int nowrite=0;
@@ -31,7 +38,9 @@
+ int nowrite=0,fh=-1;
if(!s || !s[0])
-@@ -1705,4 +1714,26 @@
+ {
+@@ -1704,6 +1713,28 @@
+ else fclose(fi);
fi=fopen(n,"r");
if(!fi) nowrite=0;
+/*printf ("nowrite open=%i\n", nowrite); */
@@ -58,9 +67,32 @@
+
}
joesep(n);
-@@ -1762,4 +1793,5 @@
+
+@@ -1761,6 +1792,7 @@
+ vsrm(n);
b->er=error;
+ if( fh != -1 ) b->filehandle = fh;
return b;
}
+
+@@ -1990,7 +2022,18 @@
+ {
+ long tim=time(0);
+ B *b;
+- FILE *f=fopen("DEADJOE","a");
++ FILE *f;
++ struct stat sb;
++ if ((lstat("DEADJOE", &sb) == 0) && (sb.st_mode & S_IFLNK) && (sb.st_uid != getuid()))
++ {
++ printf("*** JOE was aborted ");
++ if (sig) printf("by signal %d, cannot save DEADJOE due to unsafe symlink\n",sig);
++ else printf("because the terminal closed, cannot save DEADJOE due to unsafe symlink\n");
++ if(sig) ttclsn();
++ _exit(1);
++ }
++ f=fopen("DEADJOE","a");
++ chmod("DEADJOE", S_IRUSR | S_IWUSR);
+ fprintf(f,"\n*** Modified files in JOE when it aborted on %s",ctime(&tim));
+ if(sig) fprintf(f,"*** JOE was aborted by signal %d\n",sig);
+ else fprintf(f,"*** JOE was aborted because the terminal closed\n");
OpenPOWER on IntegriCloud