[redeclipse/f17: 3/4] add security-text-command-fix.patch
Martin Erik Werner
arand at fedoraproject.org
Tue Aug 7 20:02:54 UTC 2012
commit 9c76c1c79d9a70017df87be3dea6c430312451b0
Author: Martin Erik Werner <martinerikwerner at gmail.com>
Date: Fri Jul 27 19:24:30 2012 +0200
add security-text-command-fix.patch
File access security fix.
redeclipse.spec | 8 +++++++-
security-text-command-fix.patch | 33 +++++++++++++++++++++++++++++++++
2 files changed, 40 insertions(+), 1 deletions(-)
---
diff --git a/redeclipse.spec b/redeclipse.spec
index 16f151e..66bb8e5 100644
--- a/redeclipse.spec
+++ b/redeclipse.spec
@@ -2,7 +2,7 @@ Summary: Multiplayer FPS game based on Cube2
Name: redeclipse
Group: Amusements/Games
Version: 1.2
-Release: 11%{?dist}
+Release: 12%{?dist}
# Game engine is zlib
# Icon and trademark info is CC-BY-SA
@@ -29,6 +29,7 @@ Patch1: %{name}-%{version}-backported-fix-icon-sizes.patch
# Build using external Enet library from Fedora
# Not wanted upstream
Patch2: %{name}-%{version}-build-with-system-enet.patch
+Patch3: %{name}-%{version}-security-text-command-fix.patch
BuildRequires: SDL-devel
BuildRequires: SDL_mixer-devel
@@ -106,6 +107,7 @@ cp %{SOURCE2} .
%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
%build
@@ -168,6 +170,10 @@ fi
%changelog
+* Fri Jul 27 2012 Martin Erik Werner <martinerikwerner at gmail.com>
+- 1.2-12
+- Add security-text-command-fix.patch
+
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
diff --git a/security-text-command-fix.patch b/security-text-command-fix.patch
new file mode 100644
index 0000000..2838f51
--- /dev/null
+++ b/security-text-command-fix.patch
@@ -0,0 +1,33 @@
+From 52fdd35c3ffc1ce2e568180eac2da93e179fef2a Mon Sep 17 00:00:00 2001
+From: eihrul <eihrul at 2cd6abe5-5779-42d9-9038-cec04ae5ff40>
+Date: Sun, 22 Jul 2012 21:22:55 +0000
+Subject: [PATCH] text command fix
+Comment:
+ Game maps can in cube2-engine games be transmitted either from server
+ to client or from client to client, which includes a config file
+ (mapname.cfg) which is in "cubescript" format, this makes it possible
+ for an attacker to send a malign script via a new map (which must be
+ chosen by admin on a server, or created in cooperative editing mode). A
+ script like this could trivially read/write to any files which the user
+ running the client has access to (it is executed when the client loads
+ the map).
+ .
+ This patch stops "textedit" commands being able to be run in map-run
+ scripts, thus disabling the ability to read/write to user files.
+
+git-svn-id: https://redeclipse.svn.sourceforge.net/svnroot/redeclipse@3764 2cd6abe5-5779-42d9-9038-cec04ae5ff40
+---
+ src/engine/textedit.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/engine/textedit.h
++++ b/src/engine/textedit.h
+@@ -690,7 +690,7 @@
+
+ #define TEXTCOMMAND(f, s, d, body) ICOMMAND(0, f, s, d,\
+ editor *top = currentfocus();\
+- if(!top) return;\
++ if(!top || identflags&IDF_WORLD) return;\
+ body\
+ )
+
More information about the scm-commits
mailing list