[gridengine/f16] Set _hardened_build Add two more upstream security patches Renumber patches
Orion Poplawski
orion at fedoraproject.org
Tue Apr 17 16:44:07 UTC 2012
commit 53d665ea8bb02a6736bef65c1392d772ce4df9e7
Author: Orion Poplawski <orion at cora.nwra.com>
Date: Tue Apr 17 10:35:13 2012 -0600
Set _hardened_build
Add two more upstream security patches
Renumber patches
buffer-overflow.patch | 66 +++++++++++++++++++++++++++++++++++++++++++
gridengine.spec | 14 ++++++++-
symlink.patch | 75 +++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 153 insertions(+), 2 deletions(-)
---
diff --git a/buffer-overflow.patch b/buffer-overflow.patch
new file mode 100644
index 0000000..a2fbaba
--- /dev/null
+++ b/buffer-overflow.patch
@@ -0,0 +1,66 @@
+Index: source/utilbin/sge_passwd.c
+===================================================================
+--- source/utilbin/sge_passwd.c (revision 115)
++++ source/utilbin/sge_passwd.c (working copy)
+@@ -1049,7 +1049,7 @@
+ static void
+ sge_passwd_add_change(const char *username, const char *domain, uid_t uid)
+ {
+- char user[128] = "";
++ char user[128+128] = ""; /* actually (128-1) + (1) + (128-1) + (1) */
+ char **users = NULL;
+ char **encryped_pwd = NULL;
+ char err_str[MAX_STRING_SIZE];
+@@ -1319,9 +1319,13 @@
+ DEXIT;
+ exit(1);
+ }
+- if (!strcmp(argv[1],"-D")) {
++ if (!strcmp(argv[1],"-D"))
++ {
+ argc--; argv++;
+- if (argc != 1 && sscanf(argv[1], "%s", domain) == 1) {
++
++ if (argc != 1 && strncpy(domain, argv[1], sizeof(domain)))
++ {
++ domain[sizeof(domain)-1] = '\0';
+ argc--; argv++;
+ continue;
+ } else {
+@@ -1330,7 +1334,8 @@
+ exit(1);
+ }
+ }
+- if (!strcmp(argv[1],"-d")) {
++ if (!strcmp(argv[1],"-d"))
++ {
+ uid_t uid = getuid();
+
+ if (uid != 0) {
+@@ -1340,7 +1345,11 @@
+ }
+
+ argc--; argv++;
+- if (argc != 1 && sscanf(argv[1], "%s", username) == 1) {
++
++ if (argc != 1 && strncpy(username, argv[1], sizeof(username)))
++ {
++ username[sizeof(username)-1] = '\0';
++
+ argc--; argv++;
+ do_delete = true;
+ continue;
+@@ -1349,8 +1358,11 @@
+ DEXIT;
+ exit(1);
+ }
+- }
+- if (argv[1][0] != '-' && sscanf(argv[1], "%s", username) == 1) {
++ }
++
++
++ if (argv[1][0] != '-' && strncpy(username, argv[1], sizeof(username)))
++ {
+ uid_t uid = getuid();
+
+ if (uid != 0) {
diff --git a/gridengine.spec b/gridengine.spec
index ee086b3..0749a5d 100644
--- a/gridengine.spec
+++ b/gridengine.spec
@@ -3,10 +3,11 @@
%define username sgeadmin
%define homedir %{_datadir}/gridengine
%define gecos Grid Engine
+%define _hardened_build 1
Name: gridengine
Version: 6.2u5p2
-Release: 7%{?dist}.2
+Release: 7%{?dist}.3
Summary: Grid Engine - Distributed Computing Management software
Group: Applications/System
@@ -79,8 +80,10 @@ Patch32: gridengine-paths.patch
Patch33: gridengine-linux3.patch
# Call automake with --add-missing
Patch34: gridengine-add-missing.patch
-# Upstream env-code-injection security patch
+# Upstream security patches
Patch35: env-code-injection-SGE6.2u5p3.patch
+Patch36: buffer-overflow.patch
+Patch37: symlink.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
ExcludeArch: ppc64
@@ -209,6 +212,8 @@ rm -r source/3rdparty/jemalloc
%patch33 -p1 -b .linux3
%patch34 -p1 -b .add-missing
%patch35 -p0 -b .env-code-injection
+%patch36 -p0 -b .buffer-overflow
+%patch37 -p0 -b .symlink
sed -i.arch -e 's,/\$DSTARCH,,g' source/scripts/distinst
#Don't ship rctemplates
rm -rf source/dist/util/rctemplates
@@ -613,6 +618,11 @@ fi
%changelog
+* Tue Apr 17 2012 Orion Poplawski <orion at cora.nwra.com> 6.2u5p2-7.3
+- Set _hardened_build
+- Add two more upstream security patches
+- Renumber patches
+
* Tue Apr 17 2012 Orion Poplawski <orion at cora.nwra.com> 6.2u5p2-7.2
- Add upstream env-code-injection security patch
diff --git a/symlink.patch b/symlink.patch
new file mode 100644
index 0000000..1c28346
--- /dev/null
+++ b/symlink.patch
@@ -0,0 +1,75 @@
+Index: source/libs/uti/sge_log.c
+===================================================================
+--- source/libs/uti/sge_log.c (revision 121)
++++ source/libs/uti/sge_log.c (working copy)
+@@ -38,6 +38,8 @@
+ #include <pthread.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
++#include <unistd.h>
++#include <errno.h>
+
+ #include "sge.h"
+ #include "sge_time.h"
+@@ -643,10 +645,20 @@
+ static void sge_do_log(u_long32 me, const char* progname, const char* unqualified_hostname,
+ int aLevel, const char *aMessage)
+ {
+- int fd;
++ if (me == QMASTER || me == EXECD || me == SCHEDD || me == SHADOWD)
++ {
++ int fd, open_flags = O_WRONLY | O_APPEND | O_CREAT;
++ const char *logfile = log_state_get_log_file();
+
+- if (me == QMASTER || me == EXECD || me == SCHEDD || me == SHADOWD) {
+- if ((fd = SGE_OPEN3(log_state_get_log_file(), O_WRONLY | O_APPEND | O_CREAT, 0666)) >= 0) {
++ #if defined(O_NOFOLLOW)
++ open_flags |= O_NOFOLLOW;
++ #elif defined(O_EXCL)
++ open_flags |= O_EXCL;
++ #endif
++
++ again:
++ if ((fd = SGE_OPEN3(logfile, open_flags, 0666)) >= 0)
++ {
+ char msg2log[4*MAX_STRING_SIZE];
+ dstring msg;
+
+@@ -654,15 +666,32 @@
+
+ append_time((time_t)sge_get_gmt(), &msg, false);
+
+- sge_dstring_sprintf_append(&msg, "|%6.6s|%s|%c|%s\n",
+- progname,
+- unqualified_hostname,
+- aLevel,
+- aMessage);
++ sge_dstring_sprintf_append(&msg, "|%6.6s|%s|%c|%s\n", progname, unqualified_hostname, aLevel, aMessage);
+
+ write(fd, msg2log, strlen(msg2log));
+ close(fd);
+ }
++ #if defined(O_NOFOLLOW)
++ else if (errno == ELOOP)
++ {
++ if (unlink(logfile) == 0)
++ {
++ goto again;
++ }
++ }
++ #elif defined(O_EXCL)
++ else if (errno == EEXIST)
++ {
++ struct stat buf;
++
++ if (lstat(logfile, &buf) == 0 && buf.st_uid == getuid()) /* our file?? */
++ {
++ open_flags = O_WRONLY | O_APPEND | O_CREAT;
++
++ goto again;
++ }
++ }
++ #endif
+ }
+
+ return;
More information about the scm-commits
mailing list