[rocksndiamonds/f17] apply fix for user configuration/cache directory permission issue (CVE-2011-4606, bz766805)

[Tom Callaway]

commit 918b18e7ef7e9f98ff9d479cdf265fc5a27e2589
Author: Tom Callaway <spot at fedoraproject.org>
Date:   Fri Feb 10 15:41:44 2012 -0500

    apply fix for user configuration/cache directory permission issue (CVE-2011-4606, bz766805)

 rocksndiamonds-CVE-2011-4606.patch |   29 +++++++++++++++++++++++++++++
 rocksndiamonds.spec                |    7 ++++++-
 2 files changed, 35 insertions(+), 1 deletions(-)
---
diff --git a/rocksndiamonds-CVE-2011-4606.patch b/rocksndiamonds-CVE-2011-4606.patch
new file mode 100644
index 0000000..65a06e6
--- /dev/null
+++ b/rocksndiamonds-CVE-2011-4606.patch
@@ -0,0 +1,29 @@
+diff -up rocksndiamonds-3.3.0.1/src/libgame/setup.c.CVE-2011-4606 rocksndiamonds-3.3.0.1/src/libgame/setup.c
+--- rocksndiamonds-3.3.0.1/src/libgame/setup.c.CVE-2011-4606	2011-12-12 14:28:30.083078680 -0500
++++ rocksndiamonds-3.3.0.1/src/libgame/setup.c	2011-12-12 14:34:36.758744753 -0500
+@@ -1293,11 +1293,14 @@ void sortTreeInfo(TreeInfo **node_first)
+ #define MODE_W_ALL		(S_IWUSR | S_IWGRP | S_IWOTH)
+ #define MODE_X_ALL		(S_IXUSR | S_IXGRP | S_IXOTH)
+ 
++#define MODE_R_PRIVATE		(S_IRUSR)
+ #define MODE_W_PRIVATE		(S_IWUSR)
++#define MODE_X_PRIVATE		(S_IXUSR)
++
+ #define MODE_W_PUBLIC		(S_IWUSR | S_IWGRP)
+ #define MODE_W_PUBLIC_DIR	(S_IWUSR | S_IWGRP | S_ISGID)
+ 
+-#define DIR_PERMS_PRIVATE	(MODE_R_ALL | MODE_X_ALL | MODE_W_PRIVATE)
++#define DIR_PERMS_PRIVATE	(MODE_R_PRIVATE | MODE_X_PRIVATE | MODE_W_PRIVATE)
+ #define DIR_PERMS_PUBLIC	(MODE_R_ALL | MODE_X_ALL | MODE_W_PUBLIC_DIR)
+ 
+ #define FILE_PERMS_PRIVATE	(MODE_R_ALL | MODE_W_PRIVATE)
+@@ -1456,7 +1459,8 @@ void createDirectory(char *dir, char *te
+   if (running_setgid)
+     posix_umask(last_umask & group_umask);
+   else
+-    dir_mode |= MODE_W_ALL;
++    if (permission_class == PERMS_PUBLIC)
++      dir_mode |= MODE_W_ALL;
+ 
+   if (!fileExists(dir))
+     if (posix_mkdir(dir, dir_mode) != 0)
diff --git a/rocksndiamonds.spec b/rocksndiamonds.spec
index 2795dad..f97f042 100644
--- a/rocksndiamonds.spec
+++ b/rocksndiamonds.spec
@@ -1,6 +1,6 @@
 Name:		rocksndiamonds
 Version:	3.3.0.1
-Release:	4%{?dist}
+Release:	5%{?dist}
 License:	GPL+
 Group:		Amusements/Games
 Summary:	Underground digging game
@@ -14,6 +14,7 @@ Patch0:		rocksndiamonds-3.2.6.0-nosmpeg.patch
 Patch1:		rocksndiamonds-highscore.patch
 Patch2:		rocksndiamonds-YN.patch
 Patch3:		rocksndiamonds-3.2.6.0-music-info-url.patch
+Patch4:		rocksndiamonds-CVE-2011-4606.patch
 BuildRequires:	SDL-devel, libX11-devel, desktop-file-utils, xorg-x11-proto-devel
 BuildRequires:	SDL_image-devel, SDL_mixer-devel, SDL_net-devel
 
@@ -27,6 +28,7 @@ rocks and strange creatures!
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1 
 
 %build
 make %{?_smp_mflags} RO_GAME_DIR=%{_datadir}/%{name}/ RW_GAME_DIR=%{_localstatedir}/games/%{name}/ EXTRA_CFLAGS="$RPM_OPT_FLAGS -DUSE_USERDATADIR_FOR_COMMONDATA"
@@ -65,6 +67,9 @@ desktop-file-install 				\
 %{_mandir}/man1/*
 
 %changelog
+* Fri Feb 10 2012 Tom Callaway <spot at fedoraproject.org> - 3.3.0.1-5
+- apply fix for user configuration/cache directory permission issue (CVE-2011-4606, bz766805)
+
 * Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.3.0.1-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild