From 8d213e1ff98b582b5f796dcb31d4818e7c2f529e Mon Sep 17 00:00:00 2001 From: Masanori Ogino <167209+omasanori@users.noreply.github.com> Date: Tue, 23 Feb 2021 16:53:01 +0900 Subject: [PATCH] guile-1.8: fix CVE-2016-8605 Backports 245608911698adb3472803856019bdd5670b6614 from guile.git Fixes https://github.com/NixOS/nixpkgs/issues/73648 Signed-off-by: Masanori Ogino <167209+omasanori@users.noreply.github.com> --- pkgs/development/interpreters/guile/1.8.nix | 5 +- .../interpreters/guile/CVE-2016-8605.patch | 59 +++++++++++++++++++ 2 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 pkgs/development/interpreters/guile/CVE-2016-8605.patch diff --git a/pkgs/development/interpreters/guile/1.8.nix b/pkgs/development/interpreters/guile/1.8.nix index 93eca9a73f1f..6277312acc85 100644 --- a/pkgs/development/interpreters/guile/1.8.nix +++ b/pkgs/development/interpreters/guile/1.8.nix @@ -37,7 +37,10 @@ stdenv.mkDerivation rec { libtool ]; - patches = [ ./cpp-4.5.patch ]; + patches = [ + ./cpp-4.5.patch + ./CVE-2016-8605.patch + ]; preBuild = '' sed -e '/lt_dlinit/a lt_dladdsearchdir("'$out/lib'");' -i libguile/dynl.c diff --git a/pkgs/development/interpreters/guile/CVE-2016-8605.patch b/pkgs/development/interpreters/guile/CVE-2016-8605.patch new file mode 100644 index 000000000000..2fc281357ca8 --- /dev/null +++ b/pkgs/development/interpreters/guile/CVE-2016-8605.patch @@ -0,0 +1,59 @@ +commit d514e3fc42eb14a1bc5846b27ef89f50ba3a5d48 +Author: Ludovic Courtès +Date: Tue Oct 11 10:14:26 2016 +0200 + + Remove 'umask' calls from 'mkdir'. + + Fixes . + + * libguile/filesys.c (SCM_DEFINE): Remove calls to 'umask' when MODE is + unbound; instead, use 0777 as the mode. Update docstring to clarify + this. + +diff --git a/libguile/filesys.c b/libguile/filesys.c +index c8acb13ef..921f765f1 100644 +--- a/libguile/filesys.c ++++ b/libguile/filesys.c +@@ -1,4 +1,5 @@ +-/* Copyright (C) 1996,1997,1998,1999,2000,2001, 2002, 2004, 2006, 2008 Free Software Foundation, Inc. ++/* Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2004, 2006, ++ * 2009, 2010, 2011, 2012, 2013, 2014, 2016 Free Software Foundation, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public +@@ -791,26 +792,21 @@ SCM_DEFINE (scm_delete_file, "delete-file", 1, 0, 0, + SCM_DEFINE (scm_mkdir, "mkdir", 1, 1, 0, + (SCM path, SCM mode), + "Create a new directory named by @var{path}. If @var{mode} is omitted\n" +- "then the permissions of the directory file are set using the current\n" +- "umask. Otherwise they are set to the decimal value specified with\n" +- "@var{mode}. The return value is unspecified.") ++ "then the permissions of the directory are set to @code{#o777}\n" ++ "masked with the current umask (@pxref{Processes, @code{umask}}).\n" ++ "Otherwise they are set to the value specified with @var{mode}.\n" ++ "The return value is unspecified.") + #define FUNC_NAME s_scm_mkdir + { + int rv; +- mode_t mask; ++ mode_t c_mode; + +- if (SCM_UNBNDP (mode)) +- { +- mask = umask (0); +- umask (mask); +- STRING_SYSCALL (path, c_path, rv = mkdir (c_path, 0777 ^ mask)); +- } +- else +- { +- STRING_SYSCALL (path, c_path, rv = mkdir (c_path, scm_to_uint (mode))); +- } ++ c_mode = SCM_UNBNDP (mode) ? 0777 : scm_to_uint (mode); ++ ++ STRING_SYSCALL (path, c_path, rv = mkdir (c_path, c_mode)); + if (rv != 0) + SCM_SYSERROR; ++ + return SCM_UNSPECIFIED; + } + #undef FUNC_NAME