Package: xmcd Version: 2.6-21 Severity: normal Tags: patch User: [EMAIL PROTECTED] Usertags: origin-ubuntu jaunty ubuntu-patch
Hi, open(2) states that a mode must be specified when the O_CREAT flag is specified, there are a few cases where you package does not do that. Attached is a patch to specify a mode in those calls, please consider applying it. The patch to cddb_open is a bit odd, as it doesn't choose the flags itself. I patched the case where it is called with O_CREAT by one caller, but it would take a bit of a re-work to have the caller also specify the mode, or to add an explicit mode to the open calls in cddb_local_open as well. Thanks, James
diff -u xmcd-2.6/cda_d/cda.c xmcd-2.6/cda_d/cda.c --- xmcd-2.6/cda_d/cda.c +++ xmcd-2.6/cda_d/cda.c @@ -393,7 +393,7 @@ mypid = getpid(); for (;;) { - fd = open(dlock, O_CREAT | O_EXCL | O_WRONLY); + fd = open(dlock, O_CREAT | O_EXCL | O_WRONLY, 0644); if (fd < 0) { if (errno == EEXIST) { if ((fd = open(dlock, O_RDONLY)) < 0) diff -u xmcd-2.6/cddb_d/cddb_int.c xmcd-2.6/cddb_d/cddb_int.c --- xmcd-2.6/cddb_d/cddb_int.c +++ xmcd-2.6/cddb_d/cddb_int.c @@ -2072,7 +2072,7 @@ if (rw & O_WRONLY) { /* Open file */ - if ((fp->fd = open(dbp->dbfile, rw)) < 0) { + if ((fp->fd = open(dbp->dbfile, rw, S_IRUSR | S_IWUSR)) < 0) { MEM_FREE(fp->cache); MEM_FREE(fp); return NULL; --- xmcd-2.6.orig/libdi_d/libdi.c +++ xmcd-2.6/libdi_d/libdi.c @@ -2721,7 +2721,7 @@ mypid = getpid(); for (;;) { - fd = open(lockfile, O_CREAT | O_EXCL | O_WRONLY); + fd = open(lockfile, O_CREAT | O_EXCL | O_WRONLY, 0644); if (fd < 0) { if (errno == EEXIST) { if ((fd = open(lockfile, O_RDONLY)) < 0)