Bug#446236: lha doesn't work with recent glibc upgrade in testing
On Thu, Oct 11, 2007 at 02:38:15PM +0400, Sergey Lapin wrote: That's due to mkstemp call and O_EXCL in subsequent open of the same file. I workaround this by removing O_EXCL, but I think it is either some problem in glibc or code in lha needs to be reworked. I fixed it by not using O_EXCL when mkstemp was used previously to create the file. The other code paths looked differently so I still use O_EXCL there in the hope that it does not break. A proper fix would take the fd returned by mkstemp, but that would require more intrusive code changes. NMU patch is attached. Kind regards Philipp Kern diff -u lha-1.14i/debian/changelog lha-1.14i/debian/changelog --- lha-1.14i/debian/changelog +++ lha-1.14i/debian/changelog @@ -1,3 +1,10 @@ +lha (1.14i-10.3) unstable; urgency=medium + + * Non-maintainer upload. + * Fix subsequent open with O_EXCL after mkstemp (Closes: #446236) + + -- Philipp Kern [EMAIL PROTECTED] Sat, 01 Dec 2007 16:32:52 +0100 + lha (1.14i-10.2) unstable; urgency=high * Non-maintainer upload by testing security team. diff -u lha-1.14i/debian/patch.CVE-2007-2030.patch lha-1.14i/debian/patch.CVE-2007-2030.patch --- lha-1.14i/debian/patch.CVE-2007-2030.patch +++ lha-1.14i/debian/patch.CVE-2007-2030.patch @@ -1,6 +1,7 @@ lha-114i/src/lhadd.c -+++ lha-114i/src/lhadd.c -@@ -35,6 +35,8 @@ add_one(fp, nafp, hdr) +diff -Naur lha-1.14i.orig/src/lhadd.c lha-1.14i/src/lhadd.c +--- lha-1.14i.orig/src/lhadd.c 2000-10-04 16:57:38.0 +0200 lha-1.14i/src/lhadd.c 2007-12-01 16:29:29.0 +0100 +@@ -35,6 +35,8 @@ if ((hdr-unix_mode UNIX_FILE_SYMLINK) == UNIX_FILE_SYMLINK) { charbuf[256], *b1, *b2; if (!quiet) { @@ -9,7 +10,16 @@ strcpy(buf, hdr-name); b1 = strtok(buf, |); b2 = strtok(NULL, |); -@@ -211,8 +213,11 @@ find_update_files(oafp) +@@ -108,7 +110,7 @@ + if (symlink) + fp = NULL; + else +- fp = xfopen(name, READ_BINARY); ++ fp = xfopen(name, READ_BINARY, 0); + else { + fp = NULL; + } +@@ -211,8 +213,11 @@ add_sp(sp, hdr.name, strlen(hdr.name) + 1); } else if ((hdr.unix_mode UNIX_FILE_TYPEMASK) == UNIX_FILE_DIRECTORY) { @@ -21,7 +31,7 @@ if (len 0 name[len - 1] == '/') name[--len] = '\0'; /* strip tail '/' */ if (stat(name, stbuf) = 0)/* exist ? */ -@@ -237,17 +242,21 @@ delete(oafp, nafp) +@@ -237,17 +242,21 @@ old_header_pos = ftell(oafp); while (get_header(oafp, ahdr)) { @@ -43,20 +53,42 @@ else { /* copy */ if (noexec) { fseek(oafp, ahdr.packed_size, SEEK_CUR); -@@ -276,7 +285,7 @@ build_temporary_file() +@@ -276,7 +285,7 @@ signal(SIGHUP, interrupt); old_umask = umask(077); - afp = xfopen(temporary_name, WRITE_BINARY); -+ afp = xfopen(temporary_name, ! WRITE_BINARY); ++ afp = xfopen(temporary_name, ! WRITE_BINARY, 1); remove_temporary_at_error = TRUE; temporary_fp = afp; umask(old_umask); lha-114i/src/lharc.c -+++ lha-114i/src/lharc.c -@@ -1005,10 +1005,18 @@ FILE * - xfopen(name, mode) +@@ -319,13 +328,13 @@ + { + FILE *oafp, *nafp; + +- oafp = xfopen(temporary_name, READ_BINARY); ++ oafp = xfopen(temporary_name, READ_BINARY, 1); + if (!strcmp(new_archive_name, -)) { + nafp = stdout; + writting_filename = starndard output; + } + else { +- nafp = xfopen(new_archive_name, WRITE_BINARY); ++ nafp = xfopen(new_archive_name, WRITE_BINARY, 0); + writting_filename = archive_name; + } + reading_filename = temporary_name; +diff -Naur lha-1.14i.orig/src/lharc.c lha-1.14i/src/lharc.c +--- lha-1.14i.orig/src/lharc.c 2007-12-01 16:17:19.0 +0100 lha-1.14i/src/lharc.c 2007-12-01 16:36:24.0 +0100 +@@ -1016,13 +1016,26 @@ + } + + FILE * +-xfopen(name, mode) ++xfopen(name, mode, safe) char *name, *mode; ++ intsafe; { - FILE *fp; + FILE *fp = NULL; @@ -64,7 +96,11 @@ + if (mode[0] == '!') { + int fd; -+ fd = open(name, O_RDWR|O_CREAT|O_EXCL, 0600); ++ int mask = O_RDWR|O_CREAT; ++ if(safe == 0) ++ mask |= O_EXCL; ++ ++ fd = open(name, mask, 0600); + if (fd 0 || (fp = fdopen(fd, mode + 1)) == NULL) + fatal_error(name); + } else { @@ -74,9 +110,10 @@ return fp; } lha-114i/src/lhext.c -+++ lha-114i/src/lhext.c -@@ -360,7 +360,6 @@
Bug#446236: lha doesn't work with recent glibc upgrade in testing
Package: lha Version: 1.14i-10.2 Severity: grave Justification: renders package unusable [EMAIL PROTECTED]:~$ lha c t z LHa: Fatal error: /tmp/lhMEjFue: File exists strace output: [EMAIL PROTECTED]:~$ strace lha c t z execve(/usr/bin/lha, [lha, c, t, z], [/* 18 vars */]) = 0 brk(0) = 0x805e000 uname({sys=Linux, node=fan.ossfans.org, ...}) = 0 access(/etc/ld.so.nohwcap, F_OK) = -1 ENOENT (No such file or directory) mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4001e000 access(/etc/ld.so.preload, R_OK) = -1 ENOENT (No such file or directory) open(/etc/ld.so.cache, O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=27649, ...}) = 0 mmap2(NULL, 27649, PROT_READ, MAP_PRIVATE, 3, 0) = 0x4002 close(3)= 0 access(/etc/ld.so.nohwcap, F_OK) = -1 ENOENT (No such file or directory) open(/lib/libc.so.6, O_RDONLY)= 3 read(3, \177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260a\1..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1335912, ...}) = 0 mmap2(NULL, 1340944, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x40027000 mmap2(0x40169000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x142) = 0x40169000 mmap2(0x4016c000, 9744, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4016c000 close(3)= 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4016f000 set_thread_area({entry_number:-1 - 6, base_addr:0x4016f6b0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 mprotect(0x40169000, 4096, PROT_READ) = 0 munmap(0x4002, 27649) = 0 brk(0) = 0x805e000 brk(0x807f000) = 0x807f000 stat64(t, 0xb104) = -1 ENOENT (No such file or directory) stat64(t.lzh, 0xb104) = -1 ENOENT (No such file or directory) stat64(t.lzs, 0xb104) = -1 ENOENT (No such file or directory) gettimeofday({1192098912, 755011}, NULL) = 0 getpid()= 15631 open(/tmp/lh9Ve6h3, O_RDWR|O_CREAT|O_EXCL, 0600) = 3 rt_sigaction(SIGINT, {0x8049ee0, [INT], SA_RESTORER|SA_RESTART, 0x40051878}, {SIG_DFL}, 8) = 0 rt_sigaction(SIGHUP, {0x8049ee0, [HUP], SA_RESTORER|SA_RESTART, 0x40051878}, {SIG_DFL}, 8) = 0 umask(077) = 02 open(/tmp/lh9Ve6h3, O_RDWR|O_CREAT|O_EXCL, 0600) = -1 EEXIST (File exists) write(2, LHa: Fatal error: , 18LHa: Fatal error: ) = 18 write(2, /tmp/lh9Ve6h3: File exists\n, 27/tmp/lh9Ve6h3: File exists ) = 27 exit_group(1) = ? Process 15631 detached That's due to mkstemp call and O_EXCL in subsequent open of the same file. I workaround this by removing O_EXCL, but I think it is either some problem in glibc or code in lha needs to be reworked. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Versions of packages lha depends on: ii libc6 2.6.1-1+b1 GNU C Library: Shared libraries lha recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]