subject:"X Strike Force SVN commit\: rev 479 \- branches\/4.1.0\/woody\/debian\/patches"

X Strike Force SVN commit: rev 479 - branches/4.1.0/woody/debian/patches

2003-09-03 Thread X Strike Force SVN Admin

Author: branden
Date: 2003-09-03 19:39:56 -0500 (Wed, 03 Sep 2003)
New Revision: 479

Modified:
   branches/4.1.0/woody/debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff
Log:
debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff: didn't remove enough
  code when backporting this patch; I had left in some of the old, bad fix


Modified: 
branches/4.1.0/woody/debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff
===
--- branches/4.1.0/woody/debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff  
2003-09-04 00:23:24 UTC (rev 478)
+++ branches/4.1.0/woody/debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff  
2003-09-04 00:39:56 UTC (rev 479)
@@ -34,8 +34,8 @@
  Next, attach this shared memory segment to your process:
  .Cs
  shminfo.shmaddr = image->data = shmat (shminfo.shmid, 0, 0);
 xc/programs/Xserver/Xext/shm.c~2003-09-02 18:37:00.0 -0500
-+++ xc/programs/Xserver/Xext/shm.c 2003-09-02 18:39:07.0 -0500
+--- xc/programs/Xserver/Xext/shm.c~2003-09-03 19:32:08.0 -0500
 xc/programs/Xserver/Xext/shm.c 2003-09-03 19:37:06.0 -0500
 @@ -33,6 +33,7 @@
  #include 
  #include 
@@ -125,41 +125,46 @@
  
  static int
  ProcShmAttach(client)
-@@ -409,10 +406,8 @@
+@@ -407,12 +404,6 @@
+ struct shmid_ds buf;
+ ShmDescPtr shmdesc;
  REQUEST(xShmAttachReq);
- uid_t ruid;
- gid_t rgid;
+-uid_t ruid;
+-gid_t rgid;
 -#ifdef HAS_SAVED_IDS_AND_SETEUID
- uid_t euid;
- gid_t egid;
+-uid_t euid;
+-gid_t egid;
 -#endif
  
  REQUEST_SIZE_MATCH(xShmAttachReq);
  LEGAL_NEW_RESOURCE(stuff->shmseg, client);
-@@ -438,7 +433,6 @@
+@@ -436,44 +427,25 @@
+   shmdesc = (ShmDescPtr) xalloc(sizeof(ShmDescRec));
+   if (!shmdesc)
return BadAlloc;
-   ruid = getuid();
-   rgid = getgid();
+-  ruid = getuid();
+-  rgid = getgid();
 -#ifdef HAS_SAVED_IDS_AND_SETEUID
-   euid = geteuid();
-   egid = getegid();
- 
-@@ -448,32 +442,31 @@
-   return BadAccess;
-   }
-   }
+-  euid = geteuid();
+-  egid = getegid();
+-
+-  if (euid != ruid || egid != rgid) {
+-  /* Temporarly switch back to real ids */
+-  if (seteuid(ruid) == -1 || setegid(rgid) == -1) {
+-  return BadAccess;
+-  }
+-  }
 -#endif
shmdesc->addr = shmat(stuff->shmid, 0,
  stuff->readOnly ? SHM_RDONLY : 0);
 -#ifdef HAS_SAVED_IDS_AND_SETEUID
-   if (euid != ruid || egid != rgid) {
-   /* Switch back to root privs */
-   if (seteuid(euid) == -1 || setegid(egid) == -1) {
-   return BadAccess;
-   }
+-  if (euid != ruid || egid != rgid) {
+-  /* Switch back to root privs */
+-  if (seteuid(euid) == -1 || setegid(egid) == -1) {
+-  return BadAccess;
+-  }
 -  } 
 -#endif
-+  }
if ((shmdesc->addr == ((char *)-1)) ||
shmctl(stuff->shmid, IPC_STAT, &buf))
{

X Strike Force SVN commit: rev 479 - branches/4.1.0/woody/debian/patches

2003-09-03 Thread X Strike Force SVN Admin

Author: branden
Date: 2003-09-03 19:39:56 -0500 (Wed, 03 Sep 2003)
New Revision: 479

Modified:
   branches/4.1.0/woody/debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff
Log:
debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff: didn't remove enough
  code when backporting this patch; I had left in some of the old, bad fix


Modified: branches/4.1.0/woody/debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff
===
--- branches/4.1.0/woody/debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff  
2003-09-04 00:23:24 UTC (rev 478)
+++ branches/4.1.0/woody/debian/patches/071_SECURITY_improved_MIT-SHM_fix.diff  
2003-09-04 00:39:56 UTC (rev 479)
@@ -34,8 +34,8 @@
  Next, attach this shared memory segment to your process:
  .Cs
  shminfo.shmaddr = image->data = shmat (shminfo.shmid, 0, 0);
 xc/programs/Xserver/Xext/shm.c~2003-09-02 18:37:00.0 -0500
-+++ xc/programs/Xserver/Xext/shm.c 2003-09-02 18:39:07.0 -0500
+--- xc/programs/Xserver/Xext/shm.c~2003-09-03 19:32:08.0 -0500
 xc/programs/Xserver/Xext/shm.c 2003-09-03 19:37:06.0 -0500
 @@ -33,6 +33,7 @@
  #include 
  #include 
@@ -125,41 +125,46 @@
  
  static int
  ProcShmAttach(client)
-@@ -409,10 +406,8 @@
+@@ -407,12 +404,6 @@
+ struct shmid_ds buf;
+ ShmDescPtr shmdesc;
  REQUEST(xShmAttachReq);
- uid_t ruid;
- gid_t rgid;
+-uid_t ruid;
+-gid_t rgid;
 -#ifdef HAS_SAVED_IDS_AND_SETEUID
- uid_t euid;
- gid_t egid;
+-uid_t euid;
+-gid_t egid;
 -#endif
  
  REQUEST_SIZE_MATCH(xShmAttachReq);
  LEGAL_NEW_RESOURCE(stuff->shmseg, client);
-@@ -438,7 +433,6 @@
+@@ -436,44 +427,25 @@
+   shmdesc = (ShmDescPtr) xalloc(sizeof(ShmDescRec));
+   if (!shmdesc)
return BadAlloc;
-   ruid = getuid();
-   rgid = getgid();
+-  ruid = getuid();
+-  rgid = getgid();
 -#ifdef HAS_SAVED_IDS_AND_SETEUID
-   euid = geteuid();
-   egid = getegid();
- 
-@@ -448,32 +442,31 @@
-   return BadAccess;
-   }
-   }
+-  euid = geteuid();
+-  egid = getegid();
+-
+-  if (euid != ruid || egid != rgid) {
+-  /* Temporarly switch back to real ids */
+-  if (seteuid(ruid) == -1 || setegid(rgid) == -1) {
+-  return BadAccess;
+-  }
+-  }
 -#endif
shmdesc->addr = shmat(stuff->shmid, 0,
  stuff->readOnly ? SHM_RDONLY : 0);
 -#ifdef HAS_SAVED_IDS_AND_SETEUID
-   if (euid != ruid || egid != rgid) {
-   /* Switch back to root privs */
-   if (seteuid(euid) == -1 || setegid(egid) == -1) {
-   return BadAccess;
-   }
+-  if (euid != ruid || egid != rgid) {
+-  /* Switch back to root privs */
+-  if (seteuid(euid) == -1 || setegid(egid) == -1) {
+-  return BadAccess;
+-  }
 -  } 
 -#endif
-+  }
if ((shmdesc->addr == ((char *)-1)) ||
shmctl(stuff->shmid, IPC_STAT, &buf))
{


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

X Strike Force SVN commit: rev 479 - branches/4.1.0/woody/debian/patches

X Strike Force SVN commit: rev 479 - branches/4.1.0/woody/debian/patches

2 matches

Site Navigation

Mail list logo

Footer information