packages/apr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!42 fix CVE 2023 49582

Browse Source 
From: @pshysimon 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
This commit is contained in:
openeuler-ci-bot 2024-09-25 09:48:02 +00:00 committed by Gitee
commit fc0c29c891
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 72 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apr.spec
View File

@ -2,7 +2,7 @@
Name: apr Name: apr
Version: 1.7.4 Version: 1.7.4
Release: 3 Release: 4
Summary: Apache Portable Runtime. Summary: Apache Portable Runtime.
License: ASL 2.0 and BSD with advertising and ISC and BSD License: ASL 2.0 and BSD with advertising and ISC and BSD
URL: http://apr.apache.org URL: http://apr.apache.org
@ -12,6 +12,7 @@ Source1: apr-wrapper.h
Patch0: apr-1.2.2-libdir.patch Patch0: apr-1.2.2-libdir.patch
Patch1: apr-1.2.7-pkgconf.patch Patch1: apr-1.2.7-pkgconf.patch
Patch2: backport-memory-unix-apr_pools.c-apr_pool_cleanup_register.patch Patch2: backport-memory-unix-apr_pools.c-apr_pool_cleanup_register.patch
Patch3: backport-001-CVE-2023-49582.patch
BuildRequires: gcc autoconf libtool libuuid-devel python3 lksctp-tools-devel BuildRequires: gcc autoconf libtool libuuid-devel python3 lksctp-tools-devel
@ -95,6 +96,9 @@ make check
%doc docs/incomplete_types docs/non_apr_programs %doc docs/incomplete_types docs/non_apr_programs
%changelog %changelog
* Wed Sep 25 2024 caixiaomeng <caixiaomeng2@huawei.com> - 1.7.4-4
- fix CVE-2023-49582
* Tue Aug 13 2024 wangjiang <wangjiang37@h-partners.com> - 1.7.4-3 * Tue Aug 13 2024 wangjiang <wangjiang37@h-partners.com> - 1.7.4-3
- fix segfaults error - fix segfaults error

67
backport-001-CVE-2023-49582.patch Normal file
View File

@ -0,0 +1,67 @@
From 36ea6d5a2bfc480dd8032cc8651e6793552bc2aa Mon Sep 17 00:00:00 2001
From: Eric Covener <covener@apache.org>
Date: Tue, 20 Aug 2024 21:50:42 +0000
Subject: [PATCH] Merge r1920082 from 1.8.x:
use 0600 perms for named shared mem consistently
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/branches/1.7.x@1920083 13f79535-47bb-0310-9956-ffa450edef68
---
shmem/unix/shm.c | 18 +++++++-----------
1 file changed, 7 insertions(+), 11 deletions(-)
diff --git a/shmem/unix/shm.c b/shmem/unix/shm.c
index 096884d99d..ea9b94277b 100644
--- a/shmem/unix/shm.c
+++ b/shmem/unix/shm.c
@@ -287,10 +287,9 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
status = APR_SUCCESS;
#if APR_USE_SHMEM_MMAP_TMP
- /* FIXME: Is APR_OS_DEFAULT sufficient? */
- status = apr_file_open(&file, filename,
- APR_READ | APR_WRITE | APR_CREATE | APR_EXCL,
- APR_OS_DEFAULT, pool);
+ status = apr_file_open(&file, filename,
+ APR_FOPEN_READ | APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_EXCL,
+ APR_FPROT_UREAD | APR_FPROT_UWRITE, pool);
if (status != APR_SUCCESS) {
return status;
}
@@ -319,8 +318,7 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
}
#endif /* APR_USE_SHMEM_MMAP_TMP */
#if APR_USE_SHMEM_MMAP_SHM
- /* FIXME: SysV uses 0600... should we? */
- tmpfd = shm_open(shm_name, O_RDWR | O_CREAT | O_EXCL, 0644);
+ tmpfd = shm_open(shm_name, O_RDWR | O_CREAT | O_EXCL, 0600);
if (tmpfd == -1) {
return errno;
}
@@ -361,10 +359,9 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
#elif APR_USE_SHMEM_SHMGET
new_m->realsize = reqsize;
- /* FIXME: APR_OS_DEFAULT is too permissive, switch to 600 I think. */
- status = apr_file_open(&file, filename,
+ status = apr_file_open(&file, filename,
APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_EXCL,
- APR_OS_DEFAULT, pool);
+ APR_FPROT_UREAD | APR_FPROT_UWRITE, pool);
if (status != APR_SUCCESS) {
return status;
}
@@ -555,8 +552,7 @@ APR_DECLARE(apr_status_t) apr_shm_attach(apr_shm_t **m,
#if APR_USE_SHMEM_MMAP_SHM
const char *shm_name = make_shm_open_safe_name(filename, pool);
- /* FIXME: SysV uses 0600... should we? */
- tmpfd = shm_open(shm_name, O_RDWR, 0644);
+ tmpfd = shm_open(shm_name, O_RDWR, 0600);
if (tmpfd == -1) {
return errno;
}