From db861516a288065d82f0d9af2bcb59e386f54c9f Mon Sep 17 00:00:00 2001 From: zhuguodong Date: Tue, 15 Sep 2020 15:55:38 +0800 Subject: [PATCH] fix potential file descriptor leak in patch file --- ...ermission-of-syslogd-dot-pid-to-0644.patch | 22 +++++++++++++------ rsyslog.spec | 10 +++++++-- 2 files changed, 23 insertions(+), 9 deletions(-) rename uvp-security-rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch => rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch (66%) diff --git a/uvp-security-rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch b/rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch similarity index 66% rename from uvp-security-rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch rename to rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch index 8f9a5c5..5bbb7b6 100644 --- a/uvp-security-rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch +++ b/rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch @@ -7,11 +7,11 @@ reason: rsyslog-8.24.0, set permission of syslogd dot pid to 0644 Signed-off-by: guoxiaoqi --- - tools/rsyslogd.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) + tools/rsyslogd.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tools/rsyslogd.c b/tools/rsyslogd.c -index ccc114b..1f1328e 100644 +index d2e4833..834fc08 100644 --- a/tools/rsyslogd.c +++ b/tools/rsyslogd.c @@ -28,6 +28,7 @@ @@ -30,15 +30,23 @@ index ccc114b..1f1328e 100644 DEFiRet; const char *tmpPidFile; -@@ -278,7 +280,8 @@ writePidFile(void) +@@ -278,10 +280,15 @@ writePidFile(void) if(tmpPidFile == NULL) tmpPidFile = PidFile; DBGPRINTF("rsyslogd: writing pidfile '%s'.\n", tmpPidFile); - if((fp = fopen((char*) tmpPidFile, "w")) == NULL) { -+ if ( ((fd = open(tmpPidFile, O_WRONLY|O_CREAT|O_CLOEXEC, 0644)) == -1) -+ || ((fp = fdopen(fd, "w")) == NULL) ) { ++ if ( (fd = open(tmpPidFile, O_WRONLY|O_CREAT|O_CLOEXEC, 0644)) == -1) { perror("rsyslogd: error writing pid file (creation stage)\n"); ABORT_FINALIZE(RS_RET_ERR); } ++ if ((fp = fdopen(fd, "w")) == NULL) { ++ close(fd); ++ perror("rsyslogd: error writing pid file (fp binding stage)\n"); ++ ABORT_FINALIZE(RS_RET_ERR); ++ } + if(fprintf(fp, "%d", (int) glblGetOurPid()) < 0) { + LogError(errno, iRet, "rsyslog: error writing pid file"); + } -- -2.19.1 +1.8.3.1 + diff --git a/rsyslog.spec b/rsyslog.spec index 31a709e..eebfd55 100644 --- a/rsyslog.spec +++ b/rsyslog.spec @@ -4,7 +4,7 @@ Name: rsyslog Version: 8.2006.0 -Release: 1 +Release: 2 Summary: The rocket-fast system for log processing License: (GPLv3+ and ASL 2.0) URL: http://www.rsyslog.com/ @@ -20,7 +20,7 @@ Source7: timezone.cron Patch9000: rsyslog-8.24.0-ensure-parent-dir-exists-when-writting-log-file.patch Patch9001: bugfix-rsyslog-7.4.7-imjournal-add-monotonic-timestamp.patch Patch9002: bugfix-rsyslog-7.4.7-add-configuration-to-avoid-memory-leak.patch -Patch9003: uvp-security-rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch +Patch9003: rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch Patch9004: rsyslog-8.37.0-initialize-variables-and-check-return-value.patch BuildRequires: gcc autoconf automake bison dos2unix flex pkgconfig python3-docutils libtool @@ -359,6 +359,12 @@ done %{_mandir}/man1/rscryutil.1.gz %changelog +* Thu Sep 15 2020 Guodong Zhu - 8.2006.0-2 +- Type:NA +- ID:NA +- SUG:restart +- DESC: fix potential file descriptor leak in one backport patch + * Mon Jul 27 2020 shixuantong - 8.2006.0-1 - Type:NA - ID:NA