Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 9 Sep 2016 06:59:01 +0000 (UTC)
From:      Xin LI <delphij@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org
Subject:   svn commit: r305648 - stable/11/usr.sbin/portsnap/portsnap
Message-ID:  <201609090659.u896x1L9047339@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: delphij
Date: Fri Sep  9 06:59:01 2016
New Revision: 305648
URL: https://svnweb.freebsd.org/changeset/base/305648

Log:
  MFC r305469:
  
  Ensure that we always open only files that is named by explicitly
  using shell redirections instead of having gzip(1) to decide what
  file to open.
  
  Issue reported in the "non-cryptanalytic attacks against freebsd
  update components" anonymous gist.
  
  Reviewed by:	allanjude, emaste

Modified:
  stable/11/usr.sbin/portsnap/portsnap/portsnap.sh
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/usr.sbin/portsnap/portsnap/portsnap.sh
==============================================================================
--- stable/11/usr.sbin/portsnap/portsnap/portsnap.sh	Fri Sep  9 06:51:49 2016	(r305647)
+++ stable/11/usr.sbin/portsnap/portsnap/portsnap.sh	Fri Sep  9 06:59:01 2016	(r305648)
@@ -651,7 +651,7 @@ fetch_index_sanity() {
 # Verify a list of files
 fetch_snapshot_verify() {
 	while read F; do
-		if [ "`gunzip -c snap/${F} | ${SHA256} -q`" != ${F} ]; then
+		if [ "`gunzip -c < snap/${F}.gz | ${SHA256} -q`" != ${F} ]; then
 			echo "snapshot corrupt."
 			return 1
 		fi
@@ -686,7 +686,7 @@ fetch_snapshot() {
 	cut -f 2 -d '|' tINDEX.new | fetch_snapshot_verify || return 1
 # Extract the index
 	rm -f INDEX.new
-	gunzip -c snap/`look INDEX tINDEX.new |
+	gunzip -c < snap/`look INDEX tINDEX.new |
 	    cut -f 2 -d '|'`.gz > INDEX.new
 	fetch_index_sanity || return 1
 # Verify the snapshot contents
@@ -782,7 +782,7 @@ fetch_update() {
 
 # Extract the index
 	echo -n "Extracting index... " 1>${QUIETREDIR}
-	gunzip -c files/`look INDEX tINDEX.new |
+	gunzip -c < files/`look INDEX tINDEX.new |
 	    cut -f 2 -d '|'`.gz > INDEX.new
 	fetch_index_sanity || return 1
 
@@ -902,7 +902,7 @@ extract_make_index() {
 		echo -n "$1 not provided by portsnap server; "
 		echo "$2 not being generated."
 	else
-	gunzip -c "${WORKDIR}/files/`look $1 ${WORKDIR}/tINDEX |
+	gunzip -c < "${WORKDIR}/files/`look $1 ${WORKDIR}/tINDEX |
 	    cut -f 2 -d '|'`.gz" |
 	    cat - ${LOCALDESC} |
 	    ${MKINDEX} /dev/stdin > ${PORTSDIR}/$2

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609090659.u896x1L9047339>