From owner-cvs-all Mon Jan 28 8:59:21 2002 Delivered-To: cvs-all@freebsd.org Received: from lion-around.at.yiff.net (lion-around.at.yiff.net [167.206.208.229]) by hub.freebsd.org (Postfix) with ESMTP id C668A37B416; Mon, 28 Jan 2002 08:59:08 -0800 (PST) Received: (from chris@localhost) by lion-around.at.yiff.net (8.11.6/8.11.6) id g0SGwgv74171; Mon, 28 Jan 2002 11:58:42 -0500 (EST) (envelope-from chris@netmonger.net) X-Authentication-Warning: lion-around.at.yiff.net: chris set sender to chris@netmonger.net using -f Date: Mon, 28 Jan 2002 11:58:42 -0500 From: Christopher Masto To: "Jacques A. Vidrine" , cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/contrib/diff sdiff.c Message-ID: <20020128165842.GA608@netmonger.net> References: <200201271643.g0RGham39037@freefall.freebsd.org> <20020128161029.GA699@netmonger.net> <20020128161732.GA39333@madman.nectar.cc> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020128161732.GA39333@madman.nectar.cc> User-Agent: Mutt/1.3.27i Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 28, 2002 at 10:17:32AM -0600, Jacques A. Vidrine wrote: > > > Modified files: > > > contrib/diff sdiff.c > > > Log: > > > = Fix temporary file handling. > > > > Does this affect PR 34128? > > If it does, it's not on purpose. Would you mind trying it out and > reporting if it did `fix' it? I'd be glad to. It will probably be a few weeks though. I have learned the hard way not to do OS upgrades on my machines when I've got major deadlines coming up. Looking at the diff, I doubt that it has any effect, since the behavior of seeking back to the beginning of the existing file hasn't changed. > Even had I noted PR 34128, and even if that PR included patches, it > probably would not have been fixed this close to release. This commit > was a security fix, and was requested by the RE. I understand. I just was suprised to see sdiff temp file handling changed so soon after I had sent a PR on that very area. > Have you reported this bug to the diffutils maintainers (the GNU > folks)? I admit that never occurred to me. I did some Google searches and was suprised not to find anyone else noticed this problem, but then I thought it's a rarely used feature in the first place. My PR is a bit skimpy, but it's not a complicated problem to describe. In looking for the address for the diffutils maintainers, I noticed their latest version is 2.7.7, whereas I seem to have 2.7. I downloaded ftp://alpha.gnu.org/gnu/diffutils/diffutils-2.7.7.tar.gz. I suspect the problem has been fixed already, since their version does: 1087 tmp = ck_fopen (tmpname, "r"); where the FreeBSD version does: 1003 if (fseek (tmp, 0L, SEEK_SET) != 0) 1004 perror_fatal ("fseek"); Virtually every line in sdiff.c has been changed, style or otherwise, between 2.7 and 2.7.7, but I'd guess that replacing the one with the other would acheive a similar effect. I'm not sure if that opens any race condtions or such - I suppose if the file was originally created with restrictive enough permissions, you'd have to delete it to give someone else an opportunity to replace it. Perhaps paranoia requires checking the file again after it's reopened to make sure you still own it. On the other hand, diffutils appear to have been imported in 1997 and never touched until the above commit. Syncing with the FSF version is obviously an alternate approach. While I'm an active FreeBSD user with a background in software development, I am not a FreeBSD developer or committer. It's not up to me how to proceed. Hopefully there's enough detail now that someone better equipped to handle a security-sensitive area can take care of it. -- Christopher Masto CB461C61 8AFC E3A8 7CE5 9023 B35D C26A D849 1F6E CB46 1C61 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message