flock -> fcntl(F_SETLK).

diff --git a/CHANGES b/CHANGES
index ff87fc871662f79168f53e5b25d7f2697c6297f4..ccd47e0bd51bc6c0535bd7fcd01071cd662406b6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,16 @@
-$Id: CHANGES,v 1.191 2002/07/30 14:12:38 stelian Exp $
+$Id: CHANGES,v 1.192 2002/08/01 10:23:26 stelian Exp $
+
+Changes between versions 0.4b31 and 0.4b32 (released ?????????????)
+===================================================================
+
+1.     Changed dump to use fcntl(F_SETLK) style locking instead
+       of flock() when locking the dumpdates file. With the old 
+       locking scheme, a local user having read rights on the 
+       dumpdates file could be able to do a Denial of Service attack
+       on dump. In order to lock the dumpdates file with the new
+       scheme, the user would need to have write access on the file.
+       Thanks to Richard Johnson <Richard.Johnson3@ey.com> for 
+       reporting the bug (originally a bugtraq post).
 
 Changes between versions 0.4b30 and 0.4b31 (released July 30, 2002)
 ===================================================================

diff --git a/THANKS b/THANKS
index 0feb5e50377a80f82c418266fac3ca690bc2abf7..bf912f3d0d5e8ecdadbd5cc42c8e2c1eefb01b82 100644 (file)
--- a/THANKS
+++ b/THANKS
@@ -1,4 +1,4 @@
-$Id: THANKS,v 1.64 2002/07/23 12:20:35 stelian Exp $
+$Id: THANKS,v 1.65 2002/08/01 10:23:26 stelian Exp $
 
 Dump and restore were written by the people of the CSRG at the University
 of California, Berkeley.
@@ -54,6 +54,7 @@ Jean-Paul van der Jagt        jeanpaul@dutepp0.et.tudelft.nl
 Helmut Jarausch                jarausch@igpm.rwth-aachen.de
 Eric Jergensen         eric@dvns.com
 Jeff Johnson           jbj@redhat.com
+Richard Johnson                Richard.Johnson3@ey.com
 Richard Jones           rich@annexia.org
 Charles Karney         karney@users.sourceforge.net
 Henry Katz             hkatz@hkatz.dialup.access.net

diff --git a/dump/itime.c b/dump/itime.c
index 204fc58fdeb5f5a22e76f71a621757989f412ffa..aeaaec01f8f9ee8c92ed88d717b398956cc4cdf4 100644 (file)
--- a/dump/itime.c
+++ b/dump/itime.c
@@ -41,7 +41,7 @@
 
 #ifndef lint
 static const char rcsid[] =
-       "$Id: itime.c,v 1.22 2002/01/25 15:08:59 stelian Exp $";
+       "$Id: itime.c,v 1.23 2002/08/01 10:23:26 stelian Exp $";
 #endif /* not lint */
 
 #include <config.h>
@@ -56,6 +56,7 @@ static const char rcsid[] =
 #include <sys/param.h>
 #include <sys/time.h>
 #include <time.h>
+#include <fcntl.h>
 #ifdef __linux__
 #ifdef HAVE_EXT2FS_EXT2_FS_H
 #include <ext2fs/ext2_fs.h>
@@ -94,6 +95,7 @@ void
 initdumptimes(int createdumpdates)
 {
        FILE *df;
+       struct flock lock;
 
        if ((df = fopen(dumpdates, "r")) == NULL) {
                if (errno != ENOENT) {
@@ -122,7 +124,11 @@ initdumptimes(int createdumpdates)
                        msg("WARNING: no file `%s'\n", dumpdates);
        }
        if (df != NULL) {
-               (void) flock(fileno(df), LOCK_SH);
+               memset(&lock, 0, sizeof(lock));
+               lock.l_type = F_RDLCK;
+               if (fcntl(fileno(df), F_SETLKW, &lock) < 0)
+                       quit("cannot set read lock on %s: %s\n",
+                               dumpdates, strerror(errno));
                readdumptimes(df);
                (void) fclose(df);
        }
@@ -200,13 +206,17 @@ putdumptime(void)
        struct dumpdates *dtwalk;
        int i;
        int fd;
+       struct flock lock;
 
        if(uflag == 0)
                return;
        if ((df = fopen(dumpdates, "r+")) == NULL)
                quit("cannot rewrite %s: %s\n", dumpdates, strerror(errno));
        fd = fileno(df);
-       (void) flock(fd, LOCK_EX);
+       memset(&lock, 0, sizeof(lock));
+       lock.l_type = F_WRLCK;
+       if (fcntl(fd, F_SETLKW, &lock) < 0)
+               quit("cannot set write lock on %s: %s\n", dumpdates, strerror(errno));
        free((char *)ddatev);
        ddatev = 0;
        nddates = 0;