flock -> fcntl(F_SETLK).

diff --git a/CHANGES b/CHANGES
index ff87fc871662f79168f53e5b25d7f2697c6297f4..ccd47e0bd51bc6c0535bd7fcd01071cd662406b6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,16 @@
-$Id: CHANGES,v 1.191 2002/07/30 14:12:38 stelian Exp $
+$Id: CHANGES,v 1.192 2002/08/01 10:23:26 stelian Exp $
+
+Changes between versions 0.4b31 and 0.4b32 (released ?????????????)
+===================================================================
+
+1.     Changed dump to use fcntl(F_SETLK) style locking instead
+       of flock() when locking the dumpdates file. With the old 
+       locking scheme, a local user having read rights on the 
+       dumpdates file could be able to do a Denial of Service attack
+       on dump. In order to lock the dumpdates file with the new
+       scheme, the user would need to have write access on the file.
+       Thanks to Richard Johnson <Richard.Johnson3@ey.com> for 
+       reporting the bug (originally a bugtraq post).

 
 Changes between versions 0.4b30 and 0.4b31 (released July 30, 2002)
 ===================================================================
 
 Changes between versions 0.4b30 and 0.4b31 (released July 30, 2002)
 ===================================================================

diff --git a/THANKS b/THANKS
index 0feb5e50377a80f82c418266fac3ca690bc2abf7..bf912f3d0d5e8ecdadbd5cc42c8e2c1eefb01b82 100644 (file)
--- a/THANKS
+++ b/THANKS
@@ -1,4 +1,4 @@
-$Id: THANKS,v 1.64 2002/07/23 12:20:35 stelian Exp $
+$Id: THANKS,v 1.65 2002/08/01 10:23:26 stelian Exp $

 
 Dump and restore were written by the people of the CSRG at the University
 of California, Berkeley.
 
 Dump and restore were written by the people of the CSRG at the University
 of California, Berkeley.


@@ -54,6 +54,7 @@ Jean-Paul van der Jagt        jeanpaul@dutepp0.et.tudelft.nl
 Helmut Jarausch                jarausch@igpm.rwth-aachen.de
 Eric Jergensen         eric@dvns.com
 Jeff Johnson           jbj@redhat.com
 Helmut Jarausch                jarausch@igpm.rwth-aachen.de
 Eric Jergensen         eric@dvns.com
 Jeff Johnson           jbj@redhat.com

+Richard Johnson                Richard.Johnson3@ey.com

 Richard Jones           rich@annexia.org
 Charles Karney         karney@users.sourceforge.net
 Henry Katz             hkatz@hkatz.dialup.access.net
 Richard Jones           rich@annexia.org
 Charles Karney         karney@users.sourceforge.net
 Henry Katz             hkatz@hkatz.dialup.access.net

diff --git a/dump/itime.c b/dump/itime.c
index 204fc58fdeb5f5a22e76f71a621757989f412ffa..aeaaec01f8f9ee8c92ed88d717b398956cc4cdf4 100644 (file)
--- a/dump/itime.c
+++ b/dump/itime.c
@@ -41,7 +41,7 @@
 
 #ifndef lint
 static const char rcsid[] =
 
 #ifndef lint
 static const char rcsid[] =

-       "$Id: itime.c,v 1.22 2002/01/25 15:08:59 stelian Exp $";
+       "$Id: itime.c,v 1.23 2002/08/01 10:23:26 stelian Exp $";

 #endif /* not lint */
 
 #include <config.h>
 #endif /* not lint */
 
 #include <config.h>


@@ -56,6 +56,7 @@ static const char rcsid[] =
 #include <sys/param.h>
 #include <sys/time.h>
 #include <time.h>
 #include <sys/param.h>
 #include <sys/time.h>
 #include <time.h>

+#include <fcntl.h>

 #ifdef __linux__
 #ifdef HAVE_EXT2FS_EXT2_FS_H
 #include <ext2fs/ext2_fs.h>
 #ifdef __linux__
 #ifdef HAVE_EXT2FS_EXT2_FS_H
 #include <ext2fs/ext2_fs.h>


@@ -94,6 +95,7 @@ void
 initdumptimes(int createdumpdates)
 {
        FILE *df;
 initdumptimes(int createdumpdates)
 {
        FILE *df;

+       struct flock lock;

 
        if ((df = fopen(dumpdates, "r")) == NULL) {
                if (errno != ENOENT) {
 
        if ((df = fopen(dumpdates, "r")) == NULL) {
                if (errno != ENOENT) {


@@ -122,7 +124,11 @@ initdumptimes(int createdumpdates)
                        msg("WARNING: no file `%s'\n", dumpdates);
        }
        if (df != NULL) {
                        msg("WARNING: no file `%s'\n", dumpdates);
        }
        if (df != NULL) {

-               (void) flock(fileno(df), LOCK_SH);
+               memset(&lock, 0, sizeof(lock));
+               lock.l_type = F_RDLCK;
+               if (fcntl(fileno(df), F_SETLKW, &lock) < 0)
+                       quit("cannot set read lock on %s: %s\n",
+                               dumpdates, strerror(errno));

                readdumptimes(df);
                (void) fclose(df);
        }
                readdumptimes(df);
                (void) fclose(df);
        }


@@ -200,13 +206,17 @@ putdumptime(void)
        struct dumpdates *dtwalk;
        int i;
        int fd;
        struct dumpdates *dtwalk;
        int i;
        int fd;

+       struct flock lock;

 
        if(uflag == 0)
                return;
        if ((df = fopen(dumpdates, "r+")) == NULL)
                quit("cannot rewrite %s: %s\n", dumpdates, strerror(errno));
        fd = fileno(df);
 
        if(uflag == 0)
                return;
        if ((df = fopen(dumpdates, "r+")) == NULL)
                quit("cannot rewrite %s: %s\n", dumpdates, strerror(errno));
        fd = fileno(df);

-       (void) flock(fd, LOCK_EX);
+       memset(&lock, 0, sizeof(lock));
+       lock.l_type = F_WRLCK;
+       if (fcntl(fd, F_SETLKW, &lock) < 0)
+               quit("cannot set write lock on %s: %s\n", dumpdates, strerror(errno));

        free((char *)ddatev);
        ddatev = 0;
        nddates = 0;
        free((char *)ddatev);
        ddatev = 0;
        nddates = 0;