openkylin
/
apr
mirror of https://gitee.com/openkylin/apr.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

SECURITY UPDATE

This commit is contained in:
liubo0711 2024-10-08 10:29:07 +08:00
parent 259e2d9236
commit 5fc9056cda
2 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
debian/changelog vendored
View File

@ -1,3 +1,12 @@
apr (1.7.2-ok2) nile; urgency=medium
* SECURITY UPDATE: local information disclosure via shared memory
segments - debian/patches/CVE-2023-49582.patch: adjust
permissions on shared memory segments to prevent unauthorized
access in shmem/unix/shm.c - CVE-2023-49582
-- liubo01 <kylin@liubo01-pc> Tue, 08 Oct 2024 10:29:07 +0800
apr (1.7.2-ok1) nile; urgency=medium
* Build for openKylin.

12
shmem/unix/shm.c
View File

@ -287,10 +287,9 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
status = APR_SUCCESS;
#if APR_USE_SHMEM_MMAP_TMP
/* FIXME: Is APR_OS_DEFAULT sufficient? */
status = apr_file_open(&file, filename,
APR_READ | APR_WRITE | APR_CREATE | APR_EXCL,
APR_OS_DEFAULT, pool);
APR_FPROT_UREAD | APR_FPROT_UWRITE, pool);
if (status != APR_SUCCESS) {
return status;
}
@ -319,8 +318,7 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
}
#endif /* APR_USE_SHMEM_MMAP_TMP */
#if APR_USE_SHMEM_MMAP_SHM
/* FIXME: SysV uses 0600... should we? */
tmpfd = shm_open(shm_name, O_RDWR | O_CREAT | O_EXCL, 0644);
tmpfd = shm_open(shm_name, O_RDWR | O_CREAT | O_EXCL, 0600);
if (tmpfd == -1) {
return errno;
}
@ -361,10 +359,9 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
#elif APR_USE_SHMEM_SHMGET
new_m->realsize = reqsize;
/* FIXME: APR_OS_DEFAULT is too permissive, switch to 600 I think. */
status = apr_file_open(&file, filename,
APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_EXCL,
APR_OS_DEFAULT, pool);
APR_FPROT_UREAD | APR_FPROT_UWRITE, pool);
if (status != APR_SUCCESS) {
return status;
}
@ -555,8 +552,7 @@ APR_DECLARE(apr_status_t) apr_shm_attach(apr_shm_t **m,
#if APR_USE_SHMEM_MMAP_SHM
const char *shm_name = make_shm_open_safe_name(filename, pool);
/* FIXME: SysV uses 0600... should we? */
tmpfd = shm_open(shm_name, O_RDWR, 0644);
tmpfd = shm_open(shm_name, O_RDWR, 0600);
if (tmpfd == -1) {
return errno;
}