bin/163515: b64encode/uuencode create files with no permissions
Walter C. Pelissero
walter.pelissero at iesy.net
Wed Dec 21 20:30:11 UTC 2011
>Number: 163515
>Category: bin
>Synopsis: b64encode/uuencode create files with no permissions
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Dec 21 20:30:09 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Walter C. Pelissero
>Release: FreeBSD 8.2-STABLE amd64
>Organization:
>Environment:
System: FreeBSD scylla.home.lan 8.2-STABLE FreeBSD 8.2-STABLE #0: Wed Nov 30 12:39:31 CET 2011 root at scylla.home.lan:/usr/obj/usr/src/sys/GA870AUD3 amd64
>Description:
b64encode when called with just one argument (input from
stdin), but specifying an output file with the -o option,
creates the file with mode 000 (that is, none is allowed to do
anything with it). Same behaviour is assumed from uuencode,
being the same executable.
>How-To-Repeat:
b64encode -o file.encoded file < /dev/null
>Fix:
Apply the following patch:
Index: uuencode.c
===================================================================
RCS file: /repos/src/usr.bin/uuencode/uuencode.c,v
retrieving revision 1.18.30.1
diff -c -r1.18.30.1 uuencode.c
*** uuencode.c 3 Aug 2009 08:13:06 -0000 1.18.30.1
--- uuencode.c 21 Dec 2011 19:55:49 -0000
***************
*** 110,118 ****
mode = sb.st_mode & RWX;
++argv;
break;
! case 1:
#define RW (S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)
! mode = RW & ~umask(RW);
break;
case 0:
default:
--- 110,121 ----
mode = sb.st_mode & RWX;
++argv;
break;
! case 1: {
#define RW (S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)
! int om = umask(0);
! mode = RW & ~om;
! umask(om); /* restore the umask */
! }
break;
case 0:
default:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list