Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 1 | Upstream-Status: Backport |
| 2 | |
| 3 | http://busybox.net/downloads/fixes-1.24.1/ |
| 4 | https://git.busybox.net/busybox/commit/?id=e111a1640494fe87fc913f94fae3bb805de0fc99 |
| 5 | https://git.busybox.net/busybox/commit/?h=1_24_stable&id=be729c1d3b5c923f10871dd68ea94156d0f8c803 |
| 6 | |
| 7 | Signed-off-by: Andre McCurdy <armccurdy@gmail.com> |
| 8 | |
| 9 | From be729c1d3b5c923f10871dd68ea94156d0f8c803 Mon Sep 17 00:00:00 2001 |
| 10 | From: Ari Sundholm <ari@tuxera.com> |
| 11 | Date: Mon, 4 Jan 2016 15:40:37 +0200 |
| 12 | Subject: [PATCH] truncate: always set mode when opening file to avoid fortify |
| 13 | errors |
| 14 | |
| 15 | Busybox crashes due to no mode being given when opening: |
| 16 | $ ./busybox truncate -s 1M foo |
| 17 | *** invalid open64 call: O_CREAT without mode ***: ./busybox terminated |
| 18 | ======= Backtrace: ========= |
| 19 | /lib/x86_64-linux-gnu/libc.so.6(+0x7338f)[0x7f66d921338f] |
| 20 | /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x5c)[0x7f66d92aac9c] |
| 21 | /lib/x86_64-linux-gnu/libc.so.6(+0xeb6aa)[0x7f66d928b6aa] |
| 22 | ./busybox[0x4899f9] |
| 23 | ======= Memory map: ======== |
| 24 | 00400000-004d0000 r-xp 00000000 00:1a 137559 /home/ari/busybox/busybox |
| 25 | 006cf000-006d0000 r--p 000cf000 00:1a 137559 /home/ari/busybox/busybox |
| 26 | 006d0000-006d1000 rw-p 000d0000 00:1a 137559 /home/ari/busybox/busybox |
| 27 | 006d1000-006d4000 rw-p 00000000 00:00 0 |
| 28 | 014e7000-01508000 rw-p 00000000 00:00 0 [heap] |
| 29 | 7f66d8f8a000-7f66d8fa0000 r-xp 00000000 08:07 1579008 /lib/x86_64-linux-gnu/libgcc_s.so.1 |
| 30 | 7f66d8fa0000-7f66d919f000 ---p 00016000 08:07 1579008 /lib/x86_64-linux-gnu/libgcc_s.so.1 |
| 31 | 7f66d919f000-7f66d91a0000 rw-p 00015000 08:07 1579008 /lib/x86_64-linux-gnu/libgcc_s.so.1 |
| 32 | 7f66d91a0000-7f66d935b000 r-xp 00000000 08:07 1578994 /lib/x86_64-linux-gnu/libc-2.19.so |
| 33 | 7f66d935b000-7f66d955a000 ---p 001bb000 08:07 1578994 /lib/x86_64-linux-gnu/libc-2.19.so |
| 34 | 7f66d955a000-7f66d955e000 r--p 001ba000 08:07 1578994 /lib/x86_64-linux-gnu/libc-2.19.so |
| 35 | 7f66d955e000-7f66d9560000 rw-p 001be000 08:07 1578994 /lib/x86_64-linux-gnu/libc-2.19.so |
| 36 | 7f66d9560000-7f66d9565000 rw-p 00000000 00:00 0 |
| 37 | 7f66d9565000-7f66d966a000 r-xp 00000000 08:07 1579020 /lib/x86_64-linux-gnu/libm-2.19.so |
| 38 | 7f66d966a000-7f66d9869000 ---p 00105000 08:07 1579020 /lib/x86_64-linux-gnu/libm-2.19.so |
| 39 | 7f66d9869000-7f66d986a000 r--p 00104000 08:07 1579020 /lib/x86_64-linux-gnu/libm-2.19.so |
| 40 | 7f66d986a000-7f66d986b000 rw-p 00105000 08:07 1579020 /lib/x86_64-linux-gnu/libm-2.19.so |
| 41 | 7f66d986b000-7f66d988e000 r-xp 00000000 08:07 1578981 /lib/x86_64-linux-gnu/ld-2.19.so |
| 42 | 7f66d9a64000-7f66d9a67000 rw-p 00000000 00:00 0 |
| 43 | 7f66d9a8a000-7f66d9a8d000 rw-p 00000000 00:00 0 |
| 44 | 7f66d9a8d000-7f66d9a8e000 r--p 00022000 08:07 1578981 /lib/x86_64-linux-gnu/ld-2.19.so |
| 45 | 7f66d9a8e000-7f66d9a8f000 rw-p 00023000 08:07 1578981 /lib/x86_64-linux-gnu/ld-2.19.so |
| 46 | 7f66d9a8f000-7f66d9a90000 rw-p 00000000 00:00 0 |
| 47 | 7ffc47761000-7ffc47782000 rw-p 00000000 00:00 0 [stack] |
| 48 | 7ffc477ab000-7ffc477ad000 r-xp 00000000 00:00 0 [vdso] |
| 49 | ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] |
| 50 | Aborted (core dumped) |
| 51 | $ |
| 52 | |
| 53 | Fix this by simply always setting the mode, as it doesn't hurt even |
| 54 | when O_CREAT is not specified. |
| 55 | |
| 56 | This bug is a regression introduced in fc3e40e, as xopen(), which |
| 57 | was originally used, would automatically set the mode. |
| 58 | |
| 59 | Signed-off-by: Ari Sundholm <ari@tuxera.com> |
| 60 | Signed-off-by: Mike Frysinger <vapier@gentoo.org> |
| 61 | (cherry picked from commit e111a1640494fe87fc913f94fae3bb805de0fc99) |
| 62 | --- |
| 63 | coreutils/truncate.c | 2 +- |
| 64 | 1 file changed, 1 insertion(+), 1 deletion(-) |
| 65 | |
| 66 | diff --git a/coreutils/truncate.c b/coreutils/truncate.c |
| 67 | index e5fa656..4c997bf 100644 |
| 68 | --- a/coreutils/truncate.c |
| 69 | +++ b/coreutils/truncate.c |
| 70 | @@ -64,7 +64,7 @@ int truncate_main(int argc UNUSED_PARAM, char **argv) |
| 71 | |
| 72 | argv += optind; |
| 73 | while (*argv) { |
| 74 | - int fd = open(*argv, flags); |
| 75 | + int fd = open(*argv, flags, 0666); |
| 76 | if (fd < 0) { |
| 77 | if (errno != ENOENT || !(opts & OPT_NOCREATE)) { |
| 78 | bb_perror_msg("%s: open", *argv); |
| 79 | -- |
| 80 | 2.6.2 |
| 81 | |