fa1950198b
Move the default dump location to /var/spool/abrt from /var/tmp/abrt and Use root for owner of all dump directories Fixes for CVE-2015-3315, CVE-2015-3142, CVE-2015-1869, CVE-2015-1870 Fixes for CVE-2015-3147, CVE-2015-3151, CVE-2015-3150, CVE-2015-3159 Resolves: #1179752 Signed-off-by: Matej Habrnal <mhabrnal@redhat.com>
54 lines
1.5 KiB
Diff
54 lines
1.5 KiB
Diff
From 8ff7f7f65cf871b889c3a9a53cd1a432c63d2180 Mon Sep 17 00:00:00 2001
|
|
From: Jakub Filak <jfilak@redhat.com>
|
|
Date: Thu, 23 Apr 2015 13:12:01 +0200
|
|
Subject: [PATCH] daemon: use libreport's function checking file name
|
|
|
|
Move the functions to libreport because we need the same functionality
|
|
there too.
|
|
|
|
Related: #1214451
|
|
|
|
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
|
---
|
|
src/daemon/abrt-server.c | 18 +-----------------
|
|
1 file changed, 1 insertion(+), 17 deletions(-)
|
|
|
|
diff --git a/src/daemon/abrt-server.c b/src/daemon/abrt-server.c
|
|
index 9951468..287c510 100644
|
|
--- a/src/daemon/abrt-server.c
|
|
+++ b/src/daemon/abrt-server.c
|
|
@@ -445,22 +445,6 @@ static int create_problem_dir(GHashTable *problem_info, unsigned pid)
|
|
exit(0);
|
|
}
|
|
|
|
-/* Checks if a string contains only printable characters. */
|
|
-static gboolean printable_str(const char *str)
|
|
-{
|
|
- do {
|
|
- if ((unsigned char)(*str) < ' ' || *str == 0x7f)
|
|
- return FALSE;
|
|
- str++;
|
|
- } while (*str);
|
|
- return TRUE;
|
|
-}
|
|
-
|
|
-static gboolean is_correct_filename(const char *value)
|
|
-{
|
|
- return printable_str(value) && !strchr(value, '/') && !strchr(value, '.');
|
|
-}
|
|
-
|
|
static gboolean key_value_ok(gchar *key, gchar *value)
|
|
{
|
|
char *i;
|
|
@@ -479,7 +463,7 @@ static gboolean key_value_ok(gchar *key, gchar *value)
|
|
|| strcmp(key, FILENAME_TYPE) == 0
|
|
)
|
|
{
|
|
- if (!is_correct_filename(value))
|
|
+ if (!str_is_correct_filename(value))
|
|
{
|
|
error_msg("Value of '%s' ('%s') is not a valid directory name",
|
|
key, value);
|
|
--
|
|
2.1.0
|
|
|