Репозитории ALT
S: | 2.4.7-alt1 |
5.1: | 1.4.2-alt1.M51.2 |
4.1: | 1.3.10-alt0.M41.4 |
+updates: | 1.3.9-alt1.M41.1 |
4.0: | 1.2.12-alt6.M40.9 |
+updates: | 1.2.12-alt6.M40.8 |
3.0: | 1.1.20-alt14.1 |
Группа :: Система/Серверы
Пакет: cups
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: cups-str1023.patch
Скачать
Скачать
--- cups-1.1.22/systemv/lppasswd.c.str1023 2004-02-25 20:14:54.000000000 +0000
+++ cups-1.1.22/systemv/lppasswd.c 2004-12-17 10:00:27.549475422 +0000
@@ -44,6 +44,11 @@
#include <cups/md5.h>
#include <cups/string.h>
+#ifndef WIN32
+# include <unistd.h>
+# include <signal.h>
+#endif /* !WIN32 */
+
/*
* Operations...
@@ -90,7 +95,27 @@
*oldpass; /* old password */
int flag; /* Password check flags... */
int fd; /* Password file descriptor */
+ int error; /* Write error */
+#if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
+ struct sigaction action; /* Signal action */
+#endif /* HAVE_SIGACTION && !HAVE_SIGSET*/
+
+
+ /*
+ * Check to see if stdin, stdout, and stderr are still open...
+ */
+
+ if (fcntl(0, F_GETFD, &i) ||
+ fcntl(1, F_GETFD, &i) ||
+ fcntl(2, F_GETFD, &i))
+ {
+ /*
+ * No, return exit status 2 and don't try to send any output since
+ * someone is trying to bypass the security on the server.
+ */
+ return (2);
+ }
/*
* Find the server directory...
@@ -253,6 +278,40 @@
}
/*
+ * Ignore SIGHUP, SIGINT, SIGTERM, and SIGXFSZ (if defined) for the
+ * remainder of the time so that we won't end up with bogus password
+ * files...
+ */
+
+#ifndef WIN32
+# if defined(HAVE_SIGSET)
+ sigset(SIGHUP, SIG_IGN);
+ sigset(SIGINT, SIG_IGN);
+ sigset(SIGTERM, SIG_IGN);
+# ifdef SIGXFSZ
+ sigset(SIGXFSZ, SIG_IGN);
+# endif /* SIGXFSZ */
+# elif defined(HAVE_SIGACTION)
+ memset(&action, 0, sizeof(action));
+ action.sa_handler = SIG_IGN;
+
+ sigaction(SIGHUP, &action, NULL);
+ sigaction(SIGINT, &action, NULL);
+ sigaction(SIGTERM, &action, NULL);
+# ifdef SIGXFSZ
+ sigaction(SIGXFSZ, &action, NULL);
+# endif /* SIGXFSZ */
+# else
+ signal(SIGHUP, SIG_IGN);
+ signal(SIGINT, SIG_IGN);
+ signal(SIGTERM, SIG_IGN);
+# ifdef SIGXFSZ
+ signal(SIGXFSZ, SIG_IGN);
+# endif /* SIGXFSZ */
+# endif
+#endif /* !WIN32 */
+
+ /*
* Open the output file.
*/
@@ -275,6 +334,8 @@
return (1);
}
+ setbuf(outfile, NULL);
+
/*
* Open the existing password file and create a new one...
*/
@@ -282,7 +343,7 @@
infile = fopen(passwdmd5, "r");
if (infile == NULL && errno != ENOENT && op != ADD)
{
- fputs("lppasswd: No password file to change or delete from!\n", stderr);
+ perror("lppasswd: Unable to open password file");
fclose(outfile);
@@ -297,6 +358,11 @@
* username:group:MD5-sum
*/
+ error = 0;
+ userline[0] = '\0';
+ groupline[0] = '\0';
+ md5line[0] = '\0';
+
if (infile)
{
while (fgets(line, sizeof(line), infile) != NULL)
@@ -308,60 +374,87 @@
strcmp(groupname, groupline) == 0)
break;
- fputs(line, outfile);
+ if (fputs(line, outfile) == EOF)
+ {
+ perror("lppasswd: Unable to write to password file");
+ error = 1;
+ break;
+ }
}
- while (fgets(line, sizeof(line), infile) != NULL)
- fputs(line, outfile);
- }
- else
- {
- userline[0] = '\0';
- groupline[0] = '\0';
- md5line[0] = '\0';
+ if (!error)
+ {
+ while (fgets(line, sizeof(line), infile) != NULL)
+ if (fputs(line, outfile) == EOF)
+ {
+ perror("lppasswd: Unable to write to password file");
+ error = 1;
+ break;
+ }
+ }
}
if (op == CHANGE &&
- (strcmp(username, userline) != 0 ||
- strcmp(groupname, groupline) != 0))
+ (strcmp(username, userline) || strcmp(groupname, groupline)))
+ {
fprintf(stderr, "lppasswd: user \"%s\" and group \"%s\" do not exist.\n",
username, groupname);
+ error = 1;
+ }
else if (op != DELETE)
{
if (oldpass &&
strcmp(httpMD5(username, "CUPS", oldpass, md5new), md5line) != 0)
{
fputs("lppasswd: Sorry, password doesn't match!\n", stderr);
-
- if (infile)
- fclose(infile);
-
- fclose(outfile);
-
- unlink(passwdnew);
-
- return (1);
+ error = 1;
+ }
+ else
+ {
+ snprintf(line, sizeof(line), "%s:%s:%s\n", username, groupname,
+ httpMD5(username, "CUPS", newpass, md5new));
+ if (fputs(line, outfile) == EOF)
+ {
+ perror("lppasswd: Unable to write to password file");
+ error = 1;
+ }
}
-
- fprintf(outfile, "%s:%s:%s\n", username, groupname,
- httpMD5(username, "CUPS", newpass, md5new));
}
/*
- * Close the files and remove the old password file...
+ * Close the files...
*/
if (infile)
fclose(infile);
- fclose(outfile);
+ if (fclose(outfile) == EOF)
+ error = 1;
+
+ /*
+ * Error out gracefully as needed...
+ */
+
+ if (error)
+ {
+ fputs("lppasswd: Password file not updated!\n", stderr);
+
+ unlink(passwdnew);
+
+ return (1);
+ }
/*
* Save old passwd file
*/
unlink(passwdold);
- link(passwdmd5, passwdold);
+ if (link(passwdmd5, passwdold) && errno != ENOENT)
+ {
+ perror("lppasswd: failed to backup old password file");
+ unlink(passwdnew);
+ return (1);
+ }
/*
* Install new password file
@@ -369,7 +462,7 @@
if (rename(passwdnew, passwdmd5) < 0)
{
- perror("lppasswd: failed to rename passwd file");
+ perror("lppasswd: failed to rename password file");
unlink(passwdnew);
return (1);
}