• R/O
  • HTTP
  • SSH
  • HTTPS

linux-2.4.36: コミット

2.4.36-stable kernel tree


コミットメタ情報

リビジョンead60d38671fb5a0aa5e4f04dbc61736f2d9461f (tree)
日時2008-10-20 06:07:14
作者Eugene Teo <eteo@redh...>
コミッターWilly Tarreau

ログメッセージ

Remove suid/sgid bits on truncate() (CVE-2008-4210)

Hi Willy,

I noticed that CVE-2008-4210 is missing from the linux-2.4.git tree.

Don (cc'ed) proposed this:

Cc: Don Howard <dhoward@redhat.com>
Test-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Willy Tarreau <w@1wt.eu>

変更サマリ

差分

--- a/fs/open.c
+++ b/fs/open.c
@@ -109,6 +109,8 @@ int do_truncate(struct dentry *dentry, loff_t length)
109109 down(&inode->i_sem);
110110 newattrs.ia_size = length;
111111 newattrs.ia_valid = ATTR_SIZE | ATTR_CTIME;
112+ /* Remove suid/sgid on truncate too */
113+ remove_suid(inode);
112114 error = notify_change(dentry, &newattrs);
113115 up(&inode->i_sem);
114116 up_write(&inode->i_alloc_sem);
旧リポジトリブラウザで表示