!184 [sync] PR-180: backport to fix build error when user don't use glibc
From: @openeuler-sync-bot Reviewed-by: @seuzw Signed-off-by: @seuzw
This commit is contained in:
openeuler-ci-bot
Gitee
commit
5c3496837b
@ -0,0 +1,111 @@
|
||||
From 20f9dd6bae50b7223171b17ba7798946e74f877f Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Wed, 25 May 2022 10:09:53 +0200
|
||||
Subject: [PATCH] fopen: add Curl_fopen() for better overwriting of files
|
||||
backport to fix build error when user don't use glibc
|
||||
---
|
||||
CMakeLists.txt | 1 +
|
||||
configure.ac | 1 +
|
||||
lib/curl_config.h.cmake | 3 +++
|
||||
lib/fopen.c | 19 +++++++++++++------
|
||||
lib/fopen.h | 2 ++
|
||||
5 files changed, 20 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
||||
index d8084de..3a64f02 100644
|
||||
--- a/CMakeLists.txt
|
||||
+++ b/CMakeLists.txt
|
||||
@@ -1013,6 +1013,7 @@ elseif(HAVE_LIBSOCKET)
|
||||
set(CMAKE_REQUIRED_LIBRARIES socket)
|
||||
endif()
|
||||
|
||||
+check_symbol_exists(fchmod "${CURL_INCLUDES}" HAVE_FCHMOD)
|
||||
check_symbol_exists(basename "${CURL_INCLUDES}" HAVE_BASENAME)
|
||||
check_symbol_exists(socket "${CURL_INCLUDES}" HAVE_SOCKET)
|
||||
check_symbol_exists(select "${CURL_INCLUDES}" HAVE_SELECT)
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 152b047..245a731 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3320,6 +3320,7 @@ AC_CHECK_DECLS([getpwuid_r], [], [AC_DEFINE(HAVE_DECL_GETPWUID_R_MISSING, 1, "Se
|
||||
|
||||
|
||||
AC_CHECK_FUNCS([fnmatch \
|
||||
+ fchmod \
|
||||
geteuid \
|
||||
getpass_r \
|
||||
getppid \
|
||||
diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
|
||||
index 4ef4883..7bd563b 100644
|
||||
--- a/lib/curl_config.h.cmake
|
||||
+++ b/lib/curl_config.h.cmake
|
||||
@@ -157,6 +157,9 @@
|
||||
/* Define to 1 if you have the <assert.h> header file. */
|
||||
#cmakedefine HAVE_ASSERT_H 1
|
||||
|
||||
+/* Define to 1 if you have the `fchmod' function. */
|
||||
+#cmakedefine HAVE_FCHMOD 1
|
||||
+
|
||||
/* Define to 1 if you have the `basename' function. */
|
||||
#cmakedefine HAVE_BASENAME 1
|
||||
|
||||
diff --git a/lib/fopen.c b/lib/fopen.c
|
||||
index 94b87f5..ad3691b 100644
|
||||
--- a/lib/fopen.c
|
||||
+++ b/lib/fopen.c
|
||||
@@ -18,6 +18,8 @@
|
||||
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
||||
* KIND, either express or implied.
|
||||
*
|
||||
+ * SPDX-License-Identifier: curl
|
||||
+ *
|
||||
***************************************************************************/
|
||||
|
||||
#include "curl_setup.h"
|
||||
@@ -50,7 +52,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
|
||||
CURLcode result = CURLE_WRITE_ERROR;
|
||||
unsigned char randsuffix[9];
|
||||
char *tempstore = NULL;
|
||||
- struct_stat sb, nsb;
|
||||
+ struct_stat sb;
|
||||
int fd = -1;
|
||||
*tempname = NULL;
|
||||
|
||||
@@ -77,12 +79,17 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
|
||||
if(fd == -1)
|
||||
goto fail;
|
||||
|
||||
- if((fstat(fd, &nsb) != -1) &&
|
||||
- (nsb.st_uid == sb.st_uid) && (nsb.st_gid == sb.st_gid)) {
|
||||
- /* if the user and group are the same, clone the original mode */
|
||||
- if(fchmod(fd, sb.st_mode) == -1)
|
||||
- goto fail;
|
||||
+#ifdef HAVE_FCHMOD
|
||||
+ {
|
||||
+ struct_stat nsb;
|
||||
+ if((fstat(fd, &nsb) != -1) &&
|
||||
+ (nsb.st_uid == sb.st_uid) && (nsb.st_gid == sb.st_gid)) {
|
||||
+ /* if the user and group are the same, clone the original mode */
|
||||
+ if(fchmod(fd, sb.st_mode) == -1)
|
||||
+ goto fail;
|
||||
+ }
|
||||
}
|
||||
+#endif
|
||||
|
||||
*fh = fdopen(fd, FOPEN_WRITETEXT);
|
||||
if(!*fh)
|
||||
diff --git a/lib/fopen.h b/lib/fopen.h
|
||||
index 1020f3c..289e55f 100644
|
||||
--- a/lib/fopen.h
|
||||
+++ b/lib/fopen.h
|
||||
@@ -20,6 +20,8 @@
|
||||
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
||||
* KIND, either express or implied.
|
||||
*
|
||||
+ * SPDX-License-Identifier: curl
|
||||
+ *
|
||||
***************************************************************************/
|
||||
|
||||
CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
|
||||
--
|
||||
2.39.1
|
||||
@ -6,7 +6,7 @@
|
||||
|
||||
Name: curl
|
||||
Version: 7.79.1
|
||||
Release: 15
|
||||
Release: 16
|
||||
Summary: Curl is used in command lines or scripts to transfer data
|
||||
License: MIT
|
||||
URL: https://curl.haxx.se/
|
||||
@ -47,6 +47,7 @@ Patch32: backport-CVE-2023-27538.patch
|
||||
Patch33: backport-CVE-2023-27535-pre1.patch
|
||||
Patch34: backport-CVE-2023-27536.patch
|
||||
Patch35: backport-CVE-2023-27535.patch
|
||||
Patch36: backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch
|
||||
|
||||
BuildRequires: automake brotli-devel coreutils gcc groff krb5-devel
|
||||
BuildRequires: libidn2-devel libnghttp2-devel libpsl-devel
|
||||
@ -221,6 +222,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
|
||||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Wed Apr 19 2023 gaihuiying <eaglegai@163.com> - 7.79.1-16
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
- SUG:NA
|
||||
- DESC:backport to fix build error when user don't use glibc
|
||||
|
||||
* Wed Mar 22 2023 xingwei <xingwei14@h-partners.com> - 7.79.1-15
|
||||
- Type:cves
|
||||
- CVE:CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user