net-firewall/firehol/files/firehol-1.273-CVE-2008-4953.patch - platform/external/gentoo/overlays/gentoo - Git at Google

 From 545db8cd292957158bf3fa1c1c370e4be83c6688 Mon Sep 17 00:00:00 2001
 From: Robert Buchholz <rbu@goodpoint.de>
 Date: Tue, 6 Jan 2009 23:26:00 +0100
 Subject: [PATCH] Use mktemp instead of relying that $$-$RANDOM-$RANDOM does not exist.

 References:
 * CVE-2008-4953
 * https://bugs.gentoo.org/246013
 ---
  firehol.sh |   25 +++++++++----------------
  1 files changed, 9 insertions(+), 16 deletions(-)

 diff --git a/firehol.sh b/firehol.sh
 index 6acb497..f5dba16 100755
 --- a/firehol.sh
 +++ b/firehol.sh
 @@ -238,8 +238,15 @@ ${IPTABLES_CMD} -nxvL >/dev/null 2>&1
  # ----------------------------------------------------------------------
  # Directories and files

 -# These files will be created and deleted during our run.
 -FIREHOL_DIR="/tmp/.firehol-tmp-$$-${RANDOM}-${RANDOM}"
 +# Create an empty temporary directory we need for this run.
 +if ! FIREHOL_DIR="`mktemp -d -t .firehol-tmp-XXXXXX`"
 +then
 +            echo >&2
 +            echo >&2
 +            echo >&2 "Cannot create temporary directory."
 +            echo >&2
 +            exit 1
 +fi
  FIREHOL_CHAINS_DIR="${FIREHOL_DIR}/chains"
  FIREHOL_OUTPUT="${FIREHOL_DIR}/firehol-out.sh"
  FIREHOL_SAVED="${FIREHOL_DIR}/firehol-save.sh"
 @@ -329,20 +336,6 @@ then
  	"${CHMOD_CMD}" 700 "${FIREHOL_CONFIG_DIR}/services"
  fi

 -# Remove any old directories that might be there.
 -if [ -d "${FIREHOL_DIR}" ]
 -then
 -	"${RM_CMD}" -rf "${FIREHOL_DIR}"
 -	if [ $? -ne 0 -o -e "${FIREHOL_DIR}" ]
 -	then
 -		echo >&2
 -		echo >&2
 -		echo >&2 "Cannot clean temporary directory '${FIREHOL_DIR}'."
 -		echo >&2
 -		exit 1
 -	fi
 -fi
 -"${MKDIR_CMD}" "${FIREHOL_DIR}"				|| exit 1
  "${MKDIR_CMD}" "${FIREHOL_CHAINS_DIR}"			|| exit 1

  # prepare the file that will hold all modules to be loaded.
 --
 1.6.0.4
	From 545db8cd292957158bf3fa1c1c370e4be83c6688 Mon Sep 17 00:00:00 2001
	From: Robert Buchholz <rbu@goodpoint.de>
	Date: Tue, 6 Jan 2009 23:26:00 +0100
	Subject: [PATCH] Use mktemp instead of relying that $$-$RANDOM-$RANDOM does not exist.

	References:
	* CVE-2008-4953
	* https://bugs.gentoo.org/246013
	---
	firehol.sh \| 25 +++++++++----------------
	1 files changed, 9 insertions(+), 16 deletions(-)

	diff --git a/firehol.sh b/firehol.sh
	index 6acb497..f5dba16 100755
	--- a/firehol.sh
	+++ b/firehol.sh
	@@ -238,8 +238,15 @@ ${IPTABLES_CMD} -nxvL >/dev/null 2>&1
	# ----------------------------------------------------------------------
	# Directories and files

	-# These files will be created and deleted during our run.
	-FIREHOL_DIR="/tmp/.firehol-tmp-$$-${RANDOM}-${RANDOM}"
	+# Create an empty temporary directory we need for this run.
	+if ! FIREHOL_DIR="`mktemp -d -t .firehol-tmp-XXXXXX`"
	+then
	+ echo >&2
	+ echo >&2
	+ echo >&2 "Cannot create temporary directory."
	+ echo >&2
	+ exit 1
	+fi
	FIREHOL_CHAINS_DIR="${FIREHOL_DIR}/chains"
	FIREHOL_OUTPUT="${FIREHOL_DIR}/firehol-out.sh"
	FIREHOL_SAVED="${FIREHOL_DIR}/firehol-save.sh"
	@@ -329,20 +336,6 @@ then
	"${CHMOD_CMD}" 700 "${FIREHOL_CONFIG_DIR}/services"
	fi

	-# Remove any old directories that might be there.
	-if [ -d "${FIREHOL_DIR}" ]
	-then
	- "${RM_CMD}" -rf "${FIREHOL_DIR}"
	- if [ $? -ne 0 -o -e "${FIREHOL_DIR}" ]
	- then
	- echo >&2
	- echo >&2
	- echo >&2 "Cannot clean temporary directory '${FIREHOL_DIR}'."
	- echo >&2
	- exit 1
	- fi
	-fi
	-"${MKDIR_CMD}" "${FIREHOL_DIR}" \|\| exit 1
	"${MKDIR_CMD}" "${FIREHOL_CHAINS_DIR}" \|\| exit 1

	# prepare the file that will hold all modules to be loaded.
	--
	1.6.0.4