summaryrefslogtreecommitdiffstats
path: root/meta-openembedded/meta-oe/recipes-support/vim/files/CVE-2017-17087.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-support/vim/files/CVE-2017-17087.patch')
-rw-r--r--meta-openembedded/meta-oe/recipes-support/vim/files/CVE-2017-17087.patch70
1 files changed, 0 insertions, 70 deletions
diff --git a/meta-openembedded/meta-oe/recipes-support/vim/files/CVE-2017-17087.patch b/meta-openembedded/meta-oe/recipes-support/vim/files/CVE-2017-17087.patch
deleted file mode 100644
index 937b9ba31..000000000
--- a/meta-openembedded/meta-oe/recipes-support/vim/files/CVE-2017-17087.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-From 9c11f80339372b7aa2f43153d574f2b5abb79708 Mon Sep 17 00:00:00 2001
-From: Li Zhou <li.zhou@windriver.com>
-Date: Sun, 17 Dec 2017 23:09:35 -0800
-Subject: [PATCH] vim: patch 8.0.1263: others can read the swap file if a user
- is careless
-
-Problem: Others can read the swap file if a user is careless with his
- primary group.
-Solution: If the group permission allows for reading but the world
- permissions doesn't, make sure the group is right.
-
-Upstream-Status: Backport
-CVE: CVE-2017-17087
-Signed-off-by: Li Zhou <li.zhou@windriver.com>
----
- src/fileio.c | 24 +++++++++++++++++++++++-
- src/version.c | 2 ++
- 2 files changed, 25 insertions(+), 1 deletion(-)
-
-diff --git a/src/fileio.c b/src/fileio.c
-index f54fb8465..2c7740af9 100644
---- a/src/fileio.c
-+++ b/src/fileio.c
-@@ -716,7 +716,29 @@ readfile(
- /* Set swap file protection bits after creating it. */
- if (swap_mode > 0 && curbuf->b_ml.ml_mfp != NULL
- && curbuf->b_ml.ml_mfp->mf_fname != NULL)
-- (void)mch_setperm(curbuf->b_ml.ml_mfp->mf_fname, (long)swap_mode);
-+ {
-+ char_u *swap_fname = curbuf->b_ml.ml_mfp->mf_fname;
-+
-+ /*
-+ * If the group-read bit is set but not the world-read bit, then
-+ * the group must be equal to the group of the original file. If
-+ * we can't make that happen then reset the group-read bit. This
-+ * avoids making the swap file readable to more users when the
-+ * primary group of the user is too permissive.
-+ */
-+ if ((swap_mode & 044) == 040)
-+ {
-+ stat_T swap_st;
-+
-+ if (mch_stat((char *)swap_fname, &swap_st) >= 0
-+ && st.st_gid != swap_st.st_gid
-+ && fchown(curbuf->b_ml.ml_mfp->mf_fd, -1, st.st_gid)
-+ == -1)
-+ swap_mode &= 0600;
-+ }
-+
-+ (void)mch_setperm(swap_fname, (long)swap_mode);
-+ }
- #endif
- }
-
-diff --git a/src/version.c b/src/version.c
-index a5cb078f0..5c0df475f 100644
---- a/src/version.c
-+++ b/src/version.c
-@@ -770,6 +770,8 @@ static char *(features[]) =
- static int included_patches[] =
- { /* Add new patch number below this line */
- /**/
-+ 1263,
-+/**/
- 983,
- /**/
- 982,
---
-2.11.0
-
OpenPOWER on IntegriCloud