#! /bin/sh /usr/share/dpatch/dpatch-run ## 009-iowinttypid.dpatch by Joey Schulze ## ## All lines beginning with `## DP:' are a description of the patch. ## DP: Move Unix socket into home directory to prevent symlink attacks @DPATCH@ diff -urNad xxgdb-1.12~/calldbx.c xxgdb-1.12/calldbx.c --- xxgdb-1.12~/calldbx.c 2008-05-16 17:50:07.000000000 +0200 +++ xxgdb-1.12/calldbx.c 2008-05-16 17:50:07.000000000 +0200 @@ -232,7 +232,12 @@ void create_io_window () { - int pid = fork(); + char sockname[FILENAME_MAX]; + int pid; + + snprintf(sockname, sizeof(sockname), "%s/%s", getenv("HOME"), "iowindowtty"); + + pid = fork(); if (pid == -1) { printf("unable to fork\n"); @@ -245,12 +250,12 @@ sock = socket(AF_UNIX, SOCK_DGRAM, 0); name.sun_family = AF_UNIX; - strcpy(name.sun_path, "/tmp/iowindowtty"); + strcpy(name.sun_path, sockname); bind(sock, (struct sockaddr*)&name, sizeof(struct sockaddr_un)); read(sock, ttypid, 40); sscanf(ttypid, "%[a-z/0-9],%d", iowintty, &iowinpid); close(sock); - unlink("/tmp/iowindowtty"); + unlink(sockname); } else { @@ -259,7 +264,7 @@ if (execlp("x-terminal-emulator", "x-terminal-emulator", "-e", XXGDBIOWIN, NULL)) { printf("exec of 'x-terminal-emulator -e %s' failed\n", XXGDBIOWIN); - unlink("/tmp/iowindowtty"); + unlink(sockname); } } } diff -urNad xxgdb-1.12~/xxgdbiowin.c xxgdb-1.12/xxgdbiowin.c --- xxgdb-1.12~/xxgdbiowin.c 2008-05-16 17:50:07.000000000 +0200 +++ xxgdb-1.12/xxgdbiowin.c 2008-05-16 17:50:07.000000000 +0200 @@ -24,6 +24,8 @@ int sock; struct sockaddr_un name; char ttypid[40]; + char sockname[FILENAME_MAX]; + #if 0 /* for debug only */ { char *myname; @@ -43,7 +45,8 @@ #endif sock = socket(AF_UNIX, SOCK_DGRAM, 0); name.sun_family = AF_UNIX; - strcpy(name.sun_path, "/tmp/iowindowtty"); + snprintf(sockname, sizeof(sockname), "%s/%s", getenv("HOME"), "iowindowtty"); + strcpy(name.sun_path, sockname); sendto(sock, ttypid, 40, 0, (struct sockaddr*)&name, sizeof(struct sockaddr_un)); close(sock);