[Bug binutils/26945] Unsafe chown+chmod in smart

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewh

From:	nickc at redhat dot com
Subject:	[Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere
Date:	Fri, 27 Nov 2020 15:13:03 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=26945

--- Comment #3 from Nick Clifton <nickc at redhat dot com> ---
Created attachment 13003
  --> https://sourceware.org/bugzilla/attachment.cgi?id=13003&action=edit
Proposed patch

Hi Rich,

  Ok - here is my first attempt at creating a patch.  Please could you give
  it a look over ?

  There is one place where smart_rename() is called without having a previous
  call to make_tempname(): arsup.c:ar_save().  I am not sure if represents a
  possible attack vector, so any advice would be appreciated.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/26945] New: Unsafe chown+chmod in smart_rename, possibly elsewhere, bugdal at aerifal dot cx, 2020/11/25
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, bugdal at aerifal dot cx, 2020/11/25
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, siddhesh at sourceware dot org, 2020/11/26
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, nickc at redhat dot com, 2020/11/26
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, bugdal at aerifal dot cx, 2020/11/26
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, nickc at redhat dot com <=
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, bugdal at aerifal dot cx, 2020/11/27
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, nickc at redhat dot com, 2020/11/30
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, nickc at redhat dot com, 2020/11/30
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, nickc at redhat dot com, 2020/11/30
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, nickc at redhat dot com, 2020/11/30
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, bugdal at aerifal dot cx, 2020/11/30
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, nickc at redhat dot com, 2020/11/30
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, nickc at redhat dot com, 2020/11/30
- [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere, bugdal at aerifal dot cx, 2020/11/30

Prev by Date: [Bug binutils/26865] windres: --preprocessor option won't respect space in file path
Next by Date: [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere
Previous by thread: [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere
Next by thread: [Bug binutils/26945] Unsafe chown+chmod in smart_rename, possibly elsewhere
Index(es):
- Date
- Thread