[Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9

gnash-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-

From:	Gabriele Giacone
Subject:	[Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1277-g8fc19a8
Date:	Tue, 06 Dec 2011 00:03:49 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Gnash".

The branch, master has been updated
       via  8fc19a890ee787d26200dc1b8b5546e3bb15ac7b (commit)
      from  00bb2eeef7a8ac968f17a2cd4a7fdc17bbe8c4d6 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit//commit/?id=8fc19a890ee787d26200dc1b8b5546e3bb15ac7b


commit 8fc19a890ee787d26200dc1b8b5546e3bb15ac7b
Author: Gabriele Giacone <address@hidden>
Date:   Thu Dec 1 01:59:15 2011 +0100

    CVE-2011-4328 fix. mkstemps and boost::iostreams. See bug #34903

diff --git a/macros/boost.m4 b/macros/boost.m4
index 7c7bb4a..c672870 100644
--- a/macros/boost.m4
+++ b/macros/boost.m4
@@ -34,10 +34,10 @@ AC_DEFUN([GNASH_PATH_BOOST],
   libname=""
   dnl this is a list of *required* headers. If any of these are missing, this
   dnl test will return a failure, and Gnash won't build.
-  boost_headers="detail/lightweight_mutex.hpp thread/thread.hpp 
multi_index_container.hpp multi_index/key_extractors.hpp thread/mutex.hpp 
program_options/options_description.hpp"
+  boost_headers="detail/lightweight_mutex.hpp thread/thread.hpp 
multi_index_container.hpp multi_index/key_extractors.hpp thread/mutex.hpp 
program_options/options_description.hpp boost/iostreams/stream.hpp"
   dnl this is a list of *required* libraries. If any of these are missing, this
   dnl test will return a failure, and Gnash won't build.
-  boost_libs="thread program_options"
+  boost_libs="thread program_options iostreams"
 
   dnl this is a list of *recommended* libraries. If any of these are missing, 
this
   dnl test will return a warning, and Gnash will build, but testing won't work.
diff --git a/plugin/npapi/Makefile.am b/plugin/npapi/Makefile.am
index 58566d9..cd2a92b 100644
--- a/plugin/npapi/Makefile.am
+++ b/plugin/npapi/Makefile.am
@@ -78,6 +78,7 @@ libgnashplugin_la_SOURCES  = plugin.cpp \
 
 libgnashplugin_la_LIBADD   = \
        $(GLIB_LIBS) \
+       -lboost_iostreams \
        $(NULL)
 
 # Scriptable plugin support
diff --git a/plugin/npapi/plugin.cpp b/plugin/npapi/plugin.cpp
index 55bafc3..edcecfe 100644
--- a/plugin/npapi/plugin.cpp
+++ b/plugin/npapi/plugin.cpp
@@ -25,6 +25,8 @@
 #include <boost/scoped_array.hpp>
 #include <boost/algorithm/string/replace.hpp>
 #include <boost/algorithm/string/find.hpp>
+#include <boost/iostreams/device/file_descriptor.hpp>
+#include <boost/iostreams/stream.hpp>
 #include <cassert>
 #include <string>
 #include <cstdlib> // getenv
@@ -150,6 +152,17 @@ getPluginDescription()
     return desc;
 }
 
+boost::iostreams::file_descriptor_sink getfdsink(char mkstemplate[]);
+
+boost::iostreams::file_descriptor_sink
+getfdsink(char mksTemplate[])
+{
+  int suffix = std::string(mksTemplate).size() - 
std::string(mksTemplate).find("XXXXXX") - 6;
+  int fd = mkstemps (mksTemplate, suffix);
+  boost::iostreams::file_descriptor_sink fdsink(fd, 
boost::iostreams::close_handle);
+  return fdsink;
+}
+
 //
 // general initialization and shutdown
 //
@@ -965,22 +978,23 @@ create_standalone_launcher(const std::string& page_url, 
const std::string& swf_u
         return;
     }
 
-    std::ofstream saLauncher;
-
-    std::stringstream ss;
-    static int debugno = 0;
-    debugno = (debugno + 1) % 10;
-    ss << "/tmp/gnash-debug-" << debugno << ".sh";
-    saLauncher.open(ss.str().c_str(), std::ios::out | std::ios::trunc);
+    char debugname[] = "/tmp/gnash-debug-XXXXXX.sh";
+    boost::iostreams::file_descriptor_sink fdsink = getfdsink(debugname);
+    if (fdsink.handle() == -1) {
+        gnash::log_error("Failed to create sink: %s", debugname);
+        return;
+    }
+    boost::iostreams::stream<boost::iostreams::file_descriptor_sink>
+        saLauncher (fdsink);
 
     if (!saLauncher) {
-        gnash::log_error("Failed to open new file for standalone launcher: " + 
ss.str());
+        gnash::log_error("Failed to open new file for standalone launcher: 
%s", debugname);
         return;
     }
 
     saLauncher << "#!/bin/sh" << std::endl
                << "export GNASH_COOKIES_IN="
-               << "/tmp/gnash-cookies." << getpid() << std::endl
+               << std::getenv("GNASH_COOKIES_IN") << std::endl
                << getGnashExecutable() << " ";
 
     if (!page_url.empty()) {
@@ -1003,6 +1017,7 @@ create_standalone_launcher(const std::string& page_url, 
const std::string& swf_u
                << std::endl;
 
     saLauncher.close();
+    fdsink.close();
 #endif
 }
 
@@ -1102,12 +1117,14 @@ nsPluginInstance::setupCookies(const std::string& 
pageurl)
     }
 
     gnash::log_debug("The Cookie for %s is %s", url, ncookie);
-    std::ofstream cookiefile;
-    std::stringstream ss;
-    ss << "/tmp/gnash-cookies." << getpid();
-
-    cookiefile.open(ss.str().c_str(), std::ios::out | std::ios::trunc);
-    chmod (ss.str().c_str(), 0600);
+    char cookiename[] = "/tmp/gnash-cookies.XXXXXX";
+    boost::iostreams::file_descriptor_sink fdsink = getfdsink(cookiename);
+    if (fdsink.handle() == -1) {
+        gnash::log_error("Failed to create sink: %s", cookiename);
+        return;
+    }
+    boost::iostreams::stream<boost::iostreams::file_descriptor_sink>
+        cookiefile (fdsink);
 
     // Firefox provides cookies in the following format:
     //
@@ -1127,8 +1144,9 @@ nsPluginInstance::setupCookies(const std::string& pageurl)
     }
  
     cookiefile.close();
+    fdsink.close();
   
-    if (setenv("GNASH_COOKIES_IN", ss.str().c_str(), 1) < 0) {
+    if (setenv("GNASH_COOKIES_IN", cookiename, 1) < 0) {
         gnash::log_error(
             "Couldn't set environment variable GNASH_COOKIES_IN to %s",
             ncookie);

-----------------------------------------------------------------------

Summary of changes:
 macros/boost.m4          |    4 +-
 plugin/npapi/Makefile.am |    1 +
 plugin/npapi/plugin.cpp  |   50 +++++++++++++++++++++++++++++++--------------
 3 files changed, 37 insertions(+), 18 deletions(-)


hooks/post-receive
-- 
Gnash

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnash-commit] [SCM] Gnash branch, master, updated. release_0_8_9_final-1277-g8fc19a8, Gabriele Giacone <=

Prev by Date: [Gnash-commit] [bug #34996] [REGRESSION] SWF8 video player doesn't start
Next by Date: [Gnash-commit] buildbot failure in Gnash on lenny-linux-x86
Previous by thread: [Gnash-commit] [bug #34996] SWF8 video player doesn't start
Next by thread: [Gnash-commit] buildbot failure in Gnash on maverick-linux-i386
Index(es):
- Date
- Thread