[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: KDE/kdebase/workspace/kdm/backend
From: Oswald Buddenhagen <ossi () kde ! org>
Date: 2010-02-28 20:37:07
Message-ID: 1267389427.735981.31243.nullmailer () svn ! kde ! org
[Download RAW message or body]
SVN commit 1097263 by ossi:
even more random temp file names
this makes temp file names yet more resilient against local DoS - not
that it would be a particularly useful attack vector ...
M +21 -29 auth.c
M +1 -0 dm.h
M +15 -0 util.c
--- trunk/KDE/kdebase/workspace/kdm/backend/auth.c #1097262:1097263
@@ -319,15 +319,29 @@
}
+static FILE *
+mkTempFile( char *nambuf, int namelen )
+{
+ FILE *f;
+ int r;
+
+ for (r = 0; r < 100; r++) {
+ randomStr( nambuf + namelen );
+ if ((f = fdOpenW( open( nambuf, O_WRONLY | O_CREAT | O_EXCL, 0600 ) )))
+ return f;
+ if (errno != EEXIST)
+ break;
+ }
+ return 0;
+}
+
#define NAMELEN 255
static FILE *
makeServerAuthFile( struct display *d )
{
FILE *f;
-#ifndef HAVE_MKSTEMP
- int r;
-#endif
+ int i;
char cleanname[NAMELEN], nambuf[NAMELEN+128];
/*
@@ -339,22 +353,11 @@
if (mkdir( authDir, 0755 ) < 0 && errno != EEXIST)
return 0;
cleanUpFileName( d->name, cleanname, NAMELEN - 8 );
-#ifdef HAVE_MKSTEMP
- sprintf( nambuf, "%s/A%s-XXXXXX", authDir, cleanname );
- if ((f = fdOpenW( mkstemp( nambuf ) ))) {
+ i = sprintf( nambuf, "%s/A%s-", authDir, cleanname );
+ if ((f = mkTempFile( nambuf, i ))) {
strDup( &d->authFile, nambuf );
return f;
}
-#else
- for (r = 0; r < 100; r++) {
- sprintf( nambuf, "%s/A%s-XXXXXX", authDir, cleanname );
- (void)mktemp( nambuf );
- if ((f = fdOpenW( open( nambuf, O_WRONLY | O_CREAT | O_EXCL, 0600 ) ))) {
- strDup( &d->authFile, nambuf );
- return f;
- }
- }
-#endif
return 0;
}
@@ -1203,19 +1206,8 @@
* temporary - we can assume that we are the only ones
* knowing about this file anyway.
*/
-#ifdef HAVE_MKSTEMP
- sprintf( name_buf, "%s/.XauthXXXXXX", d->userAuthDir );
- new = fdOpenW( mkstemp( name_buf ) );
-#else
- for (i = 0; i < 100; i++) {
- sprintf( name_buf, "%s/.XauthXXXXXX", d->userAuthDir );
- (void)mktemp( name_buf );
- if ((new =
- fdOpenW( open( name_buf, O_WRONLY | O_CREAT | O_EXCL,
- 0600 ) )))
- break;
- }
-#endif
+ i = sprintf( name_buf, "%s/.Xauth", d->userAuthDir );
+ new = mkTempFile( name_buf, i );
if (!new) {
logError( "Cannot create authorization file in %s: %m\n",
d->userAuthDir );
--- trunk/KDE/kdebase/workspace/kdm/backend/dm.h #1097262:1097263
@@ -560,6 +560,7 @@
int writer( int fd, const void *buf, int len );
int fGets( char *buf, int max, FILE *f );
time_t mTime( const char *fn );
+void randomStr( char *s );
int hexToBinary( char *out, const char *in );
void listSessions( int flags, struct display *d, void *ctx,
void (*emitXSess)( struct display *, struct display *, void * ),
--- trunk/KDE/kdebase/workspace/kdm/backend/util.c #1097262:1097263
@@ -35,6 +35,7 @@
*/
#include "dm.h"
+#include "dm_auth.h"
#include "dm_error.h"
#include <string.h>
@@ -570,6 +571,20 @@
return st.st_mtime;
}
+void
+randomStr( char *s )
+{
+ static const char letters[] =
+ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+ unsigned i, rn = secureRandom();
+
+ for (i = 0; i < 6; i++) {
+ *s++ = letters[rn % 62];
+ rn /= 62;
+ }
+ *s = 0;
+}
+
static int
strNChrCnt( const char *s, int slen, char c )
{
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic