Skip to content

Commit 635c9ea

Browse files
committed
close security hole opening semaphore file in /tmp
1 parent b9282c7 commit 635c9ea

File tree

2 files changed

+17
-5
lines changed

2 files changed

+17
-5
lines changed

Diff for: Changes

+5
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,11 @@ Revision history for Capture-Tiny
22

33
{{$NEXT}}
44

5+
Fixed:
6+
7+
- Closed security hole in use of semaphore flag in /tmp;
8+
now opens semaphore the using O_CREAT|O_EXCL
9+
510
0.23 2013-10-20 11:25:34 America/New_York
611

712
Fixed:

Diff for: lib/Capture/Tiny.pm

+12-5
Original file line numberDiff line numberDiff line change
@@ -63,11 +63,18 @@ our $TIMEOUT = 30;
6363
# This is annoying, but seems to be the best that can be done
6464
# as a simple, portable IPC technique
6565
#--------------------------------------------------------------------------#
66-
my @cmd = ($^X, '-C0', '-e', '$SIG{HUP}=sub{exit}; '
67-
. 'if( my $fn=shift ){ open my $fh, qq{>$fn}; print {$fh} $$; close $fh;} '
68-
. 'my $buf; while (sysread(STDIN, $buf, 2048)) { '
69-
. 'syswrite(STDOUT, $buf); syswrite(STDERR, $buf)}'
70-
);
66+
my @cmd = ($^X, '-C0', '-e', <<'HERE');
67+
use Fcntl;
68+
$SIG{HUP}=sub{exit};
69+
if ( my $fn=shift ) {
70+
sysopen(my $fh, qq{$fn}, O_WRONLY|O_CREAT|O_EXCL) or die $!;
71+
print {$fh} $$;
72+
close $fh;
73+
}
74+
my $buf; while (sysread(STDIN, $buf, 2048)) {
75+
syswrite(STDOUT, $buf); syswrite(STDERR, $buf);
76+
}
77+
HERE
7178

7279
#--------------------------------------------------------------------------#
7380
# filehandle manipulation

0 commit comments

Comments
 (0)