[pkgsrc/trunk]: pkgsrc/chat/silc-server Security fix:

[salo <salo%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/9198146e2f83
branches:  trunk
changeset: 499200:9198146e2f83
user:      salo <salo%pkgsrc.org@localhost>
date:      Tue Sep 13 22:02:24 2005 +0000

description:
Security fix:

- fix insecure file creation in /tmp, patch from silc cvs

the impact of this issue is very low.  it allows an attacker to overwrite
arbitrary files owned by the user running silcd ("silcd", in pkgsrc) IFF
the owner of the process or root send SIGUSR1 signal to the process to dump
stats.  the only file owned by the "silcd" user is typically the log file
which resides in a directory inaccessible by anyone except the user itself
and root so the potential attacker would need to guess its name.

 http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt

please note that the advisory also incorrectly states that silc-toolkit is
vulnerable too.  the code in question is never compiled in the toolkit so
it's not affected.

Bump PKGREVISION.

diffstat:

 chat/silc-server/Makefile         |   3 ++-
 chat/silc-server/distinfo         |   3 ++-
 chat/silc-server/patches/patch-ac |  30 ++++++++++++++++++++++++++++++
 3 files changed, 34 insertions(+), 2 deletions(-)

diffs (60 lines):

diff -r 87e5f8292436 -r 9198146e2f83 chat/silc-server/Makefile
--- a/chat/silc-server/Makefile Tue Sep 13 21:31:24 2005 +0000
+++ b/chat/silc-server/Makefile Tue Sep 13 22:02:24 2005 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.41 2005/08/23 11:48:47 rillig Exp $
+# $NetBSD: Makefile,v 1.42 2005/09/13 22:02:24 salo Exp $
 #
 
 DISTNAME=              silc-server-1.0
+PKGREVISION=           1
 CATEGORIES=            chat security
 MASTER_SITES=          http://www.silcnet.org/download/server/sources/ \
                        ftp://ftp.silcnet.org/silc/server/sources/ \
diff -r 87e5f8292436 -r 9198146e2f83 chat/silc-server/distinfo
--- a/chat/silc-server/distinfo Tue Sep 13 21:31:24 2005 +0000
+++ b/chat/silc-server/distinfo Tue Sep 13 22:02:24 2005 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.28 2005/06/19 01:22:17 salo Exp $
+$NetBSD: distinfo,v 1.29 2005/09/13 22:02:24 salo Exp $
 
 SHA1 (silc-server-1.0.tar.bz2) = bcf440c89b3266f47e64a8f175ffba117f071899
 RMD160 (silc-server-1.0.tar.bz2) = 0316e72d48ca8b4d092db8765807d97ab659b317
 Size (silc-server-1.0.tar.bz2) = 969309 bytes
 SHA1 (patch-aa) = 3b189047000593b36305f23301987982706355dc
 SHA1 (patch-ab) = 55b3f00076c5b8a443465753ae07b9e812236f18
+SHA1 (patch-ac) = f167cadd94656cac0ad5edba577b2035cfe9b216
diff -r 87e5f8292436 -r 9198146e2f83 chat/silc-server/patches/patch-ac
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/silc-server/patches/patch-ac Tue Sep 13 22:02:24 2005 +0000
@@ -0,0 +1,30 @@
+$NetBSD: patch-ac,v 1.12 2005/09/13 22:02:24 salo Exp $
+
+--- apps/silcd/silcd.c.orig    2005-05-10 15:22:52.000000000 +0200
++++ apps/silcd/silcd.c 2005-09-13 21:06:01.000000000 +0200
+@@ -261,14 +261,22 @@
+ SILC_TASK_CALLBACK(dump_stats)
+ {
+   FILE *fdd;
++  int fild;
+   char filename[256];
+ 
+   memset(filename, 0, sizeof(filename));
+-  snprintf(filename, sizeof(filename) - 1, "/tmp/silcd.%d.stats", getpid());
+-  fdd = fopen(filename, "w+");
+-  if (!fdd)
++  snprintf(filename, sizeof(filename) - 1, "/tmp/silcd.%d.stats-XXXXXX", getpid());
++  fild = mkstemp(filename);
++  if (fild == -1)
+     return;
+ 
++  fdd = fdopen(fild, "w");
++  if (fdd == NULL) {
++    close(fild);
++    unlink(filename);
++    return;
++  }
++
+ #define STAT_OUTPUT(fmt, stat) fprintf(fdd, fmt "\n", (int)stat);
+ 
+   fprintf(fdd, "SILC Server %s Statistics\n\n", silcd->server_name);