rpms/hal/devel hal-fix-mount-options.patch, NONE, 1.1 hal.spec, 1.73, 1.74

Tue Jan 10 00:32:55 UTC 2006

Author: johnp

Update of /cvs/dist/rpms/hal/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv17719

Modified Files:
	hal.spec 
Added Files:
	hal-fix-mount-options.patch 
Log Message:
- Add patch to escape mount options


hal-fix-mount-options.patch:
 hal-system-storage-mount |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

--- NEW FILE hal-fix-mount-options.patch ---
Index: tools/hal-system-storage-mount
===================================================================
RCS file: /cvs/hal/hal/tools/hal-system-storage-mount,v
retrieving revision 1.9
diff -u -r1.9 hal-system-storage-mount
--- tools/hal-system-storage-mount	8 Jan 2006 22:27:03 -0000	1.9
+++ tools/hal-system-storage-mount	10 Jan 2006 00:12:50 -0000
@@ -106,10 +106,10 @@
 			fi
 		    fi
 		    		    
-		    # make sure the part after the '=' don't contain any commas otherwise an attacker may
-		    # pass e.g. umask=0600,suid,dev and this will get merged into $MOUNTOPTIONS - just replace
-		    # ',' with '_'
-		    MODIFIED_OPTION=${OPTION//,/_}
+		    # Only allow ^a-zA-Z0-9_= in the string because otherwise an attacker may
+		    # pass e.g. umask=0600,suid,dev or umask=`/bin/evil` and this will get merged
+		    # into $MOUNTOPTIONS - Simply replace illegal characters with an underscore
+		    MODIFIED_OPTION=${OPTION//[^a-zA-Z0-9_=]/_}
 		    MOUNTOPTIONS="$MOUNTOPTIONS,$MODIFIED_OPTION"
 		    OPTION_WAS_OK="1"
 		fi


Index: hal.spec
===================================================================
RCS file: /cvs/dist/rpms/hal/devel/hal.spec,v
retrieving revision 1.73
retrieving revision 1.74
diff -u -r1.73 -r1.74
--- hal.spec	9 Jan 2006 16:59:13 -0000	1.73
+++ hal.spec	10 Jan 2006 00:32:49 -0000	1.74
@@ -18,10 +18,11 @@
 Summary: Hardware Abstraction Layer
 Name: hal
 Version: 0.5.5.1.cvs20060109
-Release: 1 
+Release: 2 
 URL: http://www.freedesktop.org/Software/hal
 Source0: %{name}-%{version}.tar.gz
 Patch0: hal-0.5.4-match-on-capabilities.patch
+Patch1: hal-fix-mount-options.patch
 License: AFL/GPL
 Group: System Environment/Libraries
 BuildRoot: %{_tmppath}/%{name}-root
@@ -81,6 +82,7 @@
 %prep
 %setup -q
 %patch0 -p1 -b .match-on-capabilities
+%patch1 -p0 -b .mount-options
 %build
 
 %configure --disable-docbook-docs --with-os-type=redhat --enable-pcmcia-support --with-stab-file=/var/lib/pcmcia/stab
@@ -169,6 +171,9 @@
 %{_bindir}/hal-device-manager
 
 %changelog
+* Mon Jan 09 2006 John (J5) Palmieri <johnp at redhat.com> - 0.5.5.1.cvs20060109-2
+- Add patch to escape mount options
+
 * Mon Jan 09 2006 John (J5) Palmieri <johnp at redhat.com> - 0.5.5.1.cvs20060109-1
 - Update to a new CVS snapshot
 


