rpms/clamav/devel clamav-0.91.2-open.patch, NONE, 1.1 clamav.spec, 1.57, 1.58

[Enrico Scholz (ensc)]

Author: ensc

Update of /cvs/extras/rpms/clamav/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17062

Modified Files:
	clamav.spec 
Added Files:
	clamav-0.91.2-open.patch 
Log Message:
fixed an open(2) issue

clamav-0.91.2-open.patch:

--- NEW FILE clamav-0.91.2-open.patch ---
--- clamav-0.91.2/clamd/dazukoio_compat12.c.open	2007-03-06 14:38:06.000000000 +0100
+++ clamav-0.91.2/clamd/dazukoio_compat12.c	2007-08-25 12:36:30.000000000 +0200
@@ -89,7 +89,7 @@ int dazukoRegister_TS_compat12(struct da
 	if (dazuko->device < 0)
 	{
 
-		dazuko->device = open("/dev/dazuko", 0);
+		dazuko->device = open("/dev/dazuko", O_RDONLY);
 		if (dazuko->device < 0)
 			return -1;
 
--- clamav-0.91.2/shared/misc.c.open	2007-03-31 21:27:31.000000000 +0200
+++ clamav-0.91.2/shared/misc.c	2007-08-25 12:36:30.000000000 +0200
@@ -165,7 +165,7 @@ int filecopy(const char *src, const char
     if((s = open(src, O_RDONLY|O_BINARY)) == -1)
 	return -1;
 
-    if((d = open(dest, O_CREAT|O_WRONLY|O_TRUNC|O_BINARY)) == -1) {
+    if((d = open(dest, O_CREAT|O_WRONLY|O_TRUNC|O_BINARY, 0600)) == -1) {
 	close(s);
 	return -1;
     }


Index: clamav.spec
===================================================================
RCS file: /cvs/extras/rpms/clamav/devel/clamav.spec,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -r1.57 -r1.58
--- clamav.spec	25 Aug 2007 10:12:31 -0000	1.57
+++ clamav.spec	25 Aug 2007 10:40:56 -0000	1.58
@@ -35,6 +35,7 @@
 Patch21:	clamav-0.70-path.patch
 Patch22:	clamav-0.80-initoff.patch
 Patch24:	clamav-0.90rc3-private.patch
+Patch25:	clamav-0.91.2-open.patch
 BuildRoot:	%_tmppath/%name-%version-%release-root
 Requires:	clamav-lib = %version-%release
 Requires:	data(clamav)
@@ -226,6 +227,7 @@
 %patch21 -p1 -b .path
 %patch22 -p1 -b .initoff
 %patch24 -p1 -b .private
+%patch25 -p1 -b .open
 
 perl -pi -e 's!^(#?LogFile ).*!\1/var/log/clamd.<SERVICE>!g;
 	     s!^#?(LocalSocket ).*!\1/var/run/clamd.<SERVICE>/clamd.sock!g;
@@ -511,6 +513,7 @@
 - DOS in html normalizer
 - arbitrary command execution by special crafted recipients in
   clamav-milter's black-hole mode
+- fixed an open(2) issue
 
 * Tue Jul 17 2007 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.91.1-0
 - updated to 0.91.1