~lastrosade/jsthttpd

d2e186dbd58d274a0dea9b59357edc8498b5388d — Anthony G. Basile 8 years ago 5088502
src/thttpd.c: Fix world readable log, CVE-2013-0348.

Make sure that the logfile is created or reopened as read/write
by thttpd user only.

X-gentoo-Bug: 458896
X-gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=458896
Reported-by:  Agostino Sarubbo <ago@gentoo.org>
Signed-off-by: Anthony G. Basile <basile@opensource.dyc.edu>
1 files changed, 6 insertions(+), 2 deletions(-)

M src/thttpd.c
M src/thttpd.c => src/thttpd.c +6 -2
@@ 326,6 326,7 @@ static void
re_open_logfile( void )
    {
    FILE* logfp;
    int retchmod;

    if ( no_log || hs == (httpd_server*) 0 )
	return;


@@ 335,7 336,8 @@ re_open_logfile( void )
	{
	syslog( LOG_NOTICE, "re-opening logfile" );
	logfp = fopen( logfile, "a" );
	if ( logfp == (FILE*) 0 )
	retchmod = chmod( logfile, S_IRUSR|S_IWUSR );
	if ( logfp == (FILE*) 0 || retchmod != 0 )
	    {
	    syslog( LOG_CRIT, "re-opening %.80s - %m", logfile );
	    return;


@@ 355,6 357,7 @@ main( int argc, char** argv )
    gid_t gid = 32767;
    char cwd[MAXPATHLEN+1];
    FILE* logfp;
    int retchmod;
    int num_ready;
    int cnum;
    connecttab* c;


@@ 424,7 427,8 @@ main( int argc, char** argv )
	else
	    {
	    logfp = fopen( logfile, "a" );
	    if ( logfp == (FILE*) 0 )
	    retchmod = chmod( logfile, S_IRUSR|S_IWUSR );
	    if ( logfp == (FILE*) 0 || retchmod != 0 )
		{
		syslog( LOG_CRIT, "%.80s - %m", logfile );
		perror( logfile );