mirror of
https://src.fedoraproject.org/rpms/llvm.git
synced 2024-11-28 10:35:42 +00:00
clang-analyzer: fix insecure temporary file handling (CVE-2014-2893)
Resolves: #1088105 #1088107
This commit is contained in:
parent
230d47c2ff
commit
b82608fb13
2 changed files with 34 additions and 1 deletions
28
0004-clang-analyzer-cve-2014-2893.patch
Normal file
28
0004-clang-analyzer-cve-2014-2893.patch
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
CVE-2014-2893, insecure temporary file handling in clang's scan-build utility
|
||||||
|
|
||||||
|
Resolves: #1088107 #1088105
|
||||||
|
|
||||||
|
---
|
||||||
|
tools/clang/tools/scan-build/scan-build | 6 ++++++
|
||||||
|
1 file changed, 6 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/tools/clang/tools/scan-build/scan-build b/tools/clang/tools/scan-build/scan-build
|
||||||
|
index 0f119f6..76135d8 100755
|
||||||
|
--- a/tools/clang/tools/scan-build/scan-build
|
||||||
|
+++ b/tools/clang/tools/scan-build/scan-build
|
||||||
|
@@ -204,6 +204,12 @@ sub GetHTMLRunDir {
|
||||||
|
else {
|
||||||
|
$NewDir = "$Dir/$DateString-$RunNumber";
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ # Make sure that the directory does not exist in order to avoid hijack.
|
||||||
|
+ if (-e $NewDir) {
|
||||||
|
+ DieDiag("The directory '$NewDir' already exists.\n");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
system 'mkdir','-p',$NewDir;
|
||||||
|
return $NewDir;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.1.0
|
||||||
|
|
|
@ -29,7 +29,7 @@
|
||||||
|
|
||||||
Name: llvm
|
Name: llvm
|
||||||
Version: 3.3
|
Version: 3.3
|
||||||
Release: 4%{?dist}
|
Release: 5%{?dist}
|
||||||
Summary: The Low Level Virtual Machine
|
Summary: The Low Level Virtual Machine
|
||||||
|
|
||||||
Group: Development/Languages
|
Group: Development/Languages
|
||||||
|
@ -50,6 +50,7 @@ Source11: llvm-Config-llvm-config.h
|
||||||
Patch1: 0001-data-install-preserve-timestamps.patch
|
Patch1: 0001-data-install-preserve-timestamps.patch
|
||||||
Patch2: 0002-linker-flags-speedup-memory.patch
|
Patch2: 0002-linker-flags-speedup-memory.patch
|
||||||
Patch3: 0003-fix-clear-cache-declaration.patch
|
Patch3: 0003-fix-clear-cache-declaration.patch
|
||||||
|
Patch4: 0004-clang-analyzer-cve-2014-2893.patch
|
||||||
|
|
||||||
BuildRequires: bison
|
BuildRequires: bison
|
||||||
BuildRequires: chrpath
|
BuildRequires: chrpath
|
||||||
|
@ -268,6 +269,7 @@ mv lldb-%{version}.src tools/lldb
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
|
%patch4 -p1
|
||||||
|
|
||||||
# fix library paths
|
# fix library paths
|
||||||
sed -i 's|/lib /usr/lib $lt_ld_extra|%{_libdir} $lt_ld_extra|' ./configure
|
sed -i 's|/lib /usr/lib $lt_ld_extra|%{_libdir} $lt_ld_extra|' ./configure
|
||||||
|
@ -627,6 +629,9 @@ exit 0
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Dec 26 2014 Jan Vcelak <jvcelak@fedoraproject.org> 3.3-5
|
||||||
|
- clang-analyzer: fix insecure temporary file handling (CVE-2014-2893)
|
||||||
|
|
||||||
* Fri Dec 20 2013 Jan Vcelak <jvcelak@fedoraproject.org> 3.3-4
|
* Fri Dec 20 2013 Jan Vcelak <jvcelak@fedoraproject.org> 3.3-4
|
||||||
- remove RPATHs
|
- remove RPATHs
|
||||||
- run ldconfig when installing lldb (#1044431)
|
- run ldconfig when installing lldb (#1044431)
|
||||||
|
|
Loading…
Reference in a new issue