mirror of
https://src.fedoraproject.org/rpms/llvm.git
synced 2024-11-30 19:28:18 +00:00
clang-analyzer: fix insecure temporary file handling (CVE-2014-2893)
Resolves: #1088105 #1088107
This commit is contained in:
parent
230d47c2ff
commit
b82608fb13
2 changed files with 34 additions and 1 deletions
28
0004-clang-analyzer-cve-2014-2893.patch
Normal file
28
0004-clang-analyzer-cve-2014-2893.patch
Normal file
|
@ -0,0 +1,28 @@
|
|||
CVE-2014-2893, insecure temporary file handling in clang's scan-build utility
|
||||
|
||||
Resolves: #1088107 #1088105
|
||||
|
||||
---
|
||||
tools/clang/tools/scan-build/scan-build | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/tools/clang/tools/scan-build/scan-build b/tools/clang/tools/scan-build/scan-build
|
||||
index 0f119f6..76135d8 100755
|
||||
--- a/tools/clang/tools/scan-build/scan-build
|
||||
+++ b/tools/clang/tools/scan-build/scan-build
|
||||
@@ -204,6 +204,12 @@ sub GetHTMLRunDir {
|
||||
else {
|
||||
$NewDir = "$Dir/$DateString-$RunNumber";
|
||||
}
|
||||
+
|
||||
+ # Make sure that the directory does not exist in order to avoid hijack.
|
||||
+ if (-e $NewDir) {
|
||||
+ DieDiag("The directory '$NewDir' already exists.\n");
|
||||
+ }
|
||||
+
|
||||
system 'mkdir','-p',$NewDir;
|
||||
return $NewDir;
|
||||
}
|
||||
--
|
||||
2.1.0
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
|
||||
Name: llvm
|
||||
Version: 3.3
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
Summary: The Low Level Virtual Machine
|
||||
|
||||
Group: Development/Languages
|
||||
|
@ -50,6 +50,7 @@ Source11: llvm-Config-llvm-config.h
|
|||
Patch1: 0001-data-install-preserve-timestamps.patch
|
||||
Patch2: 0002-linker-flags-speedup-memory.patch
|
||||
Patch3: 0003-fix-clear-cache-declaration.patch
|
||||
Patch4: 0004-clang-analyzer-cve-2014-2893.patch
|
||||
|
||||
BuildRequires: bison
|
||||
BuildRequires: chrpath
|
||||
|
@ -268,6 +269,7 @@ mv lldb-%{version}.src tools/lldb
|
|||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
|
||||
# fix library paths
|
||||
sed -i 's|/lib /usr/lib $lt_ld_extra|%{_libdir} $lt_ld_extra|' ./configure
|
||||
|
@ -627,6 +629,9 @@ exit 0
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Dec 26 2014 Jan Vcelak <jvcelak@fedoraproject.org> 3.3-5
|
||||
- clang-analyzer: fix insecure temporary file handling (CVE-2014-2893)
|
||||
|
||||
* Fri Dec 20 2013 Jan Vcelak <jvcelak@fedoraproject.org> 3.3-4
|
||||
- remove RPATHs
|
||||
- run ldconfig when installing lldb (#1044431)
|
||||
|
|
Loading…
Reference in a new issue