Mercurialcrosstool-ng / file revision
summary | shortlog | changelog | graph | tags | branches | files | changeset | file | latest | revisions | annotate | diff | raw | help
patches/gdb/6.8/110-security-errata-20050610.patch
author "Yann E. MORIN" <yann.morin.1998@anciens.enib.fr>
Tue Aug 02 18:28:10 2011 +0200 (2011-08-02)
changeset 2590 b64cfb67944e
parent 746 b150d6f590fc
permissions -rw-r--r--
scripts/functions: svn retrieval first tries the mirror for tarballs

The svn download helper looks for the local tarballs dir to see if it
can find a pre-downloaded tarball, and if it does not find it, does
the actual fetch to upstream via svn.

In the process, it does not even try to get a tarball from the local
mirror, which can be useful if the mirror has been pre-populated
manually (or with a previously downloaded tree).

Fake a tarball get with the standard tarball-download helper, but
without specifying any upstream URL, which makes the helper directly
try the LAN mirror.

Of course, if no mirror is specified, no URL wil be available, and
the standard svn retrieval will kick in.

Reported-by: ANDY KENNEDY <ANDY.KENNEDY@adtran.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@anciens.enib.fr> 
     1 Original patch from gentoo: gentoo/src/patchsets/gdb/6.8/35_all_gdb-6.3-security-errata-20050610.patch

     2 -= BEGIN original header =-

     3 2005-06-09  Jeff Johnston  <jjohnstn@redhat.com>

     4 

     5         * gdb.base/gdbinit.exp: New testcase.

     6         * gdb.base/gdbinit.sample: Sample .gdbinit for gdbinit.exp.

     7 

     8 2005-06-08  Daniel Jacobowitz  <dan@codesourcery.com>

     9             Jeff Johnston  <jjohnstn@redhat.com>

    10 

    11         * Makefile.in (cli-cmds.o): Update.

    12         * configure.in: Add check for getuid.

    13         * configure: Regenerated.

    14         * config.in: Ditto.

    15         * main.c (captured_main): Pass -1 to source_command when loading

    16         gdbinit files.

    17         * cli/cli-cmds.c: Include "gdb_stat.h" and <fcntl.h>.

    18         (source_command): Update documentation.  Check permissions if

    19         FROM_TTY is -1.

    20 

    21 -= END original header =-

    22 diff -durN gdb-6.8.orig/gdb/Makefile.in gdb-6.8/gdb/Makefile.in

    23 --- gdb-6.8.orig/gdb/Makefile.in	2008-03-17 13:15:08.000000000 +0100

    24 +++ gdb-6.8/gdb/Makefile.in	2008-06-17 16:07:33.000000000 +0200

    25 @@ -3004,7 +3004,7 @@

    26  	$(expression_h) $(frame_h) $(value_h) $(language_h) $(filenames_h) \

    27  	$(objfiles_h) $(source_h) $(disasm_h) $(ui_out_h) $(top_h) \

    28  	$(cli_decode_h) $(cli_script_h) $(cli_setshow_h) $(cli_cmds_h) \

    29 -	$(tui_h)

    30 +	$(tui_h) $(gdb_stat_h)

    31  	$(CC) -c $(INTERNAL_CFLAGS) $(srcdir)/cli/cli-cmds.c

    32  cli-decode.o: $(srcdir)/cli/cli-decode.c $(defs_h) $(symtab_h) \

    33  	$(gdb_regex_h) $(gdb_string_h) $(completer_h) $(ui_out_h) \

    34 diff -durN gdb-6.8.orig/gdb/cli/cli-cmds.c gdb-6.8/gdb/cli/cli-cmds.c

    35 --- gdb-6.8.orig/gdb/cli/cli-cmds.c	2008-01-01 23:53:14.000000000 +0100

    36 +++ gdb-6.8/gdb/cli/cli-cmds.c	2008-06-17 16:07:33.000000000 +0200

    37 @@ -36,6 +36,7 @@

    38  #include "objfiles.h"

    39  #include "source.h"

    40  #include "disasm.h"

    41 +#include "gdb_stat.h"

    42  

    43  #include "ui-out.h"

    44  

    45 @@ -459,12 +460,31 @@

    46  

    47    if (fd == -1)

    48      {

    49 -      if (from_tty)

    50 +      if (from_tty > 0)

    51  	perror_with_name (file);

    52        else

    53  	return;

    54      }

    55  

    56 +#ifdef HAVE_GETUID

    57 +  if (from_tty == -1)

    58 +    {

    59 +      struct stat statbuf;

    60 +      if (fstat (fd, &statbuf) < 0)

    61 +	{

    62 +	  perror_with_name (file);

    63 +	  close (fd);

    64 +	  return;

    65 +	}

    66 +      if (statbuf.st_uid != getuid () || (statbuf.st_mode & S_IWOTH))

    67 +	{

    68 +          warning (_("not using untrusted file \"%s\""), file);

    69 +	  close (fd);

    70 +	  return;

    71 +	}

    72 +    }

    73 +#endif

    74 +

    75    stream = fdopen (fd, FOPEN_RT);

    76    script_from_file (stream, file);

    77  

    78 diff -durN gdb-6.8.orig/gdb/main.c gdb-6.8/gdb/main.c

    79 --- gdb-6.8.orig/gdb/main.c	2008-01-05 17:49:53.000000000 +0100

    80 +++ gdb-6.8/gdb/main.c	2008-06-17 16:07:33.000000000 +0200

    81 @@ -690,7 +690,7 @@

    82  

    83        if (!inhibit_gdbinit)

    84  	{

    85 -	  catch_command_errors (source_script, homeinit, 0, RETURN_MASK_ALL);

    86 +	  catch_command_errors (source_script, homeinit, -1, RETURN_MASK_ALL);

    87  	}

    88  

    89        /* Do stats; no need to do them elsewhere since we'll only

    90 @@ -778,7 +778,7 @@

    91        || memcmp ((char *) &homebuf, (char *) &cwdbuf, sizeof (struct stat)))

    92      if (!inhibit_gdbinit)

    93        {

    94 -	catch_command_errors (source_script, gdbinit, 0, RETURN_MASK_ALL);

    95 +	catch_command_errors (source_script, gdbinit, -1, RETURN_MASK_ALL);

    96        }

    97  

    98    for (i = 0; i < ncmd; i++)

    99 diff -durN gdb-6.8.orig/gdb/testsuite/gdb.base/gdbinit.exp gdb-6.8/gdb/testsuite/gdb.base/gdbinit.exp

   100 --- gdb-6.8.orig/gdb/testsuite/gdb.base/gdbinit.exp	1970-01-01 01:00:00.000000000 +0100

   101 +++ gdb-6.8/gdb/testsuite/gdb.base/gdbinit.exp	2008-06-17 16:07:33.000000000 +0200

   102 @@ -0,0 +1,98 @@

   103 +#   Copyright 2005

   104 +#   Free Software Foundation, Inc.

   105 +

   106 +# This program is free software; you can redistribute it and/or modify

   107 +# it under the terms of the GNU General Public License as published by

   108 +# the Free Software Foundation; either version 2 of the License, or

   109 +# (at your option) any later version.

   110 +# 

   111 +# This program is distributed in the hope that it will be useful,

   112 +# but WITHOUT ANY WARRANTY; without even the implied warranty of

   113 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

   114 +# GNU General Public License for more details.

   115 +# 

   116 +# You should have received a copy of the GNU General Public License

   117 +# along with this program; if not, write to the Free Software

   118 +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.  

   119 +

   120 +# Please email any bugs, comments, and/or additions to this file to:

   121 +# bug-gdb@prep.ai.mit.edu

   122 +

   123 +# This file was written by Jeff Johnston <jjohnstn@redhat.com>.

   124 +

   125 +if $tracelevel then {

   126 +    strace $tracelevel

   127 +}

   128 +

   129 +set prms_id 0

   130 +set bug_id 0

   131 +

   132 +# are we on a target board

   133 +if [is_remote target] {

   134 +    return

   135 +}

   136 +

   137 +

   138 +global verbose

   139 +global GDB

   140 +global GDBFLAGS

   141 +global gdb_prompt

   142 +global timeout

   143 +global gdb_spawn_id;

   144 +                                                                                

   145 +gdb_stop_suppressing_tests;

   146 +                                                                                

   147 +verbose "Spawning $GDB -nw"

   148 +                                                                                

   149 +if [info exists gdb_spawn_id] {

   150 +    return 0;

   151 +}

   152 +                                                                                

   153 +if ![is_remote host] {

   154 +   if { [which $GDB] == 0 } then {

   155 +        perror "$GDB does not exist."

   156 +        exit 1

   157 +    }

   158 +}

   159 +

   160 +set env(HOME) [pwd]

   161 +remote_exec build "rm .gdbinit"

   162 +remote_exec build "cp ${srcdir}/${subdir}/gdbinit.sample .gdbinit"

   163 +remote_exec build "chmod 646 .gdbinit"

   164 +

   165 +set res [remote_spawn host "$GDB -nw [host_info gdb_opts]"];

   166 +if { $res < 0 || $res == "" } {

   167 +    perror "Spawning $GDB failed."

   168 +    return 1;

   169 +}

   170 +gdb_expect 360 {

   171 +    -re "warning: not using untrusted file.*\.gdbinit.*\[\r\n\]$gdb_prompt $" {

   172 +        pass "untrusted .gdbinit caught."

   173 +    }

   174 +    -re "$gdb_prompt $"     {

   175 +        fail "untrusted .gdbinit caught."

   176 +    }

   177 +    timeout {

   178 +        fail "(timeout) untrusted .gdbinit caught."

   179 +    }

   180 +}

   181 +

   182 +remote_exec build "chmod 644 .gdbinit"

   183 +set res [remote_spawn host "$GDB -nw [host_info gdb_opts]"];

   184 +if { $res < 0 || $res == "" } {

   185 +    perror "Spawning $GDB failed."

   186 +    return 1;

   187 +}

   188 +gdb_expect 360 {

   189 +    -re "warning: not using untrusted file.*\.gdbinit.*\[\r\n\]$gdb_prompt $" {

   190 +        fail "trusted .gdbinit allowed."

   191 +    }

   192 +    -re "in gdbinit.*$gdb_prompt $"     {

   193 +        pass "trusted .gdbinit allowed."

   194 +    }

   195 +    timeout {

   196 +        fail "(timeout) trusted .gdbinit allowed."

   197 +    }

   198 +}

   199 +

   200 +remote_exec build "rm .gdbinit"

   201 diff -durN gdb-6.8.orig/gdb/testsuite/gdb.base/gdbinit.sample gdb-6.8/gdb/testsuite/gdb.base/gdbinit.sample

   202 --- gdb-6.8.orig/gdb/testsuite/gdb.base/gdbinit.sample	1970-01-01 01:00:00.000000000 +0100

   203 +++ gdb-6.8/gdb/testsuite/gdb.base/gdbinit.sample	2008-06-17 16:07:33.000000000 +0200

   204 @@ -0,0 +1 @@

   205 +echo "\nin gdbinit"
crosstool-ng