1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
From 8a1540e0b540e0c0cfc7fb5fe1964cd502171052 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Tue, 14 Jun 2022 23:18:30 +0200
Subject: [PATCH 3/3] CVE-2022-31214: fixing the fix
---
src/firejail/fs_etc.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c
index 271e46855..37c2853fc 100644
--- a/src/firejail/fs_etc.c
+++ b/src/firejail/fs_etc.c
@@ -21,6 +21,7 @@
#include <sys/mount.h>
#include <sys/stat.h>
#include <sys/types.h>
+#include <errno.h>
#include <time.h>
#include <unistd.h>
@@ -126,7 +127,10 @@ static void duplicate(const char *fname, const char *private_dir, const char *pr
char *dirname;
if (asprintf(&dirname, "%s/%s", private_run_dir, fname) == -1)
errExit("asprintf");
- create_empty_dir_as_root(dirname, s.st_mode);
+ if (mkdir(dirname, 0700) != 0 && errno != EEXIST)
+ errExit("mkdir");
+ if (chmod(dirname, s.st_mode) != 0)
+ errExit("chmod");
sbox_run(SBOX_ROOT| SBOX_SECCOMP, 3, PATH_FCOPY, src, dirname);
free(dirname);
}
|
