summaryrefslogtreecommitdiffstats
path: root/debian/patches/75_06-rda.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/75_06-rda.patch')
-rw-r--r--debian/patches/75_06-rda.patch28
1 files changed, 28 insertions, 0 deletions
diff --git a/debian/patches/75_06-rda.patch b/debian/patches/75_06-rda.patch
new file mode 100644
index 0000000..f4ca2af
--- /dev/null
+++ b/debian/patches/75_06-rda.patch
@@ -0,0 +1,28 @@
+From a6da9c67acaee699616516be141d600cc178a633 Mon Sep 17 00:00:00 2001
+From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
+Date: Sun, 28 Mar 2021 10:59:46 +0200
+Subject: [PATCH 06/23] rda
+
+---
+ src/rda.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/src/rda.c b/src/rda.c
+index aed8abc24..6ad7dd8bd 100644
+--- a/src/rda.c
++++ b/src/rda.c
+@@ -179,10 +179,8 @@ struct stat statbuf;
+ /* Reading a file is a form of expansion; we wish to deny attackers the
+ capability to specify the file name. */
+
+-if (is_tainted(filename))
++if (*error = is_tainted2(filename, 0, "Tainted name '%s' for file read not permitted\n", filename))
+ {
+- *error = string_sprintf("Tainted name '%s' for file read not permitted\n",
+- filename);
+ *yield = FF_ERROR;
+ return NULL;
+ }
+--
+2.30.2
+