diff options
Diffstat (limited to 'debian/patches/75_06-rda.patch')
-rw-r--r-- | debian/patches/75_06-rda.patch | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/debian/patches/75_06-rda.patch b/debian/patches/75_06-rda.patch new file mode 100644 index 0000000..f4ca2af --- /dev/null +++ b/debian/patches/75_06-rda.patch @@ -0,0 +1,28 @@ +From a6da9c67acaee699616516be141d600cc178a633 Mon Sep 17 00:00:00 2001 +From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de> +Date: Sun, 28 Mar 2021 10:59:46 +0200 +Subject: [PATCH 06/23] rda + +--- + src/rda.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/src/rda.c b/src/rda.c +index aed8abc24..6ad7dd8bd 100644 +--- a/src/rda.c ++++ b/src/rda.c +@@ -179,10 +179,8 @@ struct stat statbuf; + /* Reading a file is a form of expansion; we wish to deny attackers the + capability to specify the file name. */ + +-if (is_tainted(filename)) ++if (*error = is_tainted2(filename, 0, "Tainted name '%s' for file read not permitted\n", filename)) + { +- *error = string_sprintf("Tainted name '%s' for file read not permitted\n", +- filename); + *yield = FF_ERROR; + return NULL; + } +-- +2.30.2 + |