diff options
author | 2014-04-20 19:20:07 +0800 | |
---|---|---|
committer | 2014-08-03 17:00:14 +0800 | |
commit | 4cb4fc3ef889788b9755451bc565e27bb803b8ba (patch) | |
tree | 4d99686dd9706cac684dc81687dc812394464868 /env_universal_common.cpp | |
parent | af14cf8f8bedd69c5ce3259758ba96ffd2ca7b4e (diff) |
Fix for CVE-2014-2905 - fishd restart required.
- Use a secure path for sockets (some code used under license from
tmux).
- Provide the secure path in the environment as $__fish_runtime_dir.
- Link the new path to the old path to ease migration from earlier
versions.
Closes #1359.
After installing fish built from or after this commit, you MUST
terminate all running fishd processes (`killall fishd`, `pkill fishd`
or similar). Distributors are encouraged to do this from within their
packaging scripts. fishd will restart automatically, and no data should
be lost.
Diffstat (limited to 'env_universal_common.cpp')
-rw-r--r-- | env_universal_common.cpp | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/env_universal_common.cpp b/env_universal_common.cpp index f600e70a..2b12cf10 100644 --- a/env_universal_common.cpp +++ b/env_universal_common.cpp @@ -27,7 +27,6 @@ #include <locale.h> #include <dirent.h> #include <signal.h> -#include <sys/stat.h> #include <map> #ifdef HAVE_SYS_SELECT_H @@ -87,6 +86,13 @@ #define ENV_UNIVERSAL_EOF 0x102 /** + Maximum length of socket filename +*/ +#ifndef UNIX_PATH_MAX +#define UNIX_PATH_MAX 100 +#endif + +/** A variable entry. Stores the value of a variable and whether it should be exported. Obviously, it needs to be allocated large enough to fit the value string. @@ -417,7 +423,7 @@ void env_universal_common_init(void (*cb)(fish_message_type_t type, const wchar_ } /** - Read one byte of date form the specified connection + Read one byte of date from the specified connection */ static int read_byte(connection_t *src) { |