From ba1b5e34a77369e28ff563e47c088c55664a8a11 Mon Sep 17 00:00:00 2001
From: David Adam <zanchey@ucc.gu.uwa.edu.au>
Date: Sun, 20 Apr 2014 17:51:27 +0800
Subject: Check effective credentials of socket peers

Fix for CVE-2014-2905.

Code for getpeereid() on non-BSD systems imported from the PostgreSQL
project under a BSD-style license.

Closes #1436
---
 configure.ac | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'configure.ac')

diff --git a/configure.ac b/configure.ac
index ae1a6183..150591af 100644
--- a/configure.ac
+++ b/configure.ac
@@ -378,7 +378,7 @@ fi
 # Check presense of various header files
 #
 
-AC_CHECK_HEADERS([getopt.h termios.h sys/resource.h term.h ncurses/term.h ncurses.h curses.h stropts.h siginfo.h sys/select.h sys/ioctl.h execinfo.h spawn.h sys/sysctl.h])
+AC_CHECK_HEADERS([getopt.h termios.h sys/resource.h term.h ncurses/term.h ncurses.h curses.h stropts.h siginfo.h sys/select.h sys/ioctl.h execinfo.h spawn.h sys/sysctl.h sys/un.h sys/ucred.h ucred.h ])
 
 if test x$local_gettext != xno; then
   AC_CHECK_HEADERS([libintl.h])
@@ -519,7 +519,7 @@ fi
 AC_CHECK_FUNCS( wcsdup wcsndup wcslen wcscasecmp wcsncasecmp fwprintf )
 AC_CHECK_FUNCS( futimes wcwidth wcswidth wcstok fputwc fgetwc )
 AC_CHECK_FUNCS( wcstol wcslcat wcslcpy lrand48_r killpg )
-AC_CHECK_FUNCS( backtrace backtrace_symbols sysconf getifaddrs )
+AC_CHECK_FUNCS( backtrace backtrace_symbols sysconf getifaddrs getpeerucred getpeereid )
 
 if test x$local_gettext != xno; then
   AC_CHECK_FUNCS( gettext dcgettext )
-- 
cgit v1.2.3


From 77bc4c572525c96b43f70c4f1e0c6ef250933713 Mon Sep 17 00:00:00 2001
From: Konrad Borowski <x.fix@o2.pl>
Date: Thu, 1 May 2014 11:00:13 +0200
Subject: Properly check for miliseconds during screen update

This removes undefined behavior in the previous code by properly
checking for miliseconds (actually typing proper names, not abusing
pointer arithmetics).
---
 configure.ac |  5 +++++
 screen.cpp   | 23 +++++++----------------
 2 files changed, 12 insertions(+), 16 deletions(-)

(limited to 'configure.ac')

diff --git a/configure.ac b/configure.ac
index 150591af..1b91f962 100644
--- a/configure.ac
+++ b/configure.ac
@@ -396,6 +396,11 @@ AC_CHECK_HEADER(
   [AC_MSG_ERROR([Could not find the header regex.h, needed to build fish])]
 )
 
+#
+# Detect nanoseconds fields in struct stat
+#
+AC_CHECK_MEMBERS([struct stat.st_mtimespec.tv_nsec])
+AC_CHECK_MEMBERS([struct stat.st_mtim.tv_nsec])
 
 #
 # On some platforms (Solaris 10) adding -std=c99 in turn requires that
diff --git a/screen.cpp b/screen.cpp
index 27b10a5c..2fd7cc96 100644
--- a/screen.cpp
+++ b/screen.cpp
@@ -379,17 +379,6 @@ static size_t calc_prompt_lines(const wcstring &prompt)
     }
     return result;
 }
-/**
-   Test if there is space between the time fields of struct stat to
-   use for sub second information. If so, we assume this space
-   contains the desired information.
-*/
-static int room_for_usec(struct stat *st)
-{
-    int res = ((&(st->st_atime) + 2) == &(st->st_mtime) &&
-               (&(st->st_atime) + 4) == &(st->st_ctime));
-    return res;
-}
 
 /**
    Stat stdout and stderr and save result.
@@ -456,11 +445,13 @@ static void s_check_status(screen_t *s)
     int changed = (s->prev_buff_1.st_mtime != s->post_buff_1.st_mtime) ||
                   (s->prev_buff_2.st_mtime != s->post_buff_2.st_mtime);
 
-    if (room_for_usec(&s->post_buff_1))
-    {
-        changed = changed || ((&s->prev_buff_1.st_mtime)[1] != (&s->post_buff_1.st_mtime)[1]) ||
-                  ((&s->prev_buff_2.st_mtime)[1] != (&s->post_buff_2.st_mtime)[1]);
-    }
+    #if defined HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC
+        changed = changed || s->prev_buff_1.st_mtimespec.tv_nsec != s->post_buff_1.st_mtimespec.tv_nsec ||
+                    s->prev_buff_2.st_mtimespec.tv_nsec != s->post_buff_2.st_mtimespec.tv_nsec;
+    #elif defined HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC
+        changed = changed || s->prev_buff_1.st_mtim.tv_nsec != s->post_buff_1.st_mtim.tv_nsec ||
+                    s->prev_buff_2.st_mtim.tv_nsec != s->post_buff_2.st_mtim.tv_nsec;
+    #endif
 
     if (changed)
     {
-- 
cgit v1.2.3


From 333fb1bf97e53725b730fa7047e1873cacceed44 Mon Sep 17 00:00:00 2001
From: ridiculousfish <corydoras@ridiculousfish.com>
Date: Sat, 3 May 2014 15:27:58 -0700
Subject: Use mkostemp instead of mktemp where available

---
 configure.ac | 2 +-
 history.cpp  | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

(limited to 'configure.ac')

diff --git a/configure.ac b/configure.ac
index 1b91f962..68b53c20 100644
--- a/configure.ac
+++ b/configure.ac
@@ -523,7 +523,7 @@ fi
 
 AC_CHECK_FUNCS( wcsdup wcsndup wcslen wcscasecmp wcsncasecmp fwprintf )
 AC_CHECK_FUNCS( futimes wcwidth wcswidth wcstok fputwc fgetwc )
-AC_CHECK_FUNCS( wcstol wcslcat wcslcpy lrand48_r killpg )
+AC_CHECK_FUNCS( wcstol wcslcat wcslcpy lrand48_r killpg mkostemp )
 AC_CHECK_FUNCS( backtrace backtrace_symbols sysconf getifaddrs getpeerucred getpeereid )
 
 if test x$local_gettext != xno; then
diff --git a/history.cpp b/history.cpp
index d0933cb0..77414ff7 100644
--- a/history.cpp
+++ b/history.cpp
@@ -1380,12 +1380,20 @@ bool history_t::save_internal_via_rewrite()
         for (size_t attempt = 0; attempt < 10 && out_fd == -1; attempt++)
         {
             char *narrow_str = wcs2str(tmp_name_template.c_str());
+#if HAVE_MKOSTEMP
+            out_fd = mkostemp(narrow_str, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC);
+            if (out_fd >= 0)
+            {
+                tmp_name = str2wcstring(narrow_str);
+            }
+#else
             if (narrow_str && mktemp(narrow_str))
             {
                 /* It was successfully templated; try opening it atomically */
                 tmp_name = str2wcstring(narrow_str);
                 out_fd = wopen_cloexec(tmp_name, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC, 0644);
             }
+#endif
             free(narrow_str);
         }
 
-- 
cgit v1.2.3