From 4cb4fc3ef889788b9755451bc565e27bb803b8ba Mon Sep 17 00:00:00 2001 From: David Adam Date: Sun, 20 Apr 2014 19:20:07 +0800 Subject: Fix for CVE-2014-2905 - fishd restart required. - Use a secure path for sockets (some code used under license from tmux). - Provide the secure path in the environment as $__fish_runtime_dir. - Link the new path to the old path to ease migration from earlier versions. Closes #1359. After installing fish built from or after this commit, you MUST terminate all running fishd processes (`killall fishd`, `pkill fishd` or similar). Distributors are encouraged to do this from within their packaging scripts. fishd will restart automatically, and no data should be lost. --- env_universal_common.cpp | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'env_universal_common.cpp') diff --git a/env_universal_common.cpp b/env_universal_common.cpp index f600e70a..2b12cf10 100644 --- a/env_universal_common.cpp +++ b/env_universal_common.cpp @@ -27,7 +27,6 @@ #include #include #include -#include #include #ifdef HAVE_SYS_SELECT_H @@ -86,6 +85,13 @@ */ #define ENV_UNIVERSAL_EOF 0x102 +/** + Maximum length of socket filename +*/ +#ifndef UNIX_PATH_MAX +#define UNIX_PATH_MAX 100 +#endif + /** A variable entry. Stores the value of a variable and whether it should be exported. Obviously, it needs to be allocated large @@ -417,7 +423,7 @@ void env_universal_common_init(void (*cb)(fish_message_type_t type, const wchar_ } /** - Read one byte of date form the specified connection + Read one byte of date from the specified connection */ static int read_byte(connection_t *src) { -- cgit v1.2.3