aboutsummaryrefslogtreecommitdiff
path: root/app/src/main/c/0001-tincctl-restrict-umask-argument-for-FORTIFY.patch
diff options
context:
space:
mode:
Diffstat (limited to 'app/src/main/c/0001-tincctl-restrict-umask-argument-for-FORTIFY.patch')
-rw-r--r--app/src/main/c/0001-tincctl-restrict-umask-argument-for-FORTIFY.patch31
1 files changed, 31 insertions, 0 deletions
diff --git a/app/src/main/c/0001-tincctl-restrict-umask-argument-for-FORTIFY.patch b/app/src/main/c/0001-tincctl-restrict-umask-argument-for-FORTIFY.patch
new file mode 100644
index 0000000..85ab949
--- /dev/null
+++ b/app/src/main/c/0001-tincctl-restrict-umask-argument-for-FORTIFY.patch
@@ -0,0 +1,31 @@
1From b6498e6402d9681743b697c1c9f0760448b3be54 Mon Sep 17 00:00:00 2001
2From: pacien <pacien.trangirard@pacien.net>
3Date: Wed, 9 Sep 2020 01:24:28 +0200
4Subject: [PATCH] tincctl: restrict umask argument for FORTIFY
5
6`umask(mode)` calls that do not verify `(mode & 0777) == mode` are
7rejected when the libc FORTIFY checks are enabled [1].
8
9The unrestricted `~perms` was indeed making this assertion fail.
10
11[1]: https://android.googlesource.com/platform/bionic/+/refs/tags/android-11.0.0_r3/libc/bionic/fortify.cpp#404
12---
13 src/tincctl.c | 2 +-
14 1 file changed, 1 insertion(+), 1 deletion(-)
15
16diff --git a/src/tincctl.c b/src/tincctl.c
17index 08f30189..11c1a96c 100644
18--- a/src/tincctl.c
19+++ b/src/tincctl.c
20@@ -237,7 +237,7 @@ static bool parse_options(int argc, char **argv) {
21 FILE *fopenmask(const char *filename, const char *mode, mode_t perms) {
22 mode_t mask = umask(0);
23 perms &= ~mask;
24- umask(~perms);
25+ umask(~perms & 0777);
26 FILE *f = fopen(filename, mode);
27
28 if(!f) {
29--
302.25.4
31