upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-28 02:29:51 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Fix Shared Memory World Writeable,

Browse source 
reported by X41 D-Sec.
This commit is contained in:
W.C.A. Wijngaards 2019-11-20 11:13:45 +01:00
parent 1fa40654d2
commit c54fe82886
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
doc/Changelog
View file

@ -3,6 +3,8 @@
reported by X41 D-Sec.
- Fix Race Condition in autr_tp_create(),
reported by X41 D-Sec.
- Fix Shared Memory World Writeable,
reported by X41 D-Sec.
19 November 2019: Wouter
- Fix CVE-2019-18934, shell execution in ipsecmod.

4
util/shm_side/shm_main.c
View file

@ -121,7 +121,7 @@ int shm_main_init(struct daemon* daemon)
shmctl(daemon->shm_info->id_arr, IPC_RMID, NULL);
/* SHM: Create the segment */
daemon->shm_info->id_ctl = shmget(daemon->shm_info->key, sizeof(struct ub_shm_stat_info), IPC_CREAT | 0666);
daemon->shm_info->id_ctl = shmget(daemon->shm_info->key, sizeof(struct ub_shm_stat_info), IPC_CREAT | 0644);
if (daemon->shm_info->id_ctl < 0)
{
@ -134,7 +134,7 @@ int shm_main_init(struct daemon* daemon)
return 0;
}
daemon->shm_info->id_arr = shmget(daemon->shm_info->key + 1, shm_size, IPC_CREAT | 0666);
daemon->shm_info->id_arr = shmget(daemon->shm_info->key + 1, shm_size, IPC_CREAT | 0644);
if (daemon->shm_info->id_arr < 0)
{