More miscellaneous security fixes...

diff --git a/hfaxd/FileTransfer.c++ b/hfaxd/FileTransfer.c++
index 948182487a7ea99fc4bce80472807f2f5ba22f30..5bf0e39288c95299c0999e3478ade4bca5cf7375 100644 (file)
--- a/hfaxd/FileTransfer.c++
+++ b/hfaxd/FileTransfer.c++
@@ -478,7 +478,7 @@ HylaFAXServer::storeCmd(const char* name, const char* mode)
                reply(553, "Bad filename; includes invalid character.");
                return;
            }
-       mode_t omask = umask(007);
+       mode_t omask = umask(027);
        FILE* fout = fopen(name, restart_point ? "r+w" : mode);
        if (fout != NULL) {
            setFileOwner(name);
@@ -531,7 +531,7 @@ HylaFAXServer::storeUniqueCmd(bool isTemp)
        FILE* fout = fopen(filename, "w");
        if (fout != NULL) {
            setFileOwner(filename);
-           FileCache::chmod(filename, 0660);           // sync cache
+           FileCache::chmod(filename, 0640);           // sync cache
            if (isTemp)
                tempFiles.append(filename);
            time_t start_time = Sys::now();

diff --git a/hfaxd/HylaFAXServer.c++ b/hfaxd/HylaFAXServer.c++
index 2bfda421b4b727242b8e4a81a013363429bf5676..8c3bf51cd88f7db3da94ccfd71e6300d386fcbcc 100644 (file)
--- a/hfaxd/HylaFAXServer.c++
+++ b/hfaxd/HylaFAXServer.c++
@@ -512,24 +512,25 @@ HylaFAXServer::cvtTime(const time_t& t) const
 u_int
 HylaFAXServer::getSequenceNumber(const char* filename, u_int count, fxStr& emsg)
 {
-    int fd = Sys::open(filename, O_CREAT|O_RDWR, 0644);
+    int fd = Sys::open(filename, O_CREAT|O_RDWR|O_EXCL, 0600);
     if (fd < 0) {
-       emsg = fxStr::format("Unable to open sequence number file %s; %s.",
-           filename, strerror(errno));
-       logError("%s: open: %s", filename, strerror(errno));
-       return ((u_int) -1);
+        emsg = fxStr::format("Unable to open sequence number file %s; %s.",
+            filename, strerror(errno));
+        logError("%s: open: %s", filename, strerror(errno));
+        return ((u_int) -1);
     }
     flock(fd, LOCK_EX);
     u_int seqnum = 1;
     char line[1024];
     int n = read(fd, line, sizeof (line));
     line[n < 0 ? 0 : n] = '\0';
-    if (n > 0)
-       seqnum = atoi(line);
+    if (n > 0) {
+        seqnum = atoi(line);
+    }
     if (seqnum < 1 || seqnum >= MAXSEQNUM) {
-       logWarning("%s: Invalid sequence number \"%s\", resetting to 1",
-           filename, line);
-       seqnum = 1;
+        logWarning("%s: Invalid sequence number \"%s\", resetting to 1",
+            filename, line);
+        seqnum = 1;
     }
     sprintf(line, "%u", NEXTSEQNUM(seqnum+count));
     lseek(fd, 0, SEEK_SET);
@@ -543,6 +544,7 @@ HylaFAXServer::getSequenceNumber(const char* filename, u_int count, fxStr& emsg)
     Sys::close(fd);                    // NB: implicit unlock
     return (seqnum);
 }
+
 u_int HylaFAXServer::getJobNumber(fxStr& emsg)
     { return (getSequenceNumber(FAX_SENDDIR "/" FAX_SEQF, 1, emsg)); }
 u_int HylaFAXServer::getDocumentNumbers(u_int count, fxStr& emsg)

diff --git a/util/Sys.h b/util/Sys.h
index 0591710d69cd1892fdc771e9e1a3b70976b207c5..0f29c739a1ebf77de4f4a6807e99a3fe7c787c88 100644 (file)
--- a/util/Sys.h
+++ b/util/Sys.h
@@ -123,7 +123,17 @@ public:
        { return ::gethostname(name, namelen); }
 
     static char* mktemp(char* templ)   { return ::mktemp(templ); }
-    static int mkstemp(char* templ)    { return ::mkstemp(templ); }
+
+    static int mkstemp(char* templ)    {
+        int fd = mkstemp(templ);
+#if defined __GLIBC__ && __GLIBC__ <= 2 && __GLIBC_MINOR__ <= 0
+        // Hack for older versions of glibc which do not set the file
+        // permissions correctly
+        if (fchmod(fd, S_IRUSR | S_IWUSR) == -1) return -1;
+#endif
+        return fd;
+    }
+
     static FILE* tmpfile()     { return ::tmpfile(); }
     static FILE* fopen(const char* filename, const char* mode)
        { return ::fopen(filename, mode); }