Hello community, here is the log from the commit of package libcdaudio for openSUSE:Factory checked in at Tue Aug 4 23:16:32 CEST 2009. -------- --- libcdaudio/libcdaudio.changes 2009-07-17 15:30:22.000000000 +0200 +++ libcdaudio/libcdaudio.changes 2009-08-04 18:31:04.000000000 +0200 @@ -1,0 +2,5 @@ +Tue Aug 4 18:21:18 CEST 2009 - ro@suse.de + +- added closedir to prevent dirp leakage (bnc#527425) + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- libcdaudio-closedir.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libcdaudio.spec ++++++ --- /var/tmp/diff_new_pack.6P1bit/_old 2009-08-04 23:13:48.000000000 +0200 +++ /var/tmp/diff_new_pack.6P1bit/_new 2009-08-04 23:13:48.000000000 +0200 @@ -23,12 +23,13 @@ Group: Productivity/Multimedia/CD/Grabbers Summary: Functions to Control Operation of a CD-ROM When Playing Audio CDs Version: 0.99.12 -Release: 140 +Release: 141 Source: libcdaudio-0.99.12.tar.bz2 Patch: libcdaudio-max_matches.diff Patch1: libcdaudio-libdir.diff Patch2: libcdaudio-buffer-overflow.diff Patch3: libcdaudio-double_free.diff +Patch4: libcdaudio-closedir.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -57,6 +58,7 @@ %patch1 %patch2 %patch3 +%patch4 %build CFLAGS="$RPM_OPT_FLAGS" ++++++ libcdaudio-closedir.diff ++++++ --- src/coverart.c +++ src/coverart.c @@ -279,6 +279,7 @@ { DIR *coverart_dir; int index, coverart_fd; + int retval = 0; char root_dir[256], procbuffer[256], id[CDINDEX_ID_SIZE]; struct stat st; struct dirent *d; @@ -319,25 +320,32 @@ art->art_mime_type[0] = '\0'; snprintf(procbuffer, 256, "%s/%s", root_dir, d->d_name); - if(stat(procbuffer, &st) < 0) - return -1; + if(stat(procbuffer, &st) < 0) { + retval = -1; + goto cleanup; + } art->art_length = st.st_size; - if((coverart_fd = open(procbuffer, O_RDONLY)) < 0) - return -1; + if((coverart_fd = open(procbuffer, O_RDONLY)) < 0) { + retval = -1; + goto cleanup; + } - if(read(coverart_fd, art->art_image, art->art_length) < 0) - return -1; + if(read(coverart_fd, art->art_image, art->art_length) < 0) { + retval = -1; + } art->art_present = 1; - - return 0; + goto cleanup; } } art->art_present = 0; + +cleanup: + closedir(coverart_dir); - return 0; + return retval; } /* Write cover art to local cache */ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org