| 1 |
diff -up icecast-2.3.3/src/source.c.CVE-2014-9018a icecast-2.3.3/src/source.c |
| 2 |
--- icecast-2.3.3/src/source.c.CVE-2014-9018a 2012-06-11 18:45:20.000000000 +0200 |
| 3 |
+++ icecast-2.3.3/src/source.c 2014-11-20 17:57:25.179588210 +0100 |
| 4 |
@@ -33,6 +33,11 @@ |
| 5 |
#define snprintf _snprintf |
| 6 |
#endif |
| 7 |
|
| 8 |
+#ifndef _WIN32 |
| 9 |
+#include <sys/stat.h> |
| 10 |
+#include <fcntl.h> |
| 11 |
+#endif |
| 12 |
+ |
| 13 |
#include "thread/thread.h" |
| 14 |
#include "avl/avl.h" |
| 15 |
#include "httpp/httpp.h" |
| 16 |
@@ -1277,6 +1282,21 @@ void source_client_callback (client_t *c |
| 17 |
|
| 18 |
|
| 19 |
#ifndef _WIN32 |
| 20 |
+static inline void __setup_empty_script_environment(void) { |
| 21 |
+ int i; |
| 22 |
+ |
| 23 |
+ for (i = 0; i < 1024; i++) |
| 24 |
+ close(i); |
| 25 |
+ |
| 26 |
+ i = open("/dev/null", O_RDWR); |
| 27 |
+ if (i == -1) |
| 28 |
+ return; |
| 29 |
+ |
| 30 |
+ dup2(i, 0); |
| 31 |
+ dup2(i, 1); |
| 32 |
+ dup2(i, 2); |
| 33 |
+} |
| 34 |
+ |
| 35 |
static void source_run_script (char *command, char *mountpoint) |
| 36 |
{ |
| 37 |
pid_t pid, external_pid; |
| 38 |
@@ -1293,8 +1313,9 @@ static void source_run_script (char *com |
| 39 |
break; |
| 40 |
case 0: /* child */ |
| 41 |
DEBUG1 ("Starting command %s", command); |
| 42 |
+ __setup_empty_script_environment(); |
| 43 |
execl (command, command, mountpoint, (char *)NULL); |
| 44 |
- ERROR2 ("Unable to run command %s (%s)", command, strerror (errno)); |
| 45 |
+ //ERROR2 ("Unable to run command %s (%s)", command, strerror (errno)); |
| 46 |
exit(0); |
| 47 |
default: /* parent */ |
| 48 |
break; |
Parent Directory
| 
Revision Log