From c2009ddeb7052dfe443f0239893f627759580c29 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Mon, 11 Jan 2010 07:20:57 +0100 Subject: SOSreport/TicketUploader: use more restrictive file modes Signed-off-by: Denys Vlasenko --- lib/Plugins/TicketUploader.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/Plugins/TicketUploader.cpp') diff --git a/lib/Plugins/TicketUploader.cpp b/lib/Plugins/TicketUploader.cpp index a4fe0e8..de19791 100644 --- a/lib/Plugins/TicketUploader.cpp +++ b/lib/Plugins/TicketUploader.cpp @@ -221,7 +221,7 @@ string CTicketUploader::Report(const map_crash_report_t& pCrashReport, else if (it->second[CD_TYPE] == CD_BIN) { string ofile_name = concat_path_file(tmptar_name.c_str(), it->first.c_str()); - if (copy_file(it->second[CD_CONTENT].c_str(), ofile_name.c_str()) < 0) + if (copy_file(it->second[CD_CONTENT].c_str(), ofile_name.c_str(), 0644) < 0) { throw CABRTException(EXCEP_PLUGIN, "Can't copy '%s' to '%s'", -- cgit From edf6beb585dc38c365ccbdaae85756b2814e1329 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Mon, 11 Jan 2010 12:09:57 +0100 Subject: *: assorted fixes prompted by security analysis; more to come Signed-off-by: Denys Vlasenko --- lib/Plugins/TicketUploader.cpp | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'lib/Plugins/TicketUploader.cpp') diff --git a/lib/Plugins/TicketUploader.cpp b/lib/Plugins/TicketUploader.cpp index de19791..3fb7bcd 100644 --- a/lib/Plugins/TicketUploader.cpp +++ b/lib/Plugins/TicketUploader.cpp @@ -120,17 +120,14 @@ void CTicketUploader::SendFile(const char *pURL, const char *pFilename) throw CABRTException(EXCEP_PLUGIN, "Can't open archive file '%s'", pFilename); } struct stat buf; - if (fstat(fileno(f), &buf) == -1) /* TODO: never fails */ - { - throw CABRTException(EXCEP_PLUGIN, "Can't stat archive file '%s'", pFilename); - } + fstat(fileno(f), &buf); /* never fails */ CURL* curl = xcurl_easy_init(); /* enable uploading */ curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); /* specify target */ curl_easy_setopt(curl, CURLOPT_URL, wholeURL.c_str()); curl_easy_setopt(curl, CURLOPT_READDATA, f); - curl_easy_setopt(curl, CURLOPT_INFILESIZE, buf.st_size); + curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)buf.st_size); /* everything is done here; result 0 means success */ result = curl_easy_perform(curl); /* goodbye */ -- cgit From 38aed8f42c135b9a7b4b2785b877935d3746352b Mon Sep 17 00:00:00 2001 From: Jiri Moskovcak Date: Wed, 13 Jan 2010 14:52:46 +0100 Subject: re-enable GetPluginSettings in TicketUploader - we need this method to get defaults stored in TicketUploader.conf, this methods can be removed once we implement the tool to edit the config files --- lib/Plugins/TicketUploader.cpp | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) (limited to 'lib/Plugins/TicketUploader.cpp') diff --git a/lib/Plugins/TicketUploader.cpp b/lib/Plugins/TicketUploader.cpp index 3fb7bcd..608ee40 100644 --- a/lib/Plugins/TicketUploader.cpp +++ b/lib/Plugins/TicketUploader.cpp @@ -396,19 +396,18 @@ void CTicketUploader::SetSettings(const map_plugin_settings_t& pSettings) } } -//ok to delete? -//const map_plugin_settings_t& CTicketUploader::GetSettings() -//{ -// m_pSettings["Customer"] = m_sCustomer; -// m_pSettings["Ticket"] = m_sTicket; -// m_pSettings["URL"] = m_sURL; -// m_pSettings["Encrypt"] = m_bEncrypt ? "yes" : "no"; -// m_pSettings["Upload"] = m_bEncrypt ? "yes" : "no"; -// m_pSettings["RetryCount"] = to_string(m_nRetryCount); -// m_pSettings["RetryDelay"] = to_string(m_nRetryDelay); -// -// return m_pSettings; -//} +const map_plugin_settings_t& CTicketUploader::GetSettings() +{ + m_pSettings["Customer"] = m_sCustomer; + m_pSettings["Ticket"] = m_sTicket; + m_pSettings["URL"] = m_sURL; + m_pSettings["Encrypt"] = m_bEncrypt ? "yes" : "no"; + m_pSettings["Upload"] = m_bEncrypt ? "yes" : "no"; + m_pSettings["RetryCount"] = to_string(m_nRetryCount); + m_pSettings["RetryDelay"] = to_string(m_nRetryDelay); + + return m_pSettings; +} PLUGIN_INFO(REPORTER, CTicketUploader, -- cgit