From 05e5b4254ea8853775c7514d8c575432f82219a1 Mon Sep 17 00:00:00 2001
From: Matthieu Herrb <matthieu@cvs.openbsd.org>
Date: Tue, 18 Oct 2011 14:58:37 +0000
Subject: Fix CVE-2011-4028: File disclosure vulnerability. use O_NOFOLLOW to
 open the existing lock file, so symbolic links aren't followed, thus avoid
 revealing if it point to an existing file.

Note that xserver on OpenBSD isn't affected by CVE-2011-4029.
---
 xserver/os/utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'xserver')

diff --git a/xserver/os/utils.c b/xserver/os/utils.c
index f45f9b4a4..c22828521 100644
--- a/xserver/os/utils.c
+++ b/xserver/os/utils.c
@@ -337,7 +337,7 @@ LockServer(void)
       /*
        * Read the pid from the existing file
        */
-      lfd = open(LockFile, O_RDONLY);
+      lfd = open(LockFile, O_RDONLY|O_NOFOLLOW);
       if (lfd < 0) {
         unlink(tmp);
         FatalError("Can't read lock file %s\n", LockFile);
-- 
cgit v1.2.3