[PD-dev] [ pure-data-Patches-2206796 ] fixes intrepid build

Sun Jan 11 03:03:14 CET 2009

Patches item #2206796, was opened at 2008-10-29 04:05
Message generated for change (Comment added) made by eighthave
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=478072&aid=2206796&group_id=55736

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: pd-extended
Group: bugfix
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: megalegoland (megalegoland)
Assigned to: Hans-Christoph Steiner (eighthave)
Summary: fixes intrepid build

Initial Comment:
 open() needs three arguments since intrepid uses /usr/include/bits/fcntl2.h

 There are two solutions, and I think we have to keep in mind that it is a security issue.

 with using -U_FORTIFY_SOURCE any user can acces to raw, AFAIU, while  using fcntl2.h and modyfying open() function in pdp_rawout.c in intrepid build only allow users and groups

attached is a simple fix with first solution

----------------------------------------------------------------------

>Comment By: Hans-Christoph Steiner (eighthave)
Date: 2009-01-10 21:03

Message:
I think this little change fixes it in the end:

-	if (-1 == (pipefd = open(x->x_pipe->s_name, O_WRONLY|O_CREAT))){
+      if (-1 == (pipefd = open(x->x_pipe->s_name, O_WRONLY|O_CREAT,
0600))){

The problem was that previous version of gcc allowed you to only specify 2
of the 3 arguments, with gcc 4.3, it doesn't let you be that sloppy
anymore.  So I just added the permissions in the form of '0600', which in
the end has the same affect as the patch here.

http://pure-data.svn.sourceforge.net/viewvc/pure-data?view=rev&revision=10510

----------------------------------------------------------------------

Comment By: megalegoland (megalegoland)
Date: 2008-10-30 01:32

Message:
For applying the second solution without breaking compatibility, I think
the patch should be applied only if the build system is on Ubuntu >= 8.10,
but AFAICS the pure-data/tags/pd-extended/0.40.3/packages/Makefile apply
all patches in pure-data/tags/pd-extended/0.40.3/packages/patches directory
on any platform.

It's only an OSX/Linux issue since pdp is only for those platforms, and
maybe in a near future fcntl2.h will replace fcntl.h in both platforms, for
renforcing security? I've no clue about how it is happening on OSX...

----------------------------------------------------------------------

Comment By: Hans-Christoph Steiner (eighthave)
Date: 2008-10-30 00:20

Message:
Cool, it's a start.  But in order to include a fix for this, we'll need to
find a solution that works on all of the platforms.

----------------------------------------------------------------------

Comment By: megalegoland (megalegoland)
Date: 2008-10-29 04:08

Message:
This attached fixes pdp sources files, but breaks compatibility with other
distributions and ubuntu releases

I hope you can do something with it
File Added: fixes-intrepid-build-.patch

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=478072&aid=2206796&group_id=55736