Patch CVE-2023-43782: Use of Fixed Temporary File Path in /tmp/.cadence-aloop-daemon.x
Apply SuSE fix for CVE-2023-43782 (by Matthias Gerstner) 0001-cadence_aloop_daemon-place-lockfile-into-non-public-.patch https://bugzilla.suse.com/show_bug.cgi?id=1213983
This commit is contained in:
parent
556859c0af
commit
5099c9152b
|
@ -38,6 +38,7 @@ import ui_cadence_tb_alsa
|
|||
import ui_cadence_tb_a2j
|
||||
import ui_cadence_tb_pa
|
||||
import ui_cadence_rwait
|
||||
from shared import getDaemonLockfile
|
||||
from shared_cadence import *
|
||||
from shared_canvasjack import *
|
||||
from shared_settings import *
|
||||
|
@ -1710,7 +1711,7 @@ class CadenceMainW(QMainWindow, ui_cadence.Ui_CadenceMainW):
|
|||
|
||||
@pyqtSlot()
|
||||
def slot_AlsaBridgeStop(self):
|
||||
checkFile = "/tmp/.cadence-aloop-daemon.x"
|
||||
checkFile = self.getDaemonLockfile("cadence-aloop-daemon")
|
||||
if os.path.exists(checkFile):
|
||||
os.remove(checkFile)
|
||||
|
||||
|
|
|
@ -33,6 +33,7 @@ else:
|
|||
# Imports (Custom Stuff)
|
||||
|
||||
import jacklib
|
||||
from shared import getDaemonLockfile
|
||||
|
||||
# --------------------------------------------------
|
||||
# Auto re-activate if on good kernel
|
||||
|
@ -50,7 +51,7 @@ doRunNow = True
|
|||
useZita = False
|
||||
procIn = QProcess()
|
||||
procOut = QProcess()
|
||||
checkFile = "/tmp/.cadence-aloop-daemon.x"
|
||||
checkFile = getDaemonLockfile("cadence-aloop-daemon")
|
||||
|
||||
# --------------------------------------------------
|
||||
# Global JACK variables
|
||||
|
@ -161,7 +162,7 @@ if __name__ == '__main__':
|
|||
client = jacklib.client_open("cadence-aloop-daemon", jacklib.JackUseExactName, None)
|
||||
|
||||
if not client:
|
||||
print("cadence-aloop-daemon is already running, delete \"/tmp/.cadence-aloop-daemon.x\" to close it")
|
||||
print("cadence-aloop-daemon is already running, delete \"{}\" to close it".format(checkFile))
|
||||
quit()
|
||||
|
||||
if jacklib.JACK2:
|
||||
|
|
|
@ -312,3 +312,11 @@ def setIcons(self_, modes):
|
|||
if "misc" in modes:
|
||||
gGui.ui.act_quit.setIcon(getIcon("application-exit"))
|
||||
gGui.ui.act_configure.setIcon(getIcon("configure"))
|
||||
|
||||
def getDaemonLockfile(base):
|
||||
lockdir = os.environ.get("XDG_RUNTIME_DIR", None)
|
||||
if not lockdir:
|
||||
lockdir = os.path.expanduser("~")
|
||||
|
||||
return os.path.join(lockdir, "{}-lock".format(base))
|
||||
|
||||
|
|
Loading…
Reference in New Issue