CVE-2022-31214: fixing the fix, one more time

the previous commit "CVE-2022-31214: fixing the fix" made private-etc=fonts,fonts and similar commands fail with an error fix that regression by tolerating already existing directories
author: smitsohu <smitsohu@gmail.com> 2022-06-08 15:42:35 +0200
committer: smitsohu <smitsohu@gmail.com> 2022-06-08 15:42:35 +0200
commit: 1884ea22a90d225950d81c804f1771b42ae55f54 (patch)
tree: a8443ae52a480850d13a60e0a190d0d2a995d4e2 /src
parent: CVE-2022-31214: fixing the fix (diff)
download: firejail-1884ea22a90d225950d81c804f1771b42ae55f54.tar.gz
firejail-1884ea22a90d225950d81c804f1771b42ae55f54.tar.zst
firejail-1884ea22a90d225950d81c804f1771b42ae55f54.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c
index e87d3b726..77fa00d6b 100644
--- a/src/firejail/fs_etc.c
+++ b/src/firejail/fs_etc.c
@@ -104,7 +104,10 @@ static void build_dirs(char *src, char *dst, size_t src_prefix_len, size_t dst_p
                                *q = '\0';
                                *r = '/';
                                r = q;
-                                mkdir_attr(dst, s.st_mode, 0, 0);
+                                if (mkdir(dst, 0700) != 0 && errno != EEXIST)
+                                        errExit("mkdir");
+                                if (chmod(dst, s.st_mode) != 0)
+                                        errExit("chmod");
                        }
                        if (!last) {
                                // If we're not at the final terminating null, restore
author	smitsohu <smitsohu@gmail.com>	2022-06-08 15:42:35 +0200
committer	smitsohu <smitsohu@gmail.com>	2022-06-08 15:42:35 +0200
commit	1884ea22a90d225950d81c804f1771b42ae55f54 (patch)
tree	a8443ae52a480850d13a60e0a190d0d2a995d4e2 /src
parent	CVE-2022-31214: fixing the fix (diff)
download	firejail-1884ea22a90d225950d81c804f1771b42ae55f54.tar.gz firejail-1884ea22a90d225950d81c804f1771b42ae55f54.tar.zst firejail-1884ea22a90d225950d81c804f1771b42ae55f54.zip