From 175d10804282b197df7b2807407ee39bff63d2b1 Mon Sep 17 00:00:00 2001
From: radek <radek@pld-linux.org>
Date: Sat, 19 Feb 2005 10:18:48 +0000
Subject: [PATCH] - major sperl (suidperl) vulnerability, CAN-2005-0155

Changed files:
    perl_586-sperl-CAN-2005-0155.patch -> 1.1
---
 perl_586-sperl-CAN-2005-0155.patch | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 perl_586-sperl-CAN-2005-0155.patch

diff --git a/perl_586-sperl-CAN-2005-0155.patch b/perl_586-sperl-CAN-2005-0155.patch
new file mode 100644
index 0000000..8b8b49b
--- /dev/null
+++ b/perl_586-sperl-CAN-2005-0155.patch
@@ -0,0 +1,22 @@
+Index: perlio.c
+===================================================================
+--- perlio.c	(revision 4342)
++++ perlio.c	(revision 4346)
+@@ -454,7 +454,7 @@
+     va_list ap;
+     dSYS;
+     va_start(ap, fmt);
+-    if (!dbg) {
++    if (!dbg && !PL_tainting && PL_uid == PL_euid && PL_gid == PL_egid) {
+ 	char *s = PerlEnv_getenv("PERLIO_DEBUG");
+ 	if (s && *s)
+ 	    dbg = PerlLIO_open3(s, O_WRONLY | O_CREAT | O_APPEND, 0666);
+@@ -471,7 +471,7 @@
+ 	s = CopFILE(PL_curcop);
+ 	if (!s)
+ 	    s = "(none)";
+-	sprintf(buffer, "%s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
++	sprintf(buffer, "%.40s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
+ 	len = strlen(buffer);
+ 	vsprintf(buffer+len, fmt, ap);
+ 	PerlLIO_write(dbg, buffer, strlen(buffer));
-- 
2.44.0