X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/187b88d8d90ee10b2e2e14ba762be2fdd9fce744..79789e9c60f3319b478af4671e683ce5c97c25a7:/apt-pkg/contrib/fileutl.cc

diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index 2b7e25080..4240d9f49 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -138,7 +138,9 @@ bool CopyFile(FileFd &From,FileFd &To)
    close at some time. */
 int GetLock(string File,bool Errors)
 {
-   int FD = open(File.c_str(),O_RDWR | O_CREAT | O_TRUNC,0640);
+   // GetLock() is used in aptitude on directories with public-write access
+   // Use O_NOFOLLOW here to prevent symlink traversal attacks
+   int FD = open(File.c_str(),O_RDWR | O_CREAT | O_NOFOLLOW,0640);
    if (FD < 0)
    {
       // Read only .. cant have locking problems there.
@@ -448,8 +450,13 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap)
    {
       if (Reap == true)
 	 return false;
-      if (WIFSIGNALED(Status) != 0 && WTERMSIG(Status) == SIGSEGV)
-	 return _error->Error(_("Sub-process %s received a segmentation fault."),Name);
+      if (WIFSIGNALED(Status) != 0)
+      {
+	 if( WTERMSIG(Status) == SIGSEGV)
+	    return _error->Error(_("Sub-process %s received a segmentation fault."),Name);
+	 else 
+	    return _error->Error(_("Sub-process %s received signal %u."),Name, WTERMSIG(Status));
+      }
 
       if (WIFEXITED(Status) != 0)
 	 return _error->Error(_("Sub-process %s returned an error code (%u)"),Name,WEXITSTATUS(Status));