Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

sles 15.2
access weakness #30

1

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

Ensure that umask is given most restrictive possible setting.

File Name:

libinput-1.10.5/test/test-path.c

Context:

The highlighted line of code below is the trigger point of this particular Sles 15.2 access weakness.

 	ck_assert(li != NULL);

	litest_disable_log_handler(li);

	device = libinput_path_add_device(li, path);
	ck_assert(device == NULL);

	ck_assert_int_eq(counter.open_func_count, 1);
	ck_assert_int_eq(counter.close_func_count, 1);

	litest_restore_log_handler(li);
	libinput_unref(li);
	ck_assert_int_eq(counter.close_func_count, 1);
}
END_TEST

START_TEST(path_create_invalid_file)
{
	struct libinput *li;
	struct libinput_device *device;
	char path[] = "/tmp/litest_path_XXXXXX";
	int fd;
	struct counter counter;

	umask(002);
	fd = mkstemp(path);
	ck_assert_int_ge(fd, 0);
	close(fd);

	counter.open_func_count = 0;
	counter.close_func_count = 0;

	li = libinput_path_create_context(&counting_interface, &counter);
	unlink(path);

	litest_disable_log_handler(li);

	ck_assert(li != NULL);
	device = libinput_path_add_device(li, path);
	ck_assert(device == NULL);

	ck_assert_int_eq(counter.open_func_count, 0);
	ck_assert_int_eq(counter.close_func_count, 0);

	litest_restore_log_handler(li);
	libinput_unref(li);
	ck_assert_int_eq(counter.close_func_count, 0);
}
END_TEST
 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.