Strip s-bits on upgrade too (RhBug:598775)

- Previously only actual package removal would clear s-bits from
  s[ug]id files. This needs to be done on upgrade too to prevent
  leaving vulnerable hardlinks of s[ug]id binaries around.

1 files changed, 14 insertions, 5 deletions

diff --git a/lib/fsm.c b/lib/fsm.c
index f926c999c..a4458eeb3 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -1261,6 +1261,16 @@ static int fsmMkdirs(FSM_t fsm)
     return rc;
 }
 
+static void removeSBITS(const char *path)
+{
+    struct stat stb;
+    if (lstat(path, &stb) == 0) {
+	if (S_ISREG(stb.st_mode) && (stb.st_mode & 06000) != 0) {
+	    (void) chmod(path, stb.st_mode & 0777);
+	}
+    }
+}
+
 #define	IS_DEV_LOG(_x)	\
 	((_x) != NULL && strlen(_x) >= (sizeof("/dev/log")-1) && \
 	rstreqn((_x), "/dev/log", sizeof("/dev/log")-1) && \
@@ -1956,11 +1966,8 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break;
 	break;
 
     case FSM_UNLINK:
-	if (fsm->mapFlags & CPIO_SBIT_CHECK) {
-	    struct stat stb;
-	    if (lstat(fsm->path, &stb) == 0 && S_ISREG(stb.st_mode) && (stb.st_mode & 06000) != 0)
-		chmod(fsm->path, stb.st_mode & 0777);
-	}
+	if (fsm->mapFlags & CPIO_SBIT_CHECK)
+	    removeSBITS(fsm->path);
 	rc = unlink(fsm->path);
 	if (_fsm_debug && (stage & FSM_SYSCALL))
 	    rpmlog(RPMLOG_DEBUG, " %8s (%s) %s\n", cur,
@@ -1969,6 +1976,8 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break;
 	    rc = (errno == ENOENT ? CPIOERR_ENOENT : CPIOERR_UNLINK_FAILED);
 	break;
     case FSM_RENAME:
+	if (fsm->mapFlags & CPIO_SBIT_CHECK)
+	    removeSBITS(fsm->path);
 	rc = rename(fsm->opath, fsm->path);
 #if defined(ETXTBSY) && defined(__HPUX__)
 	if (rc && errno == ETXTBSY) {