diff -ur tecnoballz-0.91.orig/include/ressources.h tecnoballz-0.91/include/ressources.h --- tecnoballz-0.91.orig/include/ressources.h 2005-03-01 15:15:08.000000000 +0100 +++ tecnoballz-0.91/include/ressources.h 2007-04-01 11:24:58.000000000 +0200 @@ -36,7 +36,6 @@ static const char* folderdata; static const char* folder_320; static const char* folder_640; - static char* fnamescore; static char stringtemp[512]; static char pathstring[512]; static char ze_mapfile[]; @@ -71,6 +70,8 @@ static const Sint16* zesinus360; static const Uint32 tabledegas[180]; + static char * const fnamescore; + static int score_fhand; private: Uint32 zeLastSize; //size last file charged in memory diff -ur tecnoballz-0.91.orig/src/main.cc tecnoballz-0.91/src/main.cc --- tecnoballz-0.91.orig/src/main.cc 2005-03-01 15:15:08.000000000 +0100 +++ tecnoballz-0.91/src/main.cc 2007-04-01 11:24:58.000000000 +0200 @@ -20,6 +20,9 @@ // this program; if not, write to the Free Software Foundation, Inc., 59 Temple // Place - Suite 330, Boston, MA 02111-1307, USA. //----------------------------------------------------------------------------- +#define _GNU_SOURCE /* this must be done before the first include of unistd.h */ +#include +#include "../include/ressources.h" #include "../include/mentatCode.h" #include "../include/ecran_hard.h" #include "../include/audiomixer.h" @@ -32,25 +35,42 @@ //------------------------------------------------------------------------------ int main(Sint32 nbArg, char **ptArg) { + gid_t realgid; + Sint32 error = 0; + + ressources::score_fhand = open(ressources::fnamescore, O_RDWR); + + /* Figure out who we really are. */ + realgid = getgid(); + + /* This is where we drop our setuid/setgid privileges. */ + if (setresgid(-1, realgid, realgid) != 0) { + perror("Could not drop setgid privileges. Aborting."); + exit(1); + } + oConfigure.loadconfig(); if(!oConfigure.scanZeArgs(nbArg, ptArg)) - return 0; + goto main_exit; if(mentatCode::is_verbose) { printf("===========================================================\n"); printf(" TECNOBALLZ START\n"); printf("===========================================================\n"); } - Sint32 error = 0; error = mentatCode::first_init(&oConfigure); - if(error) return error; + if(error) goto main_exit; error = mentatCode::game_begin(); - if(error) return error; + if(error) goto main_exit; if(mentatCode::is_verbose) printf("===========================================================\n"); error = mentatCode::desinstall(&oConfigure); - if(error) return error; + if(error) goto main_exit; if(mentatCode::is_verbose) printf("END =======================================================\n"); oConfigure.saveconfig(); + +main_exit: + if (ressources::score_fhand != -1) + close(ressources::score_fhand); return error; } diff -ur tecnoballz-0.91.orig/src/ressources.cc tecnoballz-0.91/src/ressources.cc --- tecnoballz-0.91.orig/src/ressources.cc 2007-04-01 10:37:24.000000000 +0200 +++ tecnoballz-0.91/src/ressources.cc 2007-04-01 11:25:26.000000000 +0200 @@ -31,7 +31,8 @@ //............................................................................... -char* ressources::fnamescore = "/var/lib/games/tecnoballz.hi"; +char * const ressources::fnamescore = VARDIR "/tecnoballz.hi"; +int ressources::score_fhand = -1; const char* ressources::folderlist[] = { "/", // Normally unused, except when running from the source directory... DATADIR, @@ -508,7 +509,51 @@ //------------------------------------------------------------------------------ char* ressources::loadScores() { - return loadZeFile(fnamescore, &zeLastSize); + if (score_fhand == -1) + return 0; + + //################################################################### + // read the size of the file + //################################################################### + struct stat sStat; + if(fstat(score_fhand, &sStat)) + { fprintf(stderr, + "ressources::loadZeFile() : can't stat file : %s (%s)\n\n", + fnamescore, strerror(errno)); + return 0; + } + zeLastSize = sStat.st_size; //save file size + + //################################################################### + // allocate memory + //################################################################### + char *ptMem = (char *)(memGestion->reserveMem(sStat.st_size, + 0x31313131)); + num_erreur = memGestion->retour_err(); + if(num_erreur) + { fprintf(stderr, "ressources::loadZeFile() %s : out of memory\n\n", + fnamescore); + return 0; + } + + //################################################################### + // read the file + //################################################################### + if(lseek(score_fhand, 0, SEEK_SET) != 0) + { //menGestion->liberation(ptMem); + fprintf(stderr, "ressources::loadZeFile() can't rewind file %s (%s)\n\n", + fnamescore, strerror(errno)); + return 0; + } + + if(read(score_fhand, ptMem, sStat.st_size) != sStat.st_size) + { //menGestion->liberation(ptMem); + fprintf(stderr, "ressources::loadZeFile() can't read file %s (%s)\n\n", + fnamescore, strerror(errno)); + return 0; + } + + return ptMem; } //------------------------------------------------------------------------------ @@ -516,23 +561,17 @@ //------------------------------------------------------------------------------ Sint32 ressources::saveScores(char *ptScr, Uint32 fsize) { -#ifdef WIN32 - _umask(0002); //set umask so that files are group-writable -#else - umask(0002); -#endif - Sint32 fhand = open(fnamescore , O_WRONLY | O_CREAT, 00666); - if(fhand == -1) - { fprintf(stderr, "ressources::saveScores(): file:%s / error:%s\n", - fnamescore, strerror(errno)); + if(score_fhand == -1) + return 0; + + if(lseek(score_fhand, 0, SEEK_SET) != 0) + { //menGestion->liberation(ptMem); + fprintf(stderr, "ressources::loadZeFile() can't rewind file %s (%s)\n\n", + fnamescore, strerror(errno)); return 0; } -#ifdef WIN32 - _write(fhand, ptScr, fsize); -#else - write(fhand, ptScr, fsize); -#endif - if(close(fhand) == -1) + + if(write(score_fhand, ptScr, fsize) != fsize) { fprintf(stderr, "ressources::saveScores(): file:%s / error:%s\n", fnamescore, strerror(errno)); return 0; Only in tecnoballz-0.91/src: ressources.cc~