[DCOM-293] Fix security misconfiguration vulnerability allowing local remote arbitrary code execution.

beberlei · beberlei · commit caf30b889bb8 · 2015-08-31T15:18:15.000+02:00
diff --git a/lib/Doctrine/ORM/Tools/Console/Command/ConvertMappingCommand.php b/lib/Doctrine/ORM/Tools/Console/Command/ConvertMappingCommand.php
@@ -137,7 +137,7 @@ protected function execute(InputInterface $input, OutputInterface $output)
 
         // Process destination directory
         if ( ! is_dir($destPath = $input->getArgument('dest-path'))) {
-            mkdir($destPath, 0777, true);
+            mkdir($destPath, 0775, true);
         }
         $destPath = realpath($destPath);
 
diff --git a/lib/Doctrine/ORM/Tools/Console/Command/GenerateProxiesCommand.php b/lib/Doctrine/ORM/Tools/Console/Command/GenerateProxiesCommand.php
@@ -79,7 +79,7 @@ protected function execute(InputInterface $input, OutputInterface $output)
         }
 
         if ( ! is_dir($destPath)) {
-            mkdir($destPath, 0777, true);
+            mkdir($destPath, 0775, true);
         }
 
         $destPath = realpath($destPath);
diff --git a/lib/Doctrine/ORM/Tools/EntityGenerator.php b/lib/Doctrine/ORM/Tools/EntityGenerator.php
@@ -340,7 +340,7 @@ public function writeEntityClass(ClassMetadataInfo $metadata, $outputDirectory)
         $dir = dirname($path);
 
         if ( ! is_dir($dir)) {
-            mkdir($dir, 0777, true);
+            mkdir($dir, 0775, true);
         }
 
         $this->isNew = !file_exists($path) || (file_exists($path) && $this->regenerateEntityIfExists);
@@ -365,6 +365,7 @@ public function writeEntityClass(ClassMetadataInfo $metadata, $outputDirectory)
         } elseif ( ! $this->isNew && $this->updateEntityIfExists) {
             file_put_contents($path, $this->generateUpdatedEntityClass($metadata, $path));
         }
+        chmod($path, 0664);
     }
 
     /**
diff --git a/lib/Doctrine/ORM/Tools/EntityRepositoryGenerator.php b/lib/Doctrine/ORM/Tools/EntityRepositoryGenerator.php
@@ -96,11 +96,12 @@ public function writeEntityRepositoryClass($fullClassName, $outputDirectory)
         $dir = dirname($path);
 
         if ( ! is_dir($dir)) {
-            mkdir($dir, 0777, true);
+            mkdir($dir, 0775, true);
         }
 
         if ( ! file_exists($path)) {
             file_put_contents($path, $code);
+            chmod($path, 0664);
         }
     }
 }
diff --git a/lib/Doctrine/ORM/Tools/Export/Driver/AbstractExporter.php b/lib/Doctrine/ORM/Tools/Export/Driver/AbstractExporter.php
@@ -130,7 +130,7 @@ public function setOutputDir($dir)
     public function export()
     {
         if ( ! is_dir($this->_outputDir)) {
-            mkdir($this->_outputDir, 0777, true);
+            mkdir($this->_outputDir, 0775, true);
         }
 
         foreach ($this->_metadata as $metadata) {
@@ -139,12 +139,13 @@ public function export()
                 $path = $this->_generateOutputPath($metadata);
                 $dir = dirname($path);
                 if ( ! is_dir($dir)) {
-                    mkdir($dir, 0777, true);
+                    mkdir($dir, 0775, true);
                 }
                 if (file_exists($path) && !$this->_overwriteExistingFiles) {
                     throw ExportException::attemptOverwriteExistingFile($path);
                 }
                 file_put_contents($path, $output);
+                chmod($path, 0664);
             }
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -137,7 +137,7 @@ protected function execute(InputInterface $input, OutputInterface $output)`
`137`	`137`
`138`	`138`	`// Process destination directory`
`139`	`139`	`if ( ! is_dir($destPath = $input->getArgument('dest-path'))) {`
`140`		`- mkdir($destPath, 0777, true);`
	`140`	`+ mkdir($destPath, 0775, true);`
`141`	`141`	`}`
`142`	`142`	`$destPath = realpath($destPath);`
`143`	`143`
Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,7 @@ protected function execute(InputInterface $input, OutputInterface $output)`
`79`	`79`	`}`
`80`	`80`
`81`	`81`	`if ( ! is_dir($destPath)) {`
`82`		`- mkdir($destPath, 0777, true);`
	`82`	`+ mkdir($destPath, 0775, true);`
`83`	`83`	`}`
`84`	`84`
`85`	`85`	`$destPath = realpath($destPath);`
Original file line number	Diff line number	Diff line change
`@@ -340,7 +340,7 @@ public function writeEntityClass(ClassMetadataInfo $metadata, $outputDirectory)`
`340`	`340`	`$dir = dirname($path);`
`341`	`341`
`342`	`342`	`if ( ! is_dir($dir)) {`
`343`		`- mkdir($dir, 0777, true);`
	`343`	`+ mkdir($dir, 0775, true);`
`344`	`344`	`}`
`345`	`345`
`346`	`346`	`$this->isNew = !file_exists($path) \|\| (file_exists($path) && $this->regenerateEntityIfExists);`
`@@ -365,6 +365,7 @@ public function writeEntityClass(ClassMetadataInfo $metadata, $outputDirectory)`
`365`	`365`	`} elseif ( ! $this->isNew && $this->updateEntityIfExists) {`
`366`	`366`	`file_put_contents($path, $this->generateUpdatedEntityClass($metadata, $path));`
`367`	`367`	`}`
	`368`	`+ chmod($path, 0664);`
`368`	`369`	`}`
`369`	`370`
`370`	`371`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -96,11 +96,12 @@ public function writeEntityRepositoryClass($fullClassName, $outputDirectory)`
`96`	`96`	`$dir = dirname($path);`
`97`	`97`
`98`	`98`	`if ( ! is_dir($dir)) {`
`99`		`- mkdir($dir, 0777, true);`
	`99`	`+ mkdir($dir, 0775, true);`
`100`	`100`	`}`
`101`	`101`
`102`	`102`	`if ( ! file_exists($path)) {`
`103`	`103`	`file_put_contents($path, $code);`
	`104`	`+ chmod($path, 0664);`
`104`	`105`	`}`
`105`	`106`	`}`
`106`	`107`	`}`
Original file line number	Diff line number	Diff line change
`@@ -130,7 +130,7 @@ public function setOutputDir($dir)`
`130`	`130`	`public function export()`
`131`	`131`	`{`
`132`	`132`	`if ( ! is_dir($this->_outputDir)) {`
`133`		`- mkdir($this->_outputDir, 0777, true);`
	`133`	`+ mkdir($this->_outputDir, 0775, true);`
`134`	`134`	`}`
`135`	`135`
`136`	`136`	`foreach ($this->_metadata as $metadata) {`
`@@ -139,12 +139,13 @@ public function export()`
`139`	`139`	`$path = $this->_generateOutputPath($metadata);`
`140`	`140`	`$dir = dirname($path);`
`141`	`141`	`if ( ! is_dir($dir)) {`
`142`		`- mkdir($dir, 0777, true);`
	`142`	`+ mkdir($dir, 0775, true);`
`143`	`143`	`}`
`144`	`144`	`if (file_exists($path) && !$this->_overwriteExistingFiles) {`
`145`	`145`	`throw ExportException::attemptOverwriteExistingFile($path);`
`146`	`146`	`}`
`147`	`147`	`file_put_contents($path, $output);`
	`148`	`+ chmod($path, 0664);`
`148`	`149`	`}`
`149`	`150`	`}`
`150`	`151`	`}`