Need vi modeline patch...

Lenny Tropiano lenny at icus.islp.ny.us
Fri Apr 14 10:14:33 AEST 1989 

In article <506 at flatline.UUCP> erict at flatline.UUCP (J. Eric Townsend) writes:
|>
|>
|>If you know where I can ftp it, that'd be fine, reposting it
|>to unix-pc.sources might not be a bad idea, or just emailing it
|>would do.. (I forsee followups of "me too".)
|>

Since this is small, and knowing that lots of people miss things the first
time it comes through, I decided to repost this for Gil.  Gil Kloepfer, Jr.
(gil at limbic) developed this ditty that will binary patch "vi" to disable
the very bad security flaw of the vi-modelines "feature" ... At least AT&T
calls it a feature.

-- cut here for the original posting information --

This patch disables the "modelines" option in the UNIX-pc version of vi.  
The option allows people to mail/post/give files which will execute shell 
commands if edited...and could cause havoc if abused.  Most people never 
use the option, so disabling it is a viable alternative (to bugging AT&T 
to death).

--
Gil Kloepfer, Jr.          U-Net: {decuac,boulder,talcott,sbcs}!icus!limbic!gil
ICUS Software Systems      Voice: (516) 968-6860 [H]   (516) 746-2350 x219 [W]
P.O. Box 1                 Internet:  gil at icus.islp.ny.us
Islip Terrace, NY  11752   "Life's a ...  well, you know..."

#! /bin/sh
# This is a shell archive.  Remove anything before this line, then unpack
# it by saving it into a file and typing "sh file".  To overwrite existing
# files, type "sh file -c".  You can also feed this as standard input via
# unshar, or by typing "sh <file", e.g..  If this archive is complete, you
# will see the following message at the end:
#		"End of shell archive."
# Contents:  Makefile README modetest vifix.c
# Wrapped by gil at limbic on Mon Nov 28 20:45:58 1988
PATH=/bin:/usr/bin:/usr/ucb ; export PATH
if test -f Makefile -a "${1}" != "-c" ; then 
  echo shar: Will not over-write existing file \"Makefile\"
else
echo shar: Extracting \"Makefile\" \(399 characters\)
sed "s/^X//" >Makefile <<'END_OF_Makefile'
X#
X# Makefile to compile vifix.c  (vi modeline elimination)
X# (c)1988 ICUS Software Systems     UUCP:  ...icus!software
X#
XCFLAGS=-v -O
XLDFLAGS=-s
XLIBS=/lib/crt0s.o /lib/shlib.ifile
X#
Xvifix:  vifix.o
X	@echo "Loading ..."
X	$(LD) $(LDFLAGS) -o vifix vifix.o $(LIBS) 
X	@echo "Copying /usr/bin/vi to current directory ..."
X	@cp /usr/bin/vi .
X	@vifix
X	@echo "Save old version, and copy \"vi\" to /usr/bin"
END_OF_Makefile
if test 399 -ne `wc -c <Makefile`; then
    echo shar: \"Makefile\" unpacked with wrong size!
fi
# end of overwriting check
fi
if test -f README -a "${1}" != "-c" ; then 
  echo shar: Will not over-write existing file \"README\"
else
echo shar: Extracting \"README\" \(1465 characters\)
sed "s/^X//" >README <<'END_OF_README'
Xvi/ex modeline feature disable patch ... Gil Kloepfer, ICUS Software Systems
X----------------------------------------------------------------------------
X
XThis program and its Makefile are used to disable the modeline feature in
Xvi/ex which can inadvertantly allow malicious users to send "infected" files
Xto privileged users and disrupt system activities.
X
XThe patch is applied by executing the makefile ($ make).  The makefile will
Xcompile the patch program, copy the vi editor executable file into your
Xcurrent directory and apply the patch to this copy.  You should then make
Xa copy of the original vi editor, and copy the new one over the old one.
X
X		# make
X		# cp /usr/bin/vi /usr/bin/vi.OLD
X		# cp ./vi /usr/bin/vi
X
XThanks to Lenny Tropiano for the makefile.  Those who feel more comfortable
Xapplying the patch without any makefiles, the procedure is as follows:
X
X		# cc -v -o vifix vifix.c
X		# cd /usr/bin
X		# cp vi vi.OLD
X		# whatever-path/vifix
X
XThe vifix program will inform you if the version of vi you are fixing is
Xsupported by the patch program.  Note that this message will also appear if
Xthe patch is already applied.
X
XYou can check to see if the patch really worked by editing the file
X"modetest" with this shell archive with vi.  If a bannered word prints
Xout at all, the patch did not successfully take effect.
X
XAny further questions about the patch can be directed to Gil Kloepfer
Xat ...icus!limbic!gil, gil at limbic.UUCP, or gil at icus.islp.ny.us
END_OF_README
if test 1465 -ne `wc -c <README`; then
    echo shar: \"README\" unpacked with wrong size!
fi
# end of overwriting check
fi
if test -f modetest -a "${1}" != "-c" ; then 
  echo shar: Will not over-write existing file \"modetest\"
else
echo shar: Extracting \"modetest\" \(71 characters\)
sed "s/^X//" >modetest <<'END_OF_modetest'
Xex:!banner "this":
Xei:!banner "is":
Xvx:!banner "a":
Xvi:!banner "test":
END_OF_modetest
if test 71 -ne `wc -c <modetest`; then
    echo shar: \"modetest\" unpacked with wrong size!
fi
# end of overwriting check
fi
if test -f vifix.c -a "${1}" != "-c" ; then 
  echo shar: Will not over-write existing file \"vifix.c\"
else
echo shar: Extracting \"vifix.c\" \(1745 characters\)
sed "s/^X//" >vifix.c <<'END_OF_vifix.c'
X/*
X * vifix.c
X *
X * Program to patch UNIX-pc (3B1) "vi" editor so that the modeline
X * function is disabled.
X *
X * By Gil Kloepfer, Jr., Lenny Tropiano  ICUS Software Systems   11/26/1988
X * Permission granted to redistribute without profit in the public domain
X * only.  This header must remain in-tact as is.  This program carries
X * no warranties, express or implied, and all consequences resulting from
X * the application of this patch are the sole responsibility of the user.
X *
X * Patch transforms the following byte pattern in vi -- this comment here
X * so that this program could be adapted to a newer version of vi:
X *
X * From:
X *     377 374 112 200 147 000 000 174 040
X * To:
X *     377 374 116 161 140 000 000 174 040
X *
X * This effectively skips over the modeline checking code in the editor.
X */
X
X#define	NONCRYPT	26202L
X#define	CRYPT		26434L
X
X#include <fcntl.h>
X
Xmain()
X{
X	char	buffer[3];
X	int	fd;
X
X	if ((fd=open("vi",O_RDWR)) < 0) {
X		perror("open");
X		exit(1);
X	}
X
X	lseek(fd,NONCRYPT,0);		/* check for ENHANCED EDITOR version */
X	if (read(fd,buffer,3) != 3) {
X		perror("read");
X		exit(1);
X	}
X
X	if ((int)buffer[0] != 0112 &&
X	    (int)buffer[1] != 0200 &&
X	    (int)buffer[2] != 0147) {
X		lseek(fd,CRYPT,0);	/* check for ENCRYPTION SET version */
X		if (read(fd,buffer,3) != 3) {
X			perror("read");
X			exit(1);
X		}
X		if ((int)buffer[0] != 0112 &&
X	            (int)buffer[1] != 0200 &&
X	            (int)buffer[2] != 0147) {
X			printf("Version of vi not valid for this patch.\n");
X			exit(1);
X		}
X	}
X
X	lseek(fd,-3L,1);		/* back up pointer 3 bytes */
X	buffer[0]=(char)0116;
X	buffer[1]=(char)0161;
X	buffer[2]=(char)0140;
X	write(fd,buffer,3);
X
X	close(fd);
X	printf("vi modeline elimination patch successfully applied\n");
X	exit(0);
X}
END_OF_vifix.c
if test 1745 -ne `wc -c <vifix.c`; then
    echo shar: \"vifix.c\" unpacked with wrong size!
fi
# end of overwriting check
fi
echo shar: End of shell archive.
exit 0

-- 
Lenny Tropiano             ICUS Software Systems         [w] +1 (516) 582-5525
lenny at icus.islp.ny.us      Telex; 154232428 ICUS         [h] +1 (516) 968-8576
{talcott,decuac,boulder,hombre,pacbell,sbcs}!icus!lenny  attmail!icus!lenny
        ICUS Software Systems -- PO Box 1; Islip Terrace, NY  11752

More information about the Unix-pc.sources mailing list