Página inicial Explorar Ajuda
Entrar
openpkg
/
openpkg-packages
Observar 2
Favorito 0
Fork 0
Arquivos Issues 0 Pull Requests 0
Ver código fonte

add more bugfix patches from Solar Designer

Ralf S. Engelschall 22 anos atrás
pai
0951de2503
commit
935dae77e1
2 arquivos alterados com 132 adições e 0 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 130 0
      openssh/openssh.patch
  2. 2 0
      openssh/openssh.spec

+ 130 - 0
openssh/openssh.patch
Ver arquivo 

@@ -0,0 +1,130 @@
 
+These patches adjust (re)allocation procedures so they do not
 
+alter context structures unless the (re)allocation was successful.
 
+Otherwise the fatal cleanup functions (trigged from within the
 
+failing (re)allocation functions) will be confused and especially
 
+(for some instances) incorrectly clear (smaller than recorded) memory
 
+buffers with NUL bytes. This patch is based on work by Solar Designer
 
+<solar@openwall.com>.
 
+
 
+Index: deattack.c
 
+--- deattack.c.orig	2002-03-05 02:53:05.000000000 +0100
 
++++ deattack.c	2003-09-17 09:30:09.000000000 +0200
 
+@@ -100,12 +100,12 @@
 
+ 
+ 	if (h == NULL) {
 
+ 		debug("Installing crc compensation attack detector.");
 
++		h = (u_int16_t *) xmalloc(l * HASH_ENTRYSIZE);
 
+ 		n = l;
 
+-		h = (u_int16_t *) xmalloc(n * HASH_ENTRYSIZE);
 
+ 	} else {
 
+ 		if (l > n) {
 
++			h = (u_int16_t *) xrealloc(h, l * HASH_ENTRYSIZE);
 
+ 			n = l;
 
+-			h = (u_int16_t *) xrealloc(h, n * HASH_ENTRYSIZE);
 
+ 		}
 
+ 	}
 
+ 
+Index: misc.c
 
+--- misc.c.orig	2003-08-25 03:16:21.000000000 +0200
 
++++ misc.c	2003-09-17 09:30:09.000000000 +0200
 
+@@ -308,18 +308,21 @@
 
+ {
 
+ 	va_list ap;
 
+ 	char buf[1024];
 
++	int nalloc;
 
+ 
+ 	va_start(ap, fmt);
 
+ 	vsnprintf(buf, sizeof(buf), fmt, ap);
 
+ 	va_end(ap);
 
+ 
++	nalloc = args->nalloc;
 
+ 	if (args->list == NULL) {
 
+-		args->nalloc = 32;
 
++		nalloc = 32;
 
+ 		args->num = 0;
 
+-	} else if (args->num+2 >= args->nalloc)
 
+-		args->nalloc *= 2;
 
++	} else if (args->num+2 >= nalloc)
 
++		nalloc *= 2;
 
+ 
+-	args->list = xrealloc(args->list, args->nalloc * sizeof(char *));
 
++	args->list = xrealloc(args->list, nalloc * sizeof(char *));
 
++	args->nalloc = nalloc;
 
+ 	args->list[args->num++] = xstrdup(buf);
 
+ 	args->list[args->num] = NULL;
 
+ }
 
+Index: session.c
 
+--- session.c.orig	2003-09-16 03:52:19.000000000 +0200
 
++++ session.c	2003-09-17 09:34:20.000000000 +0200
 
+@@ -800,6 +800,7 @@
 
+ {
 
+ 	u_int i, namelen;
 
+ 	char **env;
 
++	u_int envsize;
 
+ 
+ 	/*
 
+ 	 * If we're passed an uninitialized list, allocate a single null
 
+@@ -826,12 +827,14 @@
 
+ 		xfree(env[i]);
 
+ 	} else {
 
+ 		/* New variable.  Expand if necessary. */
 
+-		if (i >= (*envsizep) - 1) {
 
+-			if (*envsizep >= 1000)
 
++		envsize = *envsizep;
 
++		if (i >= envsize - 1) {
 
++			if (envsize >= 1000)
 
+ 				fatal("child_set_env: too many env vars,"
 
+ 				    " skipping: %.100s", name);
 
+-			(*envsizep) += 50;
 
+-			env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *));
 
++			envsize += 50;
 
++			env = (*envp) = xrealloc(env, envsize * sizeof(char *));
 
++			*envsizep = envsize;
 
+ 		}
 
+ 		/* Need to set the NULL pointer at end of array beyond the new slot. */
 
+ 		env[i + 1] = NULL;
 
+Index: ssh-agent.c
 
+--- ssh-agent.c.orig	2003-08-22 01:34:41.000000000 +0200
 
++++ ssh-agent.c	2003-09-17 09:30:09.000000000 +0200
 
+@@ -784,7 +784,7 @@
 
+ static void
 
+ new_socket(sock_type type, int fd)
 
+ {
 
+-	u_int i, old_alloc;
 
++	u_int i, old_alloc, new_alloc;
 
+ 
+ 	if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0)
 
+ 		error("fcntl O_NONBLOCK: %s", strerror(errno));
 
+@@ -795,25 +795,26 @@
 
+ 	for (i = 0; i < sockets_alloc; i++)
 
+ 		if (sockets[i].type == AUTH_UNUSED) {
 
+ 			sockets[i].fd = fd;
 
+-			sockets[i].type = type;
 
+ 			buffer_init(&sockets[i].input);
 
+ 			buffer_init(&sockets[i].output);
 
+ 			buffer_init(&sockets[i].request);
 
++			sockets[i].type = type;
 
+ 			return;
 
+ 		}
 
+ 	old_alloc = sockets_alloc;
 
+-	sockets_alloc += 10;
 
++	new_alloc = sockets_alloc + 10;
 
+ 	if (sockets)
 
+-		sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0]));
 
++		sockets = xrealloc(sockets, new_alloc * sizeof(sockets[0]));
 
+ 	else
 
+-		sockets = xmalloc(sockets_alloc * sizeof(sockets[0]));
 
+-	for (i = old_alloc; i < sockets_alloc; i++)
 
++		sockets = xmalloc(new_alloc * sizeof(sockets[0]));
 
++	for (i = old_alloc; i < new_alloc; i++)
 
+ 		sockets[i].type = AUTH_UNUSED;
 
+-	sockets[old_alloc].type = type;
 
++	sockets_alloc = new_alloc;
 
+ 	sockets[old_alloc].fd = fd;
 
+ 	buffer_init(&sockets[old_alloc].input);
 
+ 	buffer_init(&sockets[old_alloc].output);
 
+ 	buffer_init(&sockets[old_alloc].request);
 
++	sockets[old_alloc].type = type;
 
+ }
 
+ 
+ static int

+ 2 - 0
openssh/openssh.spec
Ver arquivo 

@@ -59,6 +59,7 @@ Source6:      ssh-keyman
 
 Source7:      ssh-keyman.1
 
 Source8:      ssh-keyman.pod
 
 Source9:      http://chrootssh.sourceforge.net/download/osshChroot-%{V_chroot}.diff
 
+Patch0:       openssh.patch
 
 
 #   build information
 
 Prefix:       %{l_prefix}
 
@@ -104,6 +105,7 @@ AutoReqProv:  no
 
 %prep
 
     #   unpack distribution
 
     %setup -q
 
+    %patch -p0
 
 
     #   optionally apply chroot(2) patch
 
 %if "%{with_chroot}" == "yes"