Resolves: #1941925 - fix SIGSEGV upon disconnect of a ldaps:// transfer

2021-06-02 15:25:59 +02:00 · 2021-06-02 15:25:59 +02:00 · 469a44d0c1
commit 469a44d0c1
parent bc006791a4
2 changed files with 52 additions and 1 deletions
--- a/0004-curl-7.76.1-ldaps-segv.patch
+++ b/0004-curl-7.76.1-ldaps-segv.patch
@ -0,0 +1,44 @@
+From 39b68b3f82535d06e50443db4c191dbaa00df4eb Mon Sep 17 00:00:00 2001
+From: Patrick Monnerat <patrick@monnerat.net>
+Date: Fri, 23 Apr 2021 00:33:46 +0200
+Subject: [PATCH] vtls: reset ssl use flag upon negotiation failure
+
+Fixes the segfault in ldaps disconnect.
+
+Reported-by: Illarion Taev
+Fixes #6934
+Closes #6937
+
+Upstream-commit: a4554b2c5e7c5788c8198001598818599c60ff7d
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ lib/vtls/vtls.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
+index 22cfb88..fa8a6fa 100644
+--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
+@@ -315,6 +315,8 @@ Curl_ssl_connect(struct Curl_easy *data, struct connectdata *conn,
+ 
+   if(!result)
+     Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSL is connected */
+  else
+    conn->ssl[sockindex].use = FALSE;
+ 
+   return result;
+ }
+@@ -338,7 +340,9 @@ Curl_ssl_connect_nonblocking(struct Curl_easy *data, struct connectdata *conn,
+   /* mark this is being ssl requested from here on. */
+   conn->ssl[sockindex].use = TRUE;
+   result = Curl_ssl->connect_nonblocking(data, conn, sockindex, done);
+-  if(!result && *done)
+  if(result)
+    conn->ssl[sockindex].use = FALSE;
+  else if(*done)
+     Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSL is connected */
+   return result;
+ }
+-- 
+2.31.1
+
--- a/curl.spec
+++ b/curl.spec
@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.76.1
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: MIT
 Source: https://curl.se/download/%{name}-%{version}.tar.xz

@ -14,6 +14,9 @@ Patch2:   0002-curl-7.76.1-CVE-2021-22898.patch
 # fix TLS session caching disaster (CVE-2021-22901)
 Patch3:   0003-curl-7.76.1-CVE-2021-22901.patch

+# fix SIGSEGV upon disconnect of a ldaps:// transfer (#1941925)
+Patch4:   0004-curl-7.76.1-ldaps-segv.patch
+
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch

@ -192,6 +195,7 @@ be installed.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1

 # Fedora patches
 %patch101 -p1
@ -372,6 +376,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal

 %changelog
+* Wed Jun 02 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-4
+- fix SIGSEGV upon disconnect of a ldaps:// transfer (#1941925)
+
 * Wed May 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-3
 - fix TLS session caching disaster (CVE-2021-22901)
 - fix TELNET stack contents disclosure (CVE-2021-22898)