Resolves: #1941925 - fix SIGSEGV upon disconnect of a ldaps:// transfer

2021-06-02 15:25:59 +02:00 · 2021-06-02 15:25:59 +02:00 · 469a44d0c1
commit 469a44d0c1
parent bc006791a4
2 changed files with 52 additions and 1 deletions
--- a/0004-curl-7.76.1-ldaps-segv.patch
+++ b/0004-curl-7.76.1-ldaps-segv.patch
@ -0,0 +1,44 @@
 From 39b68b3f82535d06e50443db4c191dbaa00df4eb Mon Sep 17 00:00:00 2001
 From: Patrick Monnerat <patrick@monnerat.net>
 Date: Fri, 23 Apr 2021 00:33:46 +0200
 Subject: [PATCH] vtls: reset ssl use flag upon negotiation failure
 Fixes the segfault in ldaps disconnect.
 Reported-by: Illarion Taev
 Fixes #6934
 Closes #6937
 Upstream-commit: a4554b2c5e7c5788c8198001598818599c60ff7d
 Signed-off-by: Kamil Dudka <kdudka@redhat.com>
 ---
 lib/vtls/vtls.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
 diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
 index 22cfb88..fa8a6fa 100644
 --- a/lib/vtls/vtls.c
 +++ b/lib/vtls/vtls.c
@@ -315,6 +315,8 @@ Curl_ssl_connect(struct Curl_easy *data, struct connectdata *conn,
   if(!result)
     Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSL is connected */
 +  else
 +    conn->ssl[sockindex].use = FALSE;
   return result;
 }
@@ -338,7 +340,9 @@ Curl_ssl_connect_nonblocking(struct Curl_easy *data, struct connectdata *conn,
   /* mark this is being ssl requested from here on. */
   conn->ssl[sockindex].use = TRUE;
   result = Curl_ssl->connect_nonblocking(data, conn, sockindex, done);
 -  if(!result && *done)
 +  if(result)
 +    conn->ssl[sockindex].use = FALSE;
 +  else if(*done)
     Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSL is connected */
   return result;
 }
 -- 
 2.31.1
--- a/curl.spec
+++ b/curl.spec
@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.76.1
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: MIT
 Source: https://curl.se/download/%{name}-%{version}.tar.xz
@ -14,6 +14,9 @@ Patch2:   0002-curl-7.76.1-CVE-2021-22898.patch
 # fix TLS session caching disaster (CVE-2021-22901)
 Patch3:   0003-curl-7.76.1-CVE-2021-22901.patch
 # fix SIGSEGV upon disconnect of a ldaps:// transfer (#1941925)
 Patch4:   0004-curl-7.76.1-ldaps-segv.patch
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
@ -192,6 +195,7 @@ be installed.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
 # Fedora patches
 %patch101 -p1
@ -372,6 +376,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
 %changelog
 * Wed Jun 02 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-4
 - fix SIGSEGV upon disconnect of a ldaps:// transfer (#1941925)
 * Wed May 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-3
 - fix TLS session caching disaster (CVE-2021-22901)
 - fix TELNET stack contents disclosure (CVE-2021-22898)