metalefty/xrdp-next
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Add patch for CVE-2022-23613.

Browse Source
This commit is contained in:
Bojan Smojver 2022-02-08 11:48:01 +11:00
parent 0bf288818c
commit a61009746f
2 changed files with 52 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
xrdp-0.9.18-cve-2022-23613.patch Normal file
View File

@ -0,0 +1,47 @@
From eb4a8e342dcf848ca716792763ca1904e913ca9d Mon Sep 17 00:00:00 2001
From: matt335672 <30179339+matt335672@users.noreply.github.com>
Date: Wed, 2 Feb 2022 10:39:50 +0000
Subject: [PATCH] Add lower bound to sesman data input size check
---
sesman/sesman.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/sesman/sesman.c b/sesman/sesman.c
index a85769053..e2b057e6a 100644
--- a/sesman/sesman.c
+++ b/sesman/sesman.c
@@ -276,6 +276,7 @@ sesman_close_all(void)
static int
sesman_data_in(struct trans *self)
{
+#define HEADER_SIZE 8
int version;
int size;
@@ -283,9 +284,9 @@ sesman_data_in(struct trans *self)
{
in_uint32_be(self->in_s, version);
in_uint32_be(self->in_s, size);
- if (size > self->in_s->size)
+ if (size < HEADER_SIZE || size > self->in_s->size)
{
- LOG(LOG_LEVEL_ERROR, "sesman_data_in: bad message size");
+ LOG(LOG_LEVEL_ERROR, "sesman_data_in: bad message size %d", size);
return 1;
}
self->header_size = size;
@@ -302,11 +303,12 @@ sesman_data_in(struct trans *self)
return 1;
}
/* reset for next message */
- self->header_size = 8;
+ self->header_size = HEADER_SIZE;
self->extra_flags = 0;
init_stream(self->in_s, 0); /* Reset input stream pointers */
}
return 0;
+#undef HEADER_SIZE
}
/******************************************************************************/

6
xrdp.spec
View File

@ -17,7 +17,7 @@ Summary: Open source remote desktop protocol (RDP) server
Name: xrdp Name: xrdp
Epoch: 1 Epoch: 1
Version: 0.9.18 Version: 0.9.18
Release: 4%{?dist} Release: 5%{?dist}
License: ASL 2.0 and GPLv2+ and MIT License: ASL 2.0 and GPLv2+ and MIT
URL: http://www.xrdp.org/ URL: http://www.xrdp.org/
Source0: https://github.com/neutrinolabs/xrdp/releases/download/v%{version}/xrdp-%{version}.tar.gz Source0: https://github.com/neutrinolabs/xrdp/releases/download/v%{version}/xrdp-%{version}.tar.gz
@ -39,6 +39,7 @@ Patch6: xrdp-0.9.18-vnc-uninit.patch
Patch7: xrdp-0.9.15-sesman-ini.patch Patch7: xrdp-0.9.15-sesman-ini.patch
%endif %endif
Patch8: xrdp-0.9.18-imlib2.patch Patch8: xrdp-0.9.18-imlib2.patch
Patch9: xrdp-0.9.18-cve-2022-23613.patch
BuildRequires: make BuildRequires: make
BuildRequires: gcc BuildRequires: gcc
@ -289,6 +290,9 @@ fi
%{_datadir}/selinux/*/%{name}.pp %{_datadir}/selinux/*/%{name}.pp
%changelog %changelog
* Tue Feb 8 2022 Bojan Smojver <bojan@rexurive.com> - 1:0.9.18-5
- Add patch for CVE-2022-23613
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.9.18-4 * Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.9.18-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild