diff --git a/autofs-5.1.8-fail-on-empty-replicated-host-name.patch b/autofs-5.1.8-fail-on-empty-replicated-host-name.patch new file mode 100644 index 0000000..beec004 --- /dev/null +++ b/autofs-5.1.8-fail-on-empty-replicated-host-name.patch @@ -0,0 +1,57 @@ +autofs-5.1.8 - fail on empty replicated host name + +From: Ian Kent + +If a mount location host (or hosts) has an empty host name it has to be +a mistake so fail the automount request. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + modules/parse_sun.c | 18 ++++++++++++++++++ + 2 files changed, 19 insertions(+) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -112,6 +112,7 @@ + - fix memory leak in update_hosts_mounts(). + - fix minus only option handling in concat_options(). + - fix incorrect path for is_mounted() in try_remount(). ++- fail on empty replicated host name. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/modules/parse_sun.c ++++ autofs-5.1.7/modules/parse_sun.c +@@ -935,6 +935,12 @@ static int validate_location(unsigned in + if (*ptr == ':') + return 1; + ++ /* Fail on replicated entry with empty first host name */ ++ if (*ptr == ',') { ++ error(logopt, "missing first host name in location %s", loc); ++ return 0; ++ } ++ + /* + * If a ':/' is present now it must be a host name, except + * for those special file systems like sshfs which use "#" +@@ -971,6 +977,18 @@ static int validate_location(unsigned in + "found in location %s", *ptr, loc); + return 0; + } ++ ++ /* Fail on replicated entry with empty host name */ ++ if (*ptr == ',') { ++ char next = *(ptr + 1); ++ ++ if (next == ',' || next == ':') { ++ error(logopt, ++ "missing host name in location %s", loc); ++ return 0; ++ } ++ } ++ + ptr++; + } + diff --git a/autofs.spec b/autofs.spec index 4e237df..df5ca35 100644 --- a/autofs.spec +++ b/autofs.spec @@ -12,7 +12,7 @@ Summary: A tool for automatically mounting and unmounting filesystems Name: autofs Version: 5.1.7 -Release: 36%{?dist} +Release: 37%{?dist} Epoch: 1 License: GPLv2+ Source: https://www.kernel.org/pub/linux/daemons/autofs/v5/autofs-%{version}-2.tar.gz @@ -138,6 +138,7 @@ Patch110: autofs-5.1.8-fix-deadlock-with-hosts-map-reload.patch Patch111: autofs-5.1.8-fix-memory-leak-in-update_hosts_mounts.patch Patch112: autofs-5.1.8-fix-minus-only-option-handling-in-concat_options.patch Patch113: autofs-5.1.8-fix-incorrect-path-for-is_mounted-in-try_remount.patch +Patch114: autofs-5.1.8-fail-on-empty-replicated-host-name.patch %if %{with_systemd} BuildRequires: systemd-units @@ -320,6 +321,7 @@ echo %{version}-%{release} > .version %patch111 -p1 %patch112 -p1 %patch113 -p1 +%patch114 -p1 %build LDFLAGS=-Wl,-z,now @@ -428,6 +430,12 @@ fi %dir /etc/auto.master.d %changelog +* Mon Mar 27 2023 Ian Kent - 1:5.1.7-37 +- bz2170285 - Users can trigger a simple autofs DoS with wildcard + automounter maps + - fail on empty trailing replicated host name. +- Resolves: rhbz#2170285 + * Tue Dec 06 2022 Ian Kent - 1:5.1.7-36 - bz2149013 - autofs: errors in autofs-5.1.4-83.el8.x86_64 when restarting autofs with busy directories