diff --git a/nmap-ssh_nse_crash.patch b/nmap-ssh_nse_crash.patch new file mode 100644 index 0000000..d6af9da --- /dev/null +++ b/nmap-ssh_nse_crash.patch @@ -0,0 +1,28 @@ +From 350bbe0597d37ad67abe5fef8fba984707b4e9ad Mon Sep 17 00:00:00 2001 +From: dmiller +Date: Thu, 29 Nov 2018 17:42:09 +0000 +Subject: [PATCH] Avoid a crash (double-free) when SSH connection fails + +--- + nse_libssh2.cc | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/nse_libssh2.cc b/nse_libssh2.cc +index 6a18c0c85b..983f83dbdb 100644 +@@ -295,6 +294,7 @@ static int do_session_handshake (lua_State *L, int status, lua_KContext ctx) { + + if (rc) { + libssh2_session_free(sshu->session); ++ sshu->session = NULL; + return luaL_error(L, "Unable to complete libssh2 handshake."); + } + +@@ -478,7 +478,7 @@ static int userauth_list (lua_State *L, int status, lua_KContext ctx) { + } + + /* +-* Returns list of supported authenication methods ++* Returns list of supported authentication methods + */ + static int l_userauth_list (lua_State *L) { + return userauth_list(L, 0, 0); diff --git a/nmap.spec b/nmap.spec index a1dcf5c..dc2cb3e 100644 --- a/nmap.spec +++ b/nmap.spec @@ -13,7 +13,7 @@ Name: nmap Epoch: 2 Version: 7.70 #global prerelease TEST5 -Release: 6%{?dist} +Release: 7%{?dist} # Uses combination of licenses based on GPL license, but with extra modification # so it got its own license tag rhbz#1055861 License: Nmap @@ -36,6 +36,7 @@ Patch5: ncat_reg_stdin.diff Patch6: nmap-6.25-displayerror.patch Patch7: nmap-ipv6_literal_proxy.patch +Patch8: nmap-ssh_nse_crash.patch URL: http://nmap.org/ BuildRequires: gcc-c++ @@ -110,6 +111,7 @@ uses. %patch5 -p1 -b .ncat_reg_stdin %patch6 -p1 -b .displayerror %patch7 -p1 -b .ipv6-literal +%patch8 -p1 -b .nse-ssh-auth #be sure we're not using tarballed copies of some libraries #rm -rf liblua libpcap libpcre macosx mswin32 ###TODO### @@ -243,6 +245,9 @@ popd %endif %changelog +* Thu May 2 2019 Pavel Zhukov - 2:7.70-7 +- Fix double free when ssh connections fails + * Tue Feb 5 2019 Pavel Zhukov - 2:7.70-6 - Fix ipv6 literals parsing in proxy connection