Backport fix for UNIX domain socket crash

This causes problems for clevis, that depends on ncat to unlock LUKS devices upon boot. Issue can be reproduced with `ncat -U /dev/null' Problem: ncat -U /dev/null Segmentation fault (core dumped) Expected: ncat -U /dev/null Ncat: Connection refused. Upstream: f6b40614e4 Signed-off-by: Sergio Correia <scorreia@redhat.com>
2020-10-22 11:58:40 -03:00 · 2020-10-22 11:58:40 -03:00 · c673aed0aa
commit c673aed0aa
parent b0d2e8add1
2 changed files with 37 additions and 1 deletions
--- a/ncat-fix-unix-domain-socket-crash.patch
+++ b/ncat-fix-unix-domain-socket-crash.patch
@ -0,0 +1,29 @@
+From f6b40614e4a8131394792d590965f8af3c635323 Mon Sep 17 00:00:00 2001
+From: nnposter <nnposter@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Fri, 16 Oct 2020 02:54:52 +0000
+Subject: [PATCH] Fix a Unix domain socket crash. Fixes #2154
+
+Upstream: https://github.com/nmap/nmap/commit/f6b40614e4a8131394792d590965f8af3c635323
+
+diff --git a/ncat/ncat_main.c b/ncat/ncat_main.c
+index d59b951..92eccad 100644
+--- a/ncat/ncat_main.c
+++ b/ncat/ncat_main.c
+@@ -848,7 +848,7 @@ int main(int argc, char *argv[])
+             targetaddrs->addr.un.sun_family = AF_UNIX;
+             strncpy(targetaddrs->addr.un.sun_path, argv[optind], sizeof(targetaddrs->addr.un.sun_path));
+             targetaddrs->addrlen = SUN_LEN(&targetaddrs->addr.un);
+-            o.target = argv[optind];
+            o.sslservername = o.target = argv[optind];
+             optind++;
+         } else
+ #endif
+@@ -867,7 +867,7 @@ int main(int argc, char *argv[])
+                 targetaddrs->addr.vm.svm_cid = long_cid;
+ 
+                 targetaddrs->addrlen = sizeof(targetaddrs->addr.vm);
+-                o.target = argv[optind];
+                o.sslservername = o.target = argv[optind];
+                 optind++;
+             }
+         } else
--- a/nmap.spec
+++ b/nmap.spec
@ -7,7 +7,7 @@ Name: nmap
 Epoch: 2
 Version: 7.91
 #global prerelease TEST5
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: Network exploration tool and security scanner
 URL: http://nmap.org/
 # Uses combination of licenses based on GPL license, but with extra modification
@ -26,6 +26,9 @@ Patch2: nmap-4.52-noms.patch
 Patch3: ncat_reg_stdin.diff
 Patch4: nmap-6.25-displayerror.patch

+# Upstream patch to prevent crash with UNIX domain sockets.
+Patch5: ncat-fix-unix-domain-socket-crash.patch
+
 BuildRequires: automake
 BuildRequires: autoconf
 BuildRequires: gcc-c++
@ -133,6 +136,10 @@ ln -s ncat %{buildroot}%{_bindir}/nc
 %{_mandir}/man1/ncat.1.gz

 %changelog
+* Thu Oct 22 2020 Sergio Correia <scorreia@redhat.com>  2:7.91-2
+- Backport fix for UNIX domain socket crash
+  Upstream: https://github.com/nmap/nmap/commit/f6b40614e4a8131394792d590965f8af3c635323
+
 * Thu Aug 20 2020 Pavel Zhukov <pzhukov@redhat.com> - 2:7.80-6
 - Drop libssh from eln