Fix memory corruption in tftpd
... when filename remapping with macro \x is used Resolves: rhbz#2066858
This commit is contained in:
Lukáš Zaoral
parent
2938160d14
commit
895f4883d1
44
tftp-rewrite-macro.patch
Normal file
44
tftp-rewrite-macro.patch
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
Resolves: #1485943
|
||||||
|
|
||||||
|
--- a/tftpd/tftpd.c 2017-08-28 09:12:11.681299000 +0200
|
||||||
|
+++ b/tftpd/tftpd.c 2017-08-28 13:30:03.109312000 +0200
|
||||||
|
@@ -1388,24 +1388,25 @@
|
||||||
|
return strlen(p);
|
||||||
|
|
||||||
|
case 'x':
|
||||||
|
- if (output) {
|
||||||
|
- if (from.sa.sa_family == AF_INET) {
|
||||||
|
+ if (from.sa.sa_family == AF_INET) {
|
||||||
|
+ if (output) {
|
||||||
|
sprintf(output, "%08lX",
|
||||||
|
(unsigned long)ntohl(from.si.sin_addr.s_addr));
|
||||||
|
- l = 8;
|
||||||
|
+ }
|
||||||
|
+ l = 8;
|
||||||
|
#ifdef HAVE_IPV6
|
||||||
|
- } else {
|
||||||
|
- unsigned char *c = (unsigned char *)SOCKADDR_P(&from);
|
||||||
|
- p = tb;
|
||||||
|
- for (l = 0; l < 16; l++) {
|
||||||
|
- sprintf(p, "%02X", *c);
|
||||||
|
- c++;
|
||||||
|
- p += 2;
|
||||||
|
- }
|
||||||
|
+ } else {
|
||||||
|
+ unsigned char *c = (unsigned char *)SOCKADDR_P(&from);
|
||||||
|
+ p = tb;
|
||||||
|
+ for (l = 0; l < 16; l++) {
|
||||||
|
+ sprintf(p, "%02X", *c);
|
||||||
|
+ c++;
|
||||||
|
+ p += 2;
|
||||||
|
+ }
|
||||||
|
+ if (output)
|
||||||
|
strcpy(output, tb);
|
||||||
|
- l = strlen(tb);
|
||||||
|
+ l = strlen(tb);
|
||||||
|
#endif
|
||||||
|
- }
|
||||||
|
}
|
||||||
|
return l;
|
||||||
|
|
||||||
|
|
||||||
@ -22,6 +22,7 @@ Patch8: tftp-hpa-5.2-pktinfo.patch
|
|||||||
Patch9: tftp-doc.patch
|
Patch9: tftp-doc.patch
|
||||||
Patch10: tftp-enhanced-logging.patch
|
Patch10: tftp-enhanced-logging.patch
|
||||||
Patch11: tftp-hpa-5.2-gcc10.patch
|
Patch11: tftp-hpa-5.2-gcc10.patch
|
||||||
|
Patch12: tftp-rewrite-macro.patch
|
||||||
|
|
||||||
BuildRequires: make
|
BuildRequires: make
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
@ -61,6 +62,7 @@ systemd socket activation, and is disabled by default.
|
|||||||
%patch9 -p1 -b .doc
|
%patch9 -p1 -b .doc
|
||||||
%patch10 -p1 -b .logging
|
%patch10 -p1 -b .logging
|
||||||
%patch11 -p1 -b .gcc10
|
%patch11 -p1 -b .gcc10
|
||||||
|
%patch12 -p1 -b .rewrite-macro
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf
|
autoreconf
|
||||||
@ -105,6 +107,8 @@ install -p -m 644 %SOURCE2 ${RPM_BUILD_ROOT}%{_unitdir}
|
|||||||
%changelog
|
%changelog
|
||||||
* Wed Mar 23 2022 Lukáš Zaoral <lzaoral@redhat.com> - 5.2-36
|
* Wed Mar 23 2022 Lukáš Zaoral <lzaoral@redhat.com> - 5.2-36
|
||||||
- Fix inconsistent --map-file option spelling in manual (rhbz#2066855)
|
- Fix inconsistent --map-file option spelling in manual (rhbz#2066855)
|
||||||
|
- Fix memory corruption in tftpd when filename remapping with macro \x
|
||||||
|
is used (rhbz#2066858)
|
||||||
|
|
||||||
* Thu Jan 27 2022 Lukáš Zaoral <lzaoral@redhat.com> - 5.2-35
|
* Thu Jan 27 2022 Lukáš Zaoral <lzaoral@redhat.com> - 5.2-35
|
||||||
- Rebuilt for fixed gating.yaml. Related rhbz#2042975
|
- Rebuilt for fixed gating.yaml. Related rhbz#2042975
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user