diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-09-17 21:01:20 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-09-18 08:59:50 +0200 |
commit | ba153cf4c6b9f6375a86058735337776cc361669 (patch) | |
tree | 5437be9116827d1401a4f5bf30487bb20cfcf575 /source/n | |
parent | 6d3daa25f6bab4720130798050ca40c9d31cd7b1 (diff) | |
download | current-ba153cf4c6b9f6375a86058735337776cc361669.tar.gz |
Tue Sep 17 21:01:20 UTC 201920190917210120
a/eudev-3.2.8-x86_64-2.txz: Rebuilt.
Blacklisted mlx_wdt in watchdog.conf. Thanks to Robby Workman.
l/libical-3.0.6-x86_64-1.txz: Upgraded.
n/rpcbind-1.2.5-x86_64-2.txz: Rebuilt.
Added patch from git master to fix a segfault.
Fixed application of the next patch.
Thanks to Robby Workman.
x/freeglut-3.2.0-x86_64-1.txz: Upgraded.
x/mesa-19.1.7-x86_64-1.txz: Upgraded.
Diffstat (limited to 'source/n')
-rw-r--r-- | source/n/rpcbind/0001-rpcinfo-Fix-stack-buffer-overflow.patch | 69 | ||||
-rwxr-xr-x | source/n/rpcbind/rpcbind.SlackBuild | 7 |
2 files changed, 74 insertions, 2 deletions
diff --git a/source/n/rpcbind/0001-rpcinfo-Fix-stack-buffer-overflow.patch b/source/n/rpcbind/0001-rpcinfo-Fix-stack-buffer-overflow.patch new file mode 100644 index 00000000..14fd88c8 --- /dev/null +++ b/source/n/rpcbind/0001-rpcinfo-Fix-stack-buffer-overflow.patch @@ -0,0 +1,69 @@ +From 0bc1c0ae7ce61a7ac8a8e9a9b2086268f011abf0 Mon Sep 17 00:00:00 2001 +From: Steve Dickson <steved@redhat.com> +Date: Tue, 9 Oct 2018 09:19:50 -0400 +Subject: [PATCH] rpcinfo: Fix stack buffer overflow + +*** buffer overflow detected ***: rpcinfo terminated +======= Backtrace: ========= +/lib64/libc.so.6(+0x721af)[0x7ff24c4451af] +/lib64/libc.so.6(__fortify_fail+0x37)[0x7ff24c4ccdc7] +/lib64/libc.so.6(+0xf8050)[0x7ff24c4cb050] +rpcinfo(+0x435f)[0xef3be2635f] +rpcinfo(+0x1c62)[0xef3be23c62] +/lib64/libc.so.6(__libc_start_main+0xf5)[0x7ff24c3f36e5] +rpcinfo(+0x2739)[0xef3be24739] +======= Memory map: ======== +... +The patch below fixes it. + +Reviewed-by: Chuck Lever <chuck.lever@oracle.com> +Signed-off-by: Thomas Blume <thomas.blume@suse.com> +Signed-off-by: Steve Dickson <steved@redhat.com> +--- + src/rpcinfo.c | 23 +++++++++++++++++------ + 1 file changed, 17 insertions(+), 6 deletions(-) + +diff --git a/src/rpcinfo.c b/src/rpcinfo.c +index 9b46864..cfdba88 100644 +--- a/src/rpcinfo.c ++++ b/src/rpcinfo.c +@@ -973,6 +973,7 @@ rpcbdump (dumptype, netid, argc, argv) + (" program version(s) netid(s) service owner\n"); + for (rs = rs_head; rs; rs = rs->next) + { ++ size_t netidmax = sizeof(buf) - 1; + char *p = buf; + + printf ("%10ld ", rs->prog); +@@ -985,12 +986,22 @@ rpcbdump (dumptype, netid, argc, argv) + } + printf ("%-10s", buf); + buf[0] = '\0'; +- for (nl = rs->nlist; nl; nl = nl->next) +- { +- strcat (buf, nl->netid); +- if (nl->next) +- strcat (buf, ","); +- } ++ ++ for (nl = rs->nlist; nl; nl = nl->next) ++ { ++ strncat (buf, nl->netid, netidmax); ++ if (strlen (nl->netid) < netidmax) ++ netidmax -= strlen(nl->netid); ++ else ++ break; ++ ++ if (nl->next && netidmax > 1) ++ { ++ strncat (buf, ",", netidmax); ++ netidmax --; ++ } ++ } ++ + printf ("%-32s", buf); + rpc = getrpcbynumber (rs->prog); + if (rpc) +-- +2.22.0 + diff --git a/source/n/rpcbind/rpcbind.SlackBuild b/source/n/rpcbind/rpcbind.SlackBuild index 27480223..beafc6e8 100755 --- a/source/n/rpcbind/rpcbind.SlackBuild +++ b/source/n/rpcbind/rpcbind.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=rpcbind VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -84,8 +84,11 @@ rm -rf $PKGNAM-$VERSION tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1 cd $PKGNAM-$VERSION || exit 1 +# git patches: +zcat $CWD/0001-rpcinfo-Fix-stack-buffer-overflow.patch.gz | patch -p1 --verbose || exit 1 + # Local patches: -zcat $CWD/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch | patch -p1 --verbose || exit 1 +zcat $CWD/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/rpcbind.lwrap.needs.lnsl.diff.gz | patch -p1 --verbose || exit 1 # This is needed after the libwrap patch above: |