summaryrefslogtreecommitdiff
path: root/source/xap/rdesktop
diff options
context:
space:
mode:
Diffstat (limited to 'source/xap/rdesktop')
-rw-r--r--source/xap/rdesktop/rdesktop.CVE-2011-1595.diff22
-rwxr-xr-xsource/xap/rdesktop/rdesktop.SlackBuild21
2 files changed, 38 insertions, 5 deletions
diff --git a/source/xap/rdesktop/rdesktop.CVE-2011-1595.diff b/source/xap/rdesktop/rdesktop.CVE-2011-1595.diff
new file mode 100644
index 00000000..0db8c3bc
--- /dev/null
+++ b/source/xap/rdesktop/rdesktop.CVE-2011-1595.diff
@@ -0,0 +1,22 @@
+--- ./disk.c.orig 2008-02-15 18:13:25.000000000 -0600
++++ ./disk.c 2011-04-20 20:27:55.978000772 -0500
+@@ -356,6 +356,19 @@
+ filename[strlen(filename) - 1] = 0;
+ sprintf(path, "%s%s", g_rdpdr_device[device_id].local_path, filename);
+
++ /* Protect against mailicous servers:
++ somelongpath/.. not allowed
++ somelongpath/../b not allowed
++ somelongpath/..b in principle ok, but currently not allowed
++ somelongpath/b.. ok
++ somelongpath/b..b ok
++ somelongpath/b../c ok
++ */
++ if (strstr(path, "/.."))
++ {
++ return RD_STATUS_ACCESS_DENIED;
++ }
++
+ switch (create_disposition)
+ {
+ case CREATE_ALWAYS:
diff --git a/source/xap/rdesktop/rdesktop.SlackBuild b/source/xap/rdesktop/rdesktop.SlackBuild
index cbfc1498..5e1ae2e2 100755
--- a/source/xap/rdesktop/rdesktop.SlackBuild
+++ b/source/xap/rdesktop/rdesktop.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright 2006, 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -23,10 +23,17 @@
PKGNAM=rdesktop
VERSION=${VERSION:-1.6.0}
-ARCH=${ARCH:-x86_64}
-NUMJOBS=${NUMJOBS:-" -j7 "}
-BUILD=${BUILD:-1}
-
+BUILD=${BUILD:-2}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+ case "$( uname -m )" in
+ i?86) export ARCH=i486 ;;
+ arm*) export ARCH=arm ;;
+ # Unless $ARCH is already set, use uname -m for all other archs:
+ *) export ARCH=$( uname -m ) ;;
+ esac
+fi
if [ "$ARCH" = "i486" ]; then
SLKCFLAGS="-O2 -march=i486 -mtune=i686"
@@ -39,6 +46,8 @@ elif [ "$ARCH" = "x86_64" ]; then
LIBDIRSUFFIX="64"
fi
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
CWD=$(pwd)
TMP=${TMP:-/tmp}
PKG=$TMP/package-${PKGNAM}
@@ -50,6 +59,8 @@ rm -rf ${PKGNAM}-${VERSION}
tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1
cd ${PKGNAM}-$VERSION || exit 1
+zcat $CWD/rdesktop.CVE-2011-1595.diff.gz | patch -p1 --verbose || exit 1
+
# Make sure ownerships and permissions are sane:
chown -R root:root .
find . \
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-05 09:34:08 +0000