Hello community, here is the log from the commit of package vsftpd for openSUSE:Factory checked in at 2012-10-24 07:19:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vsftpd (Old) and /work/SRC/openSUSE:Factory/.vsftpd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "vsftpd", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/vsftpd/vsftpd.changes 2012-08-31 10:02:43.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.vsftpd.new/vsftpd.changes 2012-10-24 10:24:24.000000000 +0200 @@ -1,0 +2,17 @@ +Mon Oct 22 13:38:57 UTC 2012 - [email protected] + +- update to 3.0.2 (bnc#786024) + * Fix some seccomp related build errors on certain CentOS and Debian versions. + * Seccomp filter sandbox: missing munmap() -- oops. Did you know that qsort() + opens and maps /proc/meminfo but only for larger item counts? + * Seccomp filter sandbox: deny socket() gracefully for text_userdb_names. + * Fix various NULL crashes with nonsensical config settings. Noted by Tianyin + Xu <[email protected]>. + * Force cast to unsigned char in is* char functions. + * Fix harmless integer issues in strlist.c. + * Started on a (possibly ill-advised?) crusade to compile cleanly with + Wconversion. Decided to suspend the effort half-way through. + * One more seccomp policy fix: mremap (denied). + * Support STOU with no filename, uses a STOU. prefix. + +------------------------------------------------------------------- Old: ---- vsftpd-3.0.0.tar.gz New: ---- vsftpd-3.0.2.tar.gz vsftpd-3.0.2.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vsftpd.spec ++++++ --- /var/tmp/diff_new_pack.SGqW67/_old 2012-10-24 10:24:30.000000000 +0200 +++ /var/tmp/diff_new_pack.SGqW67/_new 2012-10-24 10:24:30.000000000 +0200 @@ -27,13 +27,13 @@ %if 0%{?suse_version} > 1140 BuildRequires: systemd %endif -Version: 3.0.0 +Version: 3.0.2 Release: 0 Summary: Very Secure FTP Daemon - Written from Scratch License: GPL-2.0+ Group: Productivity/Networking/Ftp/Servers Url: https://security.appspot.com/vsftpd.html -Source: %name-%version.tar.gz +Source0: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz Source1: %name.pam Source2: %name.logrotate Source3: %name.init @@ -41,6 +41,7 @@ Source5: %name.xml Source6: %name.firewall Source7: vsftpd.service +Source1000: https://security.appspot.com/downloads/%{name}-%{version}.tar.gz.asc Patch1: vsftpd-2.0.4-lib64.diff Patch3: vsftpd-2.0.4-xinetd.diff Patch4: vsftpd-2.0.4-enable-ssl.patch ++++++ vsftpd-3.0.0.tar.gz -> vsftpd-3.0.2.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/Changelog new/vsftpd-3.0.2/Changelog --- old/vsftpd-3.0.0/Changelog 2012-04-05 04:57:54.000000000 +0200 +++ new/vsftpd-3.0.2/Changelog 2012-09-18 12:03:15.000000000 +0200 @@ -1323,3 +1323,23 @@ At this point: v3.0.0 released! =============================== + +- Fix some seccomp related build errors on certain CentOS and Debian versions. +- Seccomp filter sandbox: missing munmap() -- oops. Did you know that qsort() +opens and maps /proc/meminfo but only for larger item counts? +- Seccomp filter sandbox: deny socket() gracefully for text_userdb_names. +- Fix various NULL crashes with nonsensical config settings. Noted by Tianyin Xu +<[email protected]>. +- Force cast to unsigned char in is* char functions. +- Fix harmless integer issues in strlist.c. +- Started on a (possibly ill-advised?) crusade to compile cleanly with +Wconversion. Decided to suspend the effort half-way through. + +At this point: v3.0.1 released! +=============================== + +- One more seccomp policy fix: mremap (denied). +- Support STOU with no filename, uses a STOU. prefix. + +At this point: v3.0.2 released! +=============================== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/README new/vsftpd-3.0.2/README --- old/vsftpd-3.0.0/README 2012-01-06 00:17:47.000000000 +0100 +++ new/vsftpd-3.0.2/README 2012-09-18 12:02:27.000000000 +0200 @@ -1,4 +1,4 @@ -This is vsftpd, version 3.0.0 +This is vsftpd, version 3.0.2 Author: Chris Evans Contact: [email protected] Website: http://vsftpd.beasts.org/ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/banner.c new/vsftpd-3.0.2/banner.c --- old/vsftpd-3.0.0/banner.c 2008-02-02 02:30:41.000000000 +0100 +++ new/vsftpd-3.0.2/banner.c 2012-09-16 06:14:33.000000000 +0200 @@ -53,8 +53,11 @@ */ { struct mystr msg_file_str = INIT_MYSTR; - (void) str_fileread(&msg_file_str, tunable_message_file, - VSFTP_MAX_MSGFILE_SIZE); + if (tunable_message_file) + { + (void) str_fileread(&msg_file_str, tunable_message_file, + VSFTP_MAX_MSGFILE_SIZE); + } vsf_banner_write(p_sess, &msg_file_str, ftpcode); str_free(&msg_file_str); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/filestr.c new/vsftpd-3.0.2/filestr.c --- old/vsftpd-3.0.0/filestr.c 2009-07-18 08:03:15.000000000 +0200 +++ new/vsftpd-3.0.2/filestr.c 2012-09-16 09:14:19.000000000 +0200 @@ -50,7 +50,7 @@ { die("read size mismatch"); } - str_alloc_memchunk(p_str, p_sec_buf, size); + str_alloc_memchunk(p_str, p_sec_buf, (unsigned int) size); } free_out: vsf_sysutil_free(p_stat); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/hash.c new/vsftpd-3.0.2/hash.c --- old/vsftpd-3.0.0/hash.c 2008-02-02 02:30:41.000000000 +0100 +++ new/vsftpd-3.0.2/hash.c 2012-09-16 09:26:43.000000000 +0200 @@ -42,7 +42,7 @@ p_hash->key_size = key_size; p_hash->value_size = value_size; p_hash->hash_func = hash_func; - size = sizeof(struct hash_node*) * buckets; + size = (unsigned int) sizeof(struct hash_node*) * buckets; p_hash->p_nodes = vsf_sysutil_malloc(size); vsf_sysutil_memclr(p_hash->p_nodes, size); return p_hash; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/logging.c new/vsftpd-3.0.2/logging.c --- old/vsftpd-3.0.0/logging.c 2011-12-14 11:25:45.000000000 +0100 +++ new/vsftpd-3.0.2/logging.c 2012-09-16 06:11:45.000000000 +0200 @@ -30,7 +30,6 @@ void vsf_log_init(struct vsf_session* p_sess) { - int retval; if (tunable_syslog_enable || tunable_tcp_wrappers) { vsf_sysutil_openlog(1); @@ -41,7 +40,12 @@ } if (tunable_dual_log_enable || tunable_xferlog_std_format) { - retval = vsf_sysutil_create_or_open_file_append(tunable_xferlog_file, 0600); + int retval = -1; + if (tunable_xferlog_file) + { + retval = vsf_sysutil_create_or_open_file_append(tunable_xferlog_file, + 0600); + } if (vsf_sysutil_retval_is_error(retval)) { die2("failed to open xferlog log file:", tunable_xferlog_file); @@ -52,8 +56,12 @@ { if (!tunable_syslog_enable) { - retval = vsf_sysutil_create_or_open_file_append(tunable_vsftpd_log_file, - 0600); + int retval = -1; + if (tunable_vsftpd_log_file) + { + retval = vsf_sysutil_create_or_open_file_append(tunable_vsftpd_log_file, + 0600); + } if (vsf_sysutil_retval_is_error(retval)) { die2("failed to open vsftpd log file:", tunable_vsftpd_log_file); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/ls.c new/vsftpd-3.0.2/ls.c --- old/vsftpd-3.0.0/ls.c 2011-02-15 08:02:51.000000000 +0100 +++ new/vsftpd-3.0.2/ls.c 2012-09-16 08:54:43.000000000 +0200 @@ -88,7 +88,6 @@ } while (1) { - int len; static struct mystr s_next_filename_str; static struct mystr s_next_path_and_filename_str; static struct vsf_sysutil_statbuf* s_p_statbuf; @@ -97,18 +96,20 @@ { break; } - len = str_getlen(&s_next_filename_str); - if (len > 0 && str_get_char_at(&s_next_filename_str, 0) == '.') { - if (!a_option && !tunable_force_dot_files) + unsigned int len = str_getlen(&s_next_filename_str); + if (len > 0 && str_get_char_at(&s_next_filename_str, 0) == '.') { - continue; - } - if (!a_option && - ((len == 2 && str_get_char_at(&s_next_filename_str, 1) == '.') || - len == 1)) - { - continue; + if (!a_option && !tunable_force_dot_files) + { + continue; + } + if (!a_option && + ((len == 2 && str_get_char_at(&s_next_filename_str, 1) == '.') || + len == 1)) + { + continue; + } } } /* Don't show hidden directory entries */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/main.c new/vsftpd-3.0.2/main.c --- old/vsftpd-3.0.0/main.c 2012-04-05 03:27:13.000000000 +0200 +++ new/vsftpd-3.0.2/main.c 2012-09-16 06:27:13.000000000 +0200 @@ -200,8 +200,12 @@ } if (tunable_deny_email_enable) { - int retval = str_fileread(&the_session.banned_email_str, - tunable_banned_email_file, VSFTP_CONF_FILE_MAX); + int retval = -1; + if (tunable_banned_email_file) + { + retval = str_fileread(&the_session.banned_email_str, + tunable_banned_email_file, VSFTP_CONF_FILE_MAX); + } if (vsf_sysutil_retval_is_error(retval)) { die2("cannot read anon e-mail list file:", tunable_banned_email_file); @@ -218,9 +222,13 @@ } if (tunable_secure_email_list_enable) { - int retval = str_fileread(&the_session.email_passwords_str, - tunable_email_password_file, - VSFTP_CONF_FILE_MAX); + int retval = -1; + if (tunable_email_password_file) + { + retval = str_fileread(&the_session.email_passwords_str, + tunable_email_password_file, + VSFTP_CONF_FILE_MAX); + } if (vsf_sysutil_retval_is_error(retval)) { die2("cannot read email passwords file:", tunable_email_password_file); @@ -329,8 +337,11 @@ /* If anonymous mode is active, fetch the uid of the anonymous user */ if (tunable_anonymous_enable) { - const struct vsf_sysutil_user* p_user = - vsf_sysutil_getpwnam(tunable_ftp_username); + const struct vsf_sysutil_user* p_user = 0; + if (tunable_ftp_username) + { + p_user = vsf_sysutil_getpwnam(tunable_ftp_username); + } if (p_user == 0) { die2("vsftpd: cannot locate user specified in 'ftp_username':", @@ -340,8 +351,11 @@ } if (tunable_guest_enable) { - const struct vsf_sysutil_user* p_user = - vsf_sysutil_getpwnam(tunable_guest_username); + const struct vsf_sysutil_user* p_user = 0; + if (tunable_guest_username) + { + p_user = vsf_sysutil_getpwnam(tunable_guest_username); + } if (p_user == 0) { die2("vsftpd: cannot locate user specified in 'guest_username':", @@ -351,8 +365,11 @@ } if (tunable_chown_uploads) { - const struct vsf_sysutil_user* p_user = - vsf_sysutil_getpwnam(tunable_chown_username); + const struct vsf_sysutil_user* p_user = 0; + if (tunable_chown_username) + { + p_user = vsf_sysutil_getpwnam(tunable_chown_username); + } if (p_user == 0) { die2("vsftpd: cannot locate user specified in 'chown_username':", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/oneprocess.c new/vsftpd-3.0.2/oneprocess.c --- old/vsftpd-3.0.0/oneprocess.c 2012-03-27 23:23:40.000000000 +0200 +++ new/vsftpd-3.0.2/oneprocess.c 2012-09-16 06:01:37.000000000 +0200 @@ -76,7 +76,10 @@ { struct mystr user_name = INIT_MYSTR; struct mystr chdir_str = INIT_MYSTR; - str_alloc_text(&user_name, tunable_ftp_username); + if (tunable_ftp_username) + { + str_alloc_text(&user_name, tunable_ftp_username); + } if (tunable_anon_root) { str_alloc_text(&chdir_str, tunable_anon_root); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/parseconf.c new/vsftpd-3.0.2/parseconf.c --- old/vsftpd-3.0.0/parseconf.c 2012-03-28 05:11:39.000000000 +0200 +++ new/vsftpd-3.0.2/parseconf.c 2012-09-16 09:15:07.000000000 +0200 @@ -344,7 +344,8 @@ } else { - *(p_uint_setting->p_variable) = str_atoi(&s_value_str); + /* TODO: we could reject negatives instead of converting them? */ + *(p_uint_setting->p_variable) = (unsigned int) str_atoi(&s_value_str); } return; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/postlogin.c new/vsftpd-3.0.2/postlogin.c --- old/vsftpd-3.0.0/postlogin.c 2012-04-05 04:56:31.000000000 +0200 +++ new/vsftpd-3.0.2/postlogin.c 2012-09-18 11:59:37.000000000 +0200 @@ -974,8 +974,7 @@ vsf_cmdio_write(p_sess, FTP_BADCMD, "Illegal PORT command."); return; } - the_port = vals[4] << 8; - the_port |= vals[5]; + the_port = (unsigned short) ((vals[4] << 8) | vals[5]); vsf_sysutil_sockaddr_clone(&p_sess->p_port_sockaddr, p_sess->p_local_addr); vsf_sysutil_sockaddr_set_ipv4addr(p_sess->p_port_sockaddr, vals); vsf_sysutil_sockaddr_set_port(p_sess->p_port_sockaddr, the_port); @@ -1736,7 +1735,7 @@ { if (!vsf_sysutil_sockaddr_addr_equal(p_sess->p_remote_addr, p_sess->p_port_sockaddr) || - vsf_sysutil_is_port_reserved(port)) + vsf_sysutil_is_port_reserved((unsigned short) port)) { vsf_cmdio_write(p_sess, FTP_BADCMD, "Illegal EPRT command."); port_cleanup(p_sess); @@ -1780,17 +1779,28 @@ * two sessions are using the same file prefix at the same time. */ static struct vsf_sysutil_statbuf* s_p_statbuf; + static struct mystr s_stou_str; unsigned int suffix = 1; - /* Do not add any suffix at all if the name is not taken. */ - int retval = str_stat(p_base_str, &s_p_statbuf); - if (vsf_sysutil_retval_is_error(retval)) + const struct mystr* p_real_base_str = p_base_str; + int retval; + if (str_isempty(p_real_base_str)) { - str_copy(p_outstr, p_base_str); - return; + str_alloc_text(&s_stou_str, "STOU"); + p_real_base_str = &s_stou_str; + } + else + { + /* Do not add any suffix at all if the name is not taken. */ + retval = str_stat(p_real_base_str, &s_p_statbuf); + if (vsf_sysutil_retval_is_error(retval)) + { + str_copy(p_outstr, p_real_base_str); + return; + } } while (1) { - str_copy(p_outstr, p_base_str); + str_copy(p_outstr, p_real_base_str); str_append_char(p_outstr, '.'); str_append_ulong(p_outstr, suffix); retval = str_stat(p_outstr, &s_p_statbuf); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/postprivparent.c new/vsftpd-3.0.2/postprivparent.c --- old/vsftpd-3.0.0/postprivparent.c 2012-03-27 23:25:18.000000000 +0200 +++ new/vsftpd-3.0.2/postprivparent.c 2012-09-16 05:59:27.000000000 +0200 @@ -96,8 +96,14 @@ unsigned int caps = 0; struct mystr user_str = INIT_MYSTR; struct mystr dir_str = INIT_MYSTR; - str_alloc_text(&user_str, tunable_nopriv_user); - str_alloc_text(&dir_str, tunable_secure_chroot_dir); + if (tunable_nopriv_user) + { + str_alloc_text(&user_str, tunable_nopriv_user); + } + if (tunable_secure_chroot_dir) + { + str_alloc_text(&dir_str, tunable_secure_chroot_dir); + } if (tunable_chown_uploads) { caps |= kCapabilityCAP_CHOWN; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/privops.c new/vsftpd-3.0.2/privops.c --- old/vsftpd-3.0.0/privops.c 2012-04-03 00:20:22.000000000 +0200 +++ new/vsftpd-3.0.2/privops.c 2012-09-16 09:21:24.000000000 +0200 @@ -41,7 +41,7 @@ int retval; int i; int s = vsf_sysutil_get_ipsock(p_sess->p_local_addr); - int port = 0; + unsigned short port = 0; if (p_sess->pasv_listen_fd != -1) { die("listed fd is active?"); @@ -52,7 +52,7 @@ } if (tunable_connect_from_port_20) { - port = tunable_ftp_data_port; + port = (unsigned short) tunable_ftp_data_port; } vsf_sysutil_activate_reuseaddr(s); /* A report of failure here on Solaris, presumably buggy address reuse @@ -133,11 +133,11 @@ if (tunable_pasv_min_port > min_port && tunable_pasv_min_port <= max_port) { - min_port = tunable_pasv_min_port; + min_port = (unsigned short) tunable_pasv_min_port; } if (tunable_pasv_max_port >= min_port && tunable_pasv_max_port < max_port) { - max_port = tunable_pasv_max_port; + max_port = (unsigned short) tunable_pasv_max_port; } while (--bind_retries) @@ -145,8 +145,8 @@ int retval; double scaled_port; the_port = vsf_sysutil_get_random_byte(); - the_port <<= 8; - the_port |= vsf_sysutil_get_random_byte(); + the_port = (unsigned short) (the_port << 8); + the_port = (unsigned short) (the_port | vsf_sysutil_get_random_byte()); scaled_port = (double) min_port; scaled_port += ((double) the_port / (double) 65536) * ((double) max_port - min_port + 1); @@ -367,7 +367,10 @@ str_replace_char(&p_sess->anon_pass_str, '\n', '?'); { struct mystr ftp_username_str = INIT_MYSTR; - str_alloc_text(&ftp_username_str, tunable_ftp_username); + if (tunable_ftp_username) + { + str_alloc_text(&ftp_username_str, tunable_ftp_username); + } setup_username_globals(p_sess, &ftp_username_str); str_free(&ftp_username_str); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/seccompsandbox.c new/vsftpd-3.0.2/seccompsandbox.c --- old/vsftpd-3.0.0/seccompsandbox.c 2012-04-05 00:41:51.000000000 +0200 +++ new/vsftpd-3.0.2/seccompsandbox.c 2012-09-18 08:52:30.000000000 +0200 @@ -33,6 +33,10 @@ /* #define DEBUG_SIGSYS 1 */ +#ifndef PR_SET_SECCOMP + #define PR_SET_SECCOMP 22 +#endif + #ifndef PR_SET_NO_NEW_PRIVS #define PR_SET_NO_NEW_PRIVS 38 #endif @@ -45,6 +49,14 @@ #define O_LARGEFILE 00100000 #endif +#ifndef O_DIRECTORY + #define O_DIRECTORY 00200000 +#endif + +#ifndef O_CLOEXEC + #define O_CLOEXEC 002000000 +#endif + #define kMaxSyscalls 100 #ifdef DEBUG_SIGSYS @@ -67,6 +79,7 @@ static size_t s_2_arg_validations; static size_t s_3_arg_validations; static int s_syscalls[kMaxSyscalls]; +static int s_errnos[kMaxSyscalls]; static int s_args_1[kMaxSyscalls]; static int s_vals_1[kMaxSyscalls]; static int s_args_2[kMaxSyscalls]; @@ -85,6 +98,26 @@ { bug("negative syscall"); } + s_errnos[s_syscall_index] = 0; + s_syscalls[s_syscall_index++] = nr; +} + +static void +reject_nr(int nr, int errcode) +{ + if (s_syscall_index >= kMaxSyscalls) + { + bug("out of syscall space"); + } + if (nr < 0) + { + bug("negative syscall"); + } + if (errcode < 0 || errcode > 255) + { + bug("bad errcode"); + } + s_errnos[s_syscall_index] = errcode; s_syscalls[s_syscall_index++] = nr; } @@ -105,6 +138,7 @@ } s_args_1[s_syscall_index] = arg; s_vals_1[s_syscall_index] = val; + s_errnos[s_syscall_index] = 0; s_syscalls[s_syscall_index++] = nr; s_1_arg_validations++; } @@ -126,6 +160,7 @@ } s_args_1[s_syscall_index] = 100 + arg; s_vals_1[s_syscall_index] = val; + s_errnos[s_syscall_index] = 0; s_syscalls[s_syscall_index++] = nr; s_1_arg_validations++; } @@ -153,6 +188,7 @@ s_vals_1[s_syscall_index] = val1; s_args_2[s_syscall_index] = arg2; s_vals_2[s_syscall_index] = val2; + s_errnos[s_syscall_index] = 0; s_syscalls[s_syscall_index++] = nr; s_2_arg_validations++; } @@ -180,6 +216,7 @@ s_vals_1[s_syscall_index] = val1; s_args_2[s_syscall_index] = arg2; s_vals_2[s_syscall_index] = val2; + s_errnos[s_syscall_index] = 0; s_syscalls[s_syscall_index++] = nr; s_2_arg_validations++; } @@ -214,6 +251,7 @@ s_vals_2[s_syscall_index] = val2; s_args_3[s_syscall_index] = arg3; s_vals_3[s_syscall_index] = val3; + s_errnos[s_syscall_index] = 0; s_syscalls[s_syscall_index++] = nr; s_3_arg_validations++; } @@ -256,7 +294,10 @@ 3, PROT_READ|PROT_WRITE, 4, MAP_PRIVATE|MAP_ANON); allow_nr_1_arg_mask(__NR_mprotect, 3, PROT_READ); + allow_nr(__NR_munmap); allow_nr(__NR_brk); + /* glibc falls back gracefully if mremap() fails during realloc(). */ + reject_nr(__NR_mremap, ENOSYS); /* Misc simple low-risk calls. */ allow_nr(__NR_rt_sigreturn); /* Used to handle SIGPIPE. */ @@ -402,8 +443,8 @@ if (tunable_text_userdb_names) { + reject_nr(__NR_socket, EACCES); allow_nr_2_arg_match(__NR_mmap, 3, PROT_READ, 4, MAP_SHARED); - allow_nr(__NR_munmap); } if (tunable_write_enable) @@ -565,8 +606,16 @@ p_filter->code = BPF_RET+BPF_K; p_filter->jt = 0; p_filter->jf = 0; - /* SECCOMP_RET_ALLOW */ - p_filter->k = 0x7fff0000; + if (!s_errnos[i]) + { + /* SECCOMP_RET_ALLOW */ + p_filter->k = 0x7fff0000; + } + else + { + /* SECCOMP_RET_ERRNO */ + p_filter->k = 0x00050000 + s_errnos[i]; + } p_filter++; if (s_args_1[i]) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/standalone.c new/vsftpd-3.0.2/standalone.c --- old/vsftpd-3.0.0/standalone.c 2010-03-26 04:25:17.000000000 +0100 +++ new/vsftpd-3.0.2/standalone.c 2012-09-16 09:26:04.000000000 +0200 @@ -80,7 +80,8 @@ { struct vsf_sysutil_sockaddr* p_sockaddr = 0; vsf_sysutil_sockaddr_alloc_ipv4(&p_sockaddr); - vsf_sysutil_sockaddr_set_port(p_sockaddr, tunable_listen_port); + vsf_sysutil_sockaddr_set_port(p_sockaddr, + (unsigned short) tunable_listen_port); if (!tunable_listen_address) { vsf_sysutil_sockaddr_set_any(p_sockaddr); @@ -103,7 +104,8 @@ { struct vsf_sysutil_sockaddr* p_sockaddr = 0; vsf_sysutil_sockaddr_alloc_ipv6(&p_sockaddr); - vsf_sysutil_sockaddr_set_port(p_sockaddr, tunable_listen_port); + vsf_sysutil_sockaddr_set_port(p_sockaddr, + (unsigned short) tunable_listen_port); if (!tunable_listen_address6) { vsf_sysutil_sockaddr_set_any(p_sockaddr); @@ -272,7 +274,7 @@ unsigned int i; for (i = 0; i < s_ipaddr_size; ++i) { - val ^= p_raw_ip[i] << shift; + val = val ^ (unsigned int) (p_raw_ip[i] << shift); shift -= 8; if (shift < 0) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/str.c new/vsftpd-3.0.2/str.c --- old/vsftpd-3.0.0/str.c 2012-03-28 17:25:40.000000000 +0200 +++ new/vsftpd-3.0.2/str.c 2012-09-16 09:09:06.000000000 +0200 @@ -289,7 +289,7 @@ unsigned int i; for (i=0; i < p_str->len; i++) { - p_str->p_buf[i] = vsf_sysutil_toupper(p_str->p_buf[i]); + p_str->p_buf[i] = (char) vsf_sysutil_toupper(p_str->p_buf[i]); } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/strlist.c new/vsftpd-3.0.2/strlist.c --- old/vsftpd-3.0.0/strlist.c 2008-02-02 02:30:39.000000000 +0100 +++ new/vsftpd-3.0.2/strlist.c 2012-09-16 09:09:55.000000000 +0200 @@ -22,6 +22,8 @@ }; /* File locals */ +static const unsigned int kMaxStrlist = 10 * 1000 * 1000; + static struct mystr s_null_str; static int sort_compare_func(const void* p1, const void* p2); @@ -46,7 +48,7 @@ } } -int +unsigned int str_list_get_length(const struct mystr_list* p_list) { return p_list->list_len; @@ -78,15 +80,19 @@ if (p_list->alloc_len == 0) { p_list->alloc_len = 32; - p_list->p_nodes = vsf_sysutil_malloc(p_list->alloc_len * - sizeof(struct mystr_list_node)); + p_list->p_nodes = vsf_sysutil_malloc( + p_list->alloc_len * (unsigned int) sizeof(struct mystr_list_node)); } else { p_list->alloc_len *= 2; - p_list->p_nodes = vsf_sysutil_realloc(p_list->p_nodes, - p_list->alloc_len * - sizeof(struct mystr_list_node)); + if (p_list->alloc_len > kMaxStrlist) + { + die("excessive strlist"); + } + p_list->p_nodes = vsf_sysutil_realloc( + p_list->p_nodes, + p_list->alloc_len * (unsigned int) sizeof(struct mystr_list_node)); } } p_node = &p_list->p_nodes[p_list->list_len]; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/strlist.h new/vsftpd-3.0.2/strlist.h --- old/vsftpd-3.0.0/strlist.h 2008-02-02 02:30:40.000000000 +0100 +++ new/vsftpd-3.0.2/strlist.h 2012-09-16 08:19:48.000000000 +0200 @@ -21,7 +21,7 @@ const struct mystr* p_sort_key_str); void str_list_sort(struct mystr_list* p_list, int reverse); -int str_list_get_length(const struct mystr_list* p_list); +unsigned int str_list_get_length(const struct mystr_list* p_list); int str_list_contains_str(const struct mystr_list* p_list, const struct mystr* p_str); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/sysdeputil.c new/vsftpd-3.0.2/sysdeputil.c --- old/vsftpd-3.0.0/sysdeputil.c 2010-03-26 04:25:33.000000000 +0100 +++ new/vsftpd-3.0.2/sysdeputil.c 2012-09-16 06:18:04.000000000 +0200 @@ -322,7 +322,7 @@ const struct mystr* p_pass_str, const struct mystr* p_remote_host) { - int retval; + int retval = -1; pam_item_t item; const char* pam_user_name = 0; struct pam_conv the_conv = @@ -335,8 +335,11 @@ bug("vsf_sysdep_check_auth"); } str_copy(&s_pword_str, p_pass_str); - retval = pam_start(tunable_pam_service_name, - str_getbuf(p_user_str), &the_conv, &s_pamh); + if (tunable_pam_service_name) + { + retval = pam_start(tunable_pam_service_name, + str_getbuf(p_user_str), &the_conv, &s_pamh); + } if (retval != PAM_SUCCESS) { s_pamh = 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/sysutil.c new/vsftpd-3.0.2/sysutil.c --- old/vsftpd-3.0.0/sysutil.c 2012-04-03 09:00:31.000000000 +0200 +++ new/vsftpd-3.0.2/sysutil.c 2012-09-16 09:07:38.000000000 +0200 @@ -909,13 +909,13 @@ int vsf_sysutil_toupper(int the_char) { - return toupper(the_char); + return toupper((unsigned char) the_char); } int vsf_sysutil_isspace(int the_char) { - return isspace(the_char); + return isspace((unsigned char) the_char); } int @@ -943,13 +943,13 @@ int vsf_sysutil_isalnum(int the_char) { - return isalnum(the_char); + return isalnum((unsigned char) the_char); } int vsf_sysutil_isdigit(int the_char) { - return isdigit(the_char); + return isdigit((unsigned char) the_char); } char* @@ -2790,7 +2790,7 @@ } void -vsf_sysutil_set_address_space_limit(long bytes) +vsf_sysutil_set_address_space_limit(unsigned long bytes) { /* Unfortunately, OpenBSD is missing RLIMIT_AS. */ #ifdef RLIMIT_AS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/sysutil.h new/vsftpd-3.0.2/sysutil.h --- old/vsftpd-3.0.0/sysutil.h 2010-08-19 02:09:02.000000000 +0200 +++ new/vsftpd-3.0.2/sysutil.h 2012-09-16 08:13:13.000000000 +0200 @@ -344,7 +344,7 @@ int vsf_sysutil_setmodtime(const char* p_file, long the_time, int is_localtime); /* Limits */ -void vsf_sysutil_set_address_space_limit(long bytes); +void vsf_sysutil_set_address_space_limit(unsigned long bytes); void vsf_sysutil_set_no_fds(void); void vsf_sysutil_set_no_procs(void); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/twoprocess.c new/vsftpd-3.0.2/twoprocess.c --- old/vsftpd-3.0.0/twoprocess.c 2012-04-02 23:03:19.000000000 +0200 +++ new/vsftpd-3.0.2/twoprocess.c 2012-09-16 09:15:49.000000000 +0200 @@ -124,8 +124,12 @@ } if (tunable_local_enable && tunable_userlist_enable) { - int retval = str_fileread(&p_sess->userlist_str, tunable_userlist_file, - VSFTP_CONF_FILE_MAX); + int retval = -1; + if (tunable_userlist_file) + { + retval = str_fileread(&p_sess->userlist_str, tunable_userlist_file, + VSFTP_CONF_FILE_MAX); + } if (vsf_sysutil_retval_is_error(retval)) { die2("cannot read user list file:", tunable_userlist_file); @@ -144,7 +148,7 @@ { struct mystr user_str = INIT_MYSTR; struct mystr dir_str = INIT_MYSTR; - int option = VSF_SECUTIL_OPTION_CHROOT | VSF_SECUTIL_OPTION_NO_PROCS; + unsigned int option = VSF_SECUTIL_OPTION_CHROOT | VSF_SECUTIL_OPTION_NO_PROCS; if (!tunable_ssl_enable) { /* Unfortunately, can only enable this if we can be sure of not using SSL. @@ -152,8 +156,14 @@ */ option |= VSF_SECUTIL_OPTION_NO_FDS; } - str_alloc_text(&user_str, tunable_nopriv_user); - str_alloc_text(&dir_str, tunable_secure_chroot_dir); + if (tunable_nopriv_user) + { + str_alloc_text(&user_str, tunable_nopriv_user); + } + if (tunable_secure_chroot_dir) + { + str_alloc_text(&dir_str, tunable_secure_chroot_dir); + } /* Be kind: give good error message if the secure dir is missing */ { struct vsf_sysutil_statbuf* p_statbuf = 0; @@ -315,7 +325,11 @@ return; break; case kVSFLoginAnon: - str_alloc_text(&p_sess->user_str, tunable_ftp_username); + str_free(&p_sess->user_str); + if (tunable_ftp_username) + { + str_alloc_text(&p_sess->user_str, tunable_ftp_username); + } common_do_login(p_sess, &p_sess->user_str, 1, 1); break; case kVSFLoginReal: @@ -328,9 +342,12 @@ if (tunable_chroot_list_enable) { struct mystr chroot_list_file = INIT_MYSTR; - int retval = str_fileread(&chroot_list_file, - tunable_chroot_list_file, - VSFTP_CONF_FILE_MAX); + int retval = -1; + if (tunable_chroot_list_file) + { + retval = str_fileread(&chroot_list_file, tunable_chroot_list_file, + VSFTP_CONF_FILE_MAX); + } if (vsf_sysutil_retval_is_error(retval)) { die2("could not read chroot() list file:", @@ -413,7 +430,10 @@ { p_sess->is_guest = 1; /* Remap to the guest user */ - str_alloc_text(&guest_user_str, tunable_guest_username); + if (tunable_guest_username) + { + str_alloc_text(&guest_user_str, tunable_guest_username); + } p_user_str = &guest_user_str; if (!tunable_virtual_use_local_privs) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/utility.c new/vsftpd-3.0.2/utility.c --- old/vsftpd-3.0.0/utility.c 2012-04-02 23:04:23.000000000 +0200 +++ new/vsftpd-3.0.2/utility.c 2012-09-16 06:09:09.000000000 +0200 @@ -26,7 +26,14 @@ { struct mystr die_str = INIT_MYSTR; str_alloc_text(&die_str, p_text1); - str_append_text(&die_str, p_text2); + if (p_text2) + { + str_append_text(&die_str, p_text2); + } + else + { + str_append_text(&die_str, "(null)"); + } die(str_getbuf(&die_str)); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vsftpd-3.0.0/vsftpver.h new/vsftpd-3.0.2/vsftpver.h --- old/vsftpd-3.0.0/vsftpver.h 2012-01-06 00:17:41.000000000 +0100 +++ new/vsftpd-3.0.2/vsftpver.h 2012-09-18 12:02:36.000000000 +0200 @@ -1,7 +1,7 @@ #ifndef VSF_VERSION_H #define VSF_VERSION_H -#define VSF_VERSION "3.0.0" +#define VSF_VERSION "3.0.2" #endif /* VSF_VERSION_H */ -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
