Hello community, here is the log from the commit of package thttpd for openSUSE:Factory checked in at 2013-03-10 09:13:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/thttpd (Old) and /work/SRC/openSUSE:Factory/.thttpd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "thttpd", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/thttpd/thttpd.changes 2012-11-02 17:43:30.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.thttpd.new/thttpd.changes 2013-03-10 09:13:17.000000000 +0100 @@ -1,0 +2,6 @@ +Mon Mar 4 16:04:08 UTC 2013 - [email protected] + +- added checks for crypt() return value (CVE-2012-5640) (bnc#783165) + * thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch + +------------------------------------------------------------------- New: ---- thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ thttpd.spec ++++++ --- /var/tmp/diff_new_pack.9YkcjN/_old 2013-03-10 09:13:18.000000000 +0100 +++ /var/tmp/diff_new_pack.9YkcjN/_new 2013-03-10 09:13:18.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package thttpd # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -36,6 +36,8 @@ Patch10: %{name}-%{version}-zerolen.patch Patch11: %{name}-%{version}-strcpy.patch Patch12: thttpd-2.25b-getline.patch +# PATCH-FIX-SUSE CVE-2012-5640 +Patch13: thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch Url: http://www.acme.com/software/thttpd/ BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: Small and very simple webserver @@ -75,6 +77,7 @@ %patch10 %patch11 %patch12 +%patch13 -p1 %build cp /usr/share/automake-1.*/config.* . ++++++ thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch ++++++ Index: thttpd-2.25b/libhttpd.c =================================================================== --- thttpd-2.25b.orig/libhttpd.c 2013-03-04 18:01:55.209721739 +0100 +++ thttpd-2.25b/libhttpd.c 2013-03-04 18:01:55.244722735 +0100 @@ -1024,6 +1024,7 @@ auth_check2( httpd_conn* hc, char* dirna static size_t maxprevuser = 0; static char* prevcryp; static size_t maxprevcryp = 0; + char *crypt_result; /* Construct auth filename. */ httpd_realloc_str( @@ -1072,7 +1073,10 @@ auth_check2( httpd_conn* hc, char* dirna strcmp( authinfo, prevuser ) == 0 ) { /* Yes. Check against the cached encrypted password. */ - if ( strcmp( crypt( authpass, prevcryp ), prevcryp ) == 0 ) + crypt_result = crypt( authpass, prevcryp ); + if ( ! crypt_result ) + return -1; + if ( strcmp( crypt_result, prevcryp ) == 0 ) { /* Ok! */ httpd_realloc_str( @@ -1121,7 +1125,10 @@ auth_check2( httpd_conn* hc, char* dirna /* Yes. */ (void) fclose( fp ); /* So is the password right? */ - if ( strcmp( crypt( authpass, cryp ), cryp ) == 0 ) + crypt_result = crypt( authpass, cryp ); + if ( ! crypt_result ) + return -1; + if ( strcmp( crypt_result, cryp ) == 0 ) { /* Ok! */ httpd_realloc_str( Index: thttpd-2.25b/extras/htpasswd.c =================================================================== --- thttpd-2.25b.orig/extras/htpasswd.c 2013-03-04 18:01:55.226722223 +0100 +++ thttpd-2.25b/extras/htpasswd.c 2013-03-04 18:02:15.755306445 +0100 @@ -133,7 +133,10 @@ add_password( char* user, FILE* f ) (void) srandom( (int) time( (time_t*) 0 ) ); to64( &salt[0], random(), 2 ); cpw = crypt( pw, salt ); - (void) fprintf( f, "%s:%s\n", user, cpw ); + if (cpw) + (void) fprintf( f, "%s:%s\n", user, cpw ); + else + (void) fprintf( stderr, "crypt() returned NULL, sorry\n" ); } static void usage(void) { -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
