Your message dated Mon, 12 Dec 2005 11:47:06 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#307489: fixed in nstx 1.1-beta6-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 3 May 2005 14:08:00 +0000
>From [EMAIL PROTECTED] Tue May 03 07:08:00 2005
Return-path: <[EMAIL PROTECTED]>
Received: from pat.uio.no [129.240.130.16]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DSy47-00024v-00; Tue, 03 May 2005 07:08:00 -0700
Received: from mail-mx6.uio.no ([129.240.10.47])
by pat.uio.no with esmtp (Exim 4.43)
id 1DSy3Y-0000Xj-TG
for [EMAIL PROTECTED]; Tue, 03 May 2005 16:07:25 +0200
Received: from saruman.uio.no ([129.240.201.202])
by mail-mx6.uio.no with esmtp (Exim 4.43)
id 1DSxyh-0000u2-S6; Tue, 03 May 2005 16:02:23 +0200
Received: from pre by saruman.uio.no with local (Exim 4.44)
id 1DSxyh-0007A6-GS; Tue, 03 May 2005 16:02:23 +0200
To: [EMAIL PROTECTED]
Subject: nstxd: Segfaults on normal dns zone lookup
From: Petter Reinholdtsen <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
Sender: Petter Reinholdtsen <[EMAIL PROTECTED]>
Date: Tue, 03 May 2005 16:02:23 +0200
X-UiO-Spam-info: not spam, SpamAssassin (score=-5.338, required 12,
autolearn=disabled, ALL_TRUSTED -2.82, AWL 2.48,
UIO_MAIL_IS_INTERNAL -5.00)
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: nstx
Version: 1.1-beta6-2.1
Severity: important
Tags: patch
I recently tested nstx, trying to prepare a emergency tunnel for my
laptop. I ran into a annoying problem with the server crashing when I
tested it using 'host tun-domain.somewhere.org'. It crashes in
lbl2data() because realloc() return NULL, and this can't be used as a
pointer. I tracked down the real problem, and this is in
dns_fqdn2data().
The problem is that the suffix and the fqdn is identical. This leads
to a call to lbl2data(fqdn, 0), and using realloc(buf, 0) return NULL.
The fix is to make sure only fqdn entries with some data in it is
passed on to lbl2data(). This patch fixed this crash problem.
I inserted an assert() to make sure it crashed on a controlled fasion
when realloc() returned NULL, made sure buf was NULL at the start, and
made sure not to call lbl2data if the length was 0.
diff -ur nstx-1.1-beta6/nstx_dns.c nstx-1.1-beta6-pere/nstx_dns.c
--- nstx-1.1-beta6/nstx_dns.c Tue May 3 16:00:38 2005
+++ nstx-1.1-beta6-pere/nstx_dns.c Tue May 3 15:49:59 2005
@@ -6,6 +6,7 @@
#include <fcntl.h>
#include <syslog.h>
#include <unistd.h>
+#include <assert.h>
#include "nstxfun.h"
#include "nstxdns.h"
@@ -183,13 +184,13 @@
static const unsigned char *
lbl2data (const unsigned char *data, size_t len)
{
- static signed char *buf;
+ static signed char *buf = NULL;
const unsigned char *s = data;
signed char *d;
signed int llen;
d = buf = realloc(buf, len);
-
+ assert(d);
do
{
llen = *s++;
@@ -336,7 +337,8 @@
free(buf);
off = strstr(fqdn, suffix);
- if (off)
+ /* only parse if the fqdn was found, and there is more than the fqdn */
+ if (off && off != fqdn)
buf = strdup((char*)lbl2data((unsigned char*)fqdn, off - fqdn));
else
/* Our suffix not found... */
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux developer.skolelinux.no 2.4.27 #1 SMP Sat Oct 23 14:01:01 CEST
2004 i686
Locale: LANG=C, LC_CTYPE=C
Versions of packages nstx depends on:
ii adduser 3.47 Add and remove users and groups
ii libc6 2.2.5-11.8 GNU C Library: Shared libraries an
---------------------------------------
Received: (at 307489-close) by bugs.debian.org; 12 Dec 2005 19:57:12 +0000
>From [EMAIL PROTECTED] Mon Dec 12 11:57:12 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1Eltda-0005Fv-Hg; Mon, 12 Dec 2005 11:47:06 -0800
From: Matthew Garrett <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.60 $
Subject: Bug#307489: fixed in nstx 1.1-beta6-3
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Mon, 12 Dec 2005 11:47:06 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-4.8 required=4.0 tests=BAYES_00,FROM_ENDS_IN_NUMS,
HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: nstx
Source-Version: 1.1-beta6-3
We believe that the bug you reported is fixed in the latest version of
nstx, which is due to be installed in the Debian FTP archive:
nstx_1.1-beta6-3.diff.gz
to pool/main/n/nstx/nstx_1.1-beta6-3.diff.gz
nstx_1.1-beta6-3.dsc
to pool/main/n/nstx/nstx_1.1-beta6-3.dsc
nstx_1.1-beta6-3_i386.deb
to pool/main/n/nstx/nstx_1.1-beta6-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Matthew Garrett <[EMAIL PROTECTED]> (supplier of updated nstx package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 12 Dec 2005 19:28:09 +0000
Source: nstx
Binary: nstx
Architecture: source i386
Version: 1.1-beta6-3
Distribution: unstable
Urgency: low
Maintainer: Matthew Garrett <[EMAIL PROTECTED]>
Changed-By: Matthew Garrett <[EMAIL PROTECTED]>
Description:
nstx - Tunnel IP over DNS
Closes: 299435 307489 307769 334073
Changes:
nstx (1.1-beta6-3) unstable; urgency=low
.
* Apply patch to fix crashes when looking up the tunnel domain
(closes: #307489)
* Allow the tunnel being brought up to be configured (closes: #334073)
* Attempt to automatically grab a DNS server (closes: #307769)
* Add NSTX_IFACE string in /etc/default/nstx to allow binding to a
specific interface on nstxd startup (closes: #299435)
Files:
cbf0abf29781e76cbe1a747626cd99b7 565 net optional nstx_1.1-beta6-3.dsc
b74c4d4fc0c3628d3d60f1466c36642b 7632 net optional nstx_1.1-beta6-3.diff.gz
81de73091cad744fe2c593dba870d0ec 21556 net optional nstx_1.1-beta6-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDndEE7Hkv8l1YiTsRAnSSAKCOvO/pw51CAuW/M+DsIu6MicBvxwCcC447
cMi5G5XcnKphWNCp7BofDmI=
=kvQ8
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
