Your message dated Fri, 2 Sep 2016 12:46:19 +0200
with message-id <[email protected]>
and subject line Re: Bug#782771: proftpd-basic: mod_ls can read into 
neighboring strings causing "No such file or directory" errors
has caused the Debian Bug report #782771,
regarding proftpd-basic: mod_ls can read into neighboring strings causing "No 
such file or directory" errors
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
782771: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782771
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: proftpd-basic
Version: 1.3.5-1.1
Severity: normal
Tags: upstream patch

Dear Maintainer,

mod_ls.c does not properly check the bounds of the options array and cand
read into neighboring addresses. This issue has been discussed upstream
here: https://github.com/proftpd/proftpd/pull/85 and has been corrected
here:
https://github.com/proftpd/proftpd/commit/70c13c005c9a5080212c3c36b07b239710ef5520

Thanks!
Scott

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages proftpd-basic depends on:
ii  adduser            3.113+nmu3
ii  debconf            1.5.56
ii  debianutils        4.4+b1
ii  libacl1            2.2.52-2
ii  libc6              2.19-15
ii  libcap2            1:2.24-7
ii  libmemcached11     1.0.18-4
ii  libmemcachedutil2  1.0.18-4
ii  libncursesw5       5.9+20140913-1+b1
ii  libpam-runtime     1.1.8-3.1
ii  libpam0g           1.1.8-3.1
ii  libpcre3           2:8.35-3.3
ii  libssl1.0.0        1.0.1k-1
ii  libtinfo5          5.9+20140913-1+b1
ii  libwrap0           7.6.q-25
ii  netbase            5.3
ii  sed                4.2.2-4+b1
ii  ucf                3.0030
ii  zlib1g             1:1.2.8.dfsg-2+b1

proftpd-basic recommends no packages.

Versions of packages proftpd-basic suggests:
pn  openbsd-inetd | inet-superserver  <none>
ii  openssl                           1.0.1k-1
pn  proftpd-doc                       <none>
pn  proftpd-mod-geoip                 <none>
pn  proftpd-mod-ldap                  <none>
pn  proftpd-mod-mysql                 <none>
pn  proftpd-mod-odbc                  <none>
pn  proftpd-mod-pgsql                 <none>
pn  proftpd-mod-sqlite                <none>

-- debconf information excluded
diff --git a/modules/mod_ls.c b/modules/mod_ls.c
index e074946..a29e314 100644
--- a/modules/mod_ls.c
+++ b/modules/mod_ls.c
@@ -2,7 +2,7 @@
  * ProFTPD - FTP server daemon
  * Copyright (c) 1997, 1998 Public Flood Software
  * Copyright (c) 1999, 2000 MacGyver aka Habeeb J. Dihu <[email protected]>
- * Copyright (c) 2001-2014 The ProFTPD Project team
+ * Copyright (c) 2001-2015 The ProFTPD Project team
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -1534,7 +1534,7 @@ static void parse_list_opts(char **opt, int *glob_flags, int handle_plus_opts) {
       /* Options are found; skip past the leading whitespace. */
       *opt = ptr;
 
-    } else if (*(*opt + 1) == ' ') {
+    } else if (**opt && *(*opt + 1) == ' ') {
       /* If the next character is a blank space, advance just one character. */
       (*opt)++;
       break;
@@ -1644,7 +1644,7 @@ static void parse_list_opts(char **opt, int *glob_flags, int handle_plus_opts) {
       /* Options are found; skip past the leading whitespace. */
       *opt = ptr;
 
-    } else if (*(*opt + 1) == ' ') {
+    } else if (**opt && *(*opt + 1) == ' ') {
       /* If the next character is a blank space, advance just one character. */
       (*opt)++;
       break;

--- End Message ---
--- Begin Message ---
Version: 1.3.5a-1

On 17.04.15 Scott Coil ([email protected]) wrote:

Hi Scott,

> mod_ls.c does not properly check the bounds of the options array and cand
> read into neighboring addresses. This issue has been discussed upstream
> here: https://github.com/proftpd/proftpd/pull/85 and has been corrected
> here:
> https://github.com/proftpd/proftpd/commit/70c13c005c9a5080212c3c36b07b239710ef5520
> 
The patch is contained in 1.3.5a currently in unstable. Hence I close
your bug. Thanks for the report!

Hilmar
-- 
sigfault

Attachment: signature.asc
Description: Digital signature


--- End Message ---

Reply via email to