Package: cpufreqd Version: 2.4.2-2 Severity: important Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu trusty ubuntu-patch
In Ubuntu, the attached patch was applied to achieve the following: * path_max.patch: Pull upstream patch to fix MAX_PATH_LEN (LP: #1162160) This is a straight buffer overflow, detected by glibc when compiled with FORTIFY_SOURCE (which is the default in Ubuntu, but not Debian, which likely explains the lack of Debian bug reports about this one so far). The patch is a direct pull from upstream git, tested here, and seems to correct the issue. ... Adam -- System Information: Debian Release: wheezy/sid APT prefers trusty-updates APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 'trusty'), (500, 'saucy-updates') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13.0-0-generic (SMP w/4 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
diff -Nru cpufreqd-2.4.2/debian/changelog cpufreqd-2.4.2/debian/changelog diff -Nru cpufreqd-2.4.2/debian/patches/path_max.patch cpufreqd-2.4.2/debian/patches/path_max.patch --- cpufreqd-2.4.2/debian/patches/path_max.patch 1969-12-31 17:00:00.000000000 -0700 +++ cpufreqd-2.4.2/debian/patches/path_max.patch 2014-01-04 03:50:29.000000000 -0700 @@ -0,0 +1,35 @@ +From b5b23525edcc09898288360c48e92b4a6c9cb0ee Mon Sep 17 00:00:00 2001 +From: Perttu Luukko <perttu.luu...@iki.fi> +Date: Sun, 13 Jun 2010 15:20:10 +0900 +Subject: [PATCH] Fix cpufreqd segfault when calling realpath + +The size is set at cpufreqd.h to 512. man 3 realpath tells me that +realpath wants a buffer of size PATH_MAX, so I modified cpufreqd.h to +include limits.h if it is present and use PATH_MAX. + +Signed-off-by: Mattia Dongili <malat...@linux.it> +--- + src/cpufreqd.h | 8 +++++++- + 1 files changed, 7 insertions(+), 1 deletions(-) + +diff --git a/src/cpufreqd.h b/src/cpufreqd.h +index 9733a5f..97b905a 100644 +--- a/src/cpufreqd.h ++++ b/src/cpufreqd.h +@@ -54,6 +54,12 @@ + #define DEFAULT_VERBOSITY 3 + + #define MAX_STRING_LEN 255 +-#define MAX_PATH_LEN 512 ++ ++#ifdef HAVE_LIMITS_H ++#include <limits.h> ++#define MAX_PATH_LEN PATH_MAX ++#else ++#define MAX_PATH_LEN 512 ++#endif + + #endif /* __CPUFREQD_H__ */ +-- +1.7.2.5 + diff -Nru cpufreqd-2.4.2/debian/patches/series cpufreqd-2.4.2/debian/patches/series --- cpufreqd-2.4.2/debian/patches/series 2013-03-23 06:51:28.000000000 -0600 +++ cpufreqd-2.4.2/debian/patches/series 2014-01-04 03:51:17.000000000 -0700 @@ -1 +1,2 @@ 619913.patch +path_max.patch