Attaching debdiff for suggested NMU. Cheers,
Adrian -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaub...@debian.org `. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de `- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
diff -Nru olsrd-0.6.2/debian/changelog olsrd-0.6.2/debian/changelog --- olsrd-0.6.2/debian/changelog 2012-02-19 16:18:18.000000000 +0100 +++ olsrd-0.6.2/debian/changelog 2013-03-28 04:31:12.000000000 +0100 @@ -1,3 +1,11 @@ +olsrd (0.6.2-2.1) testing-proposed-updates; urgency=low + + * Non-maintainer upload. + * Include upstream patch to fix stack corruption in + net output (Closes: #704025). + + -- John Paul Adrian Glaubitz <glaub...@physik.fu-berlin.de> Thu, 28 Mar 2013 04:29:10 +0100 + olsrd (0.6.2-2) unstable; urgency=low * debian/control: Build-Depends: debhelper (>= 9) (Closes: #658330) diff -Nru olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch --- olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch 1970-01-01 01:00:00.000000000 +0100 +++ olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch 2013-03-28 04:27:03.000000000 +0100 @@ -0,0 +1,57 @@ +From f4d250ad4fad5fcfe5b5feaac3f3e121adef3fba Mon Sep 17 00:00:00 2001 +From: Jo-Philipp Wich <j...@openwrt.org> +Date: Fri, 22 Jun 2012 03:17:59 +0200 +Subject: [PATCH] olsrd: fix stack corruption in net_output() + +The net_output() function indirectly uses the stack variables dst and dst6 +outside of the scope they're declared in, this might leads to olsr_sendto() +being called with a corrupted destination sockaddr_in. + +This failure condition can be observed in the log, olsrd will continuosly +print "sendto(v4): Invalid Argument" or a similar message. On ARM it has been +reported to result in "Unsupported Address Family". + +This bug became apparant on a custon OpenWrt x86_64 uClibc target using the +Linaro GCC 4.7-2012.04 compiler, it has been reported for an unspecified ARM +target as well. + +The offending code seems to be unchanged since 2008 and it does not cause +issues on 32bit systems and/or with older (Linaro) GCC versions, but the +compiler used in our tests seems to perform more aggressive optimizations +leading to a stack corruption. +--- + src/net_olsr.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/net_olsr.c b/src/net_olsr.c +index 7d85f4f..66e103d 100644 +--- a/src/net_olsr.c ++++ b/src/net_olsr.c +@@ -336,6 +336,8 @@ net_output(struct interface *ifp) + { + struct sockaddr_in *sin = NULL; + struct sockaddr_in6 *sin6 = NULL; ++ struct sockaddr_in dst; ++ struct sockaddr_in6 dst6; + struct ptf *tmp_ptf_list; + union olsr_packet *outmsg; + int retval; +@@ -354,7 +356,6 @@ net_output(struct interface *ifp) + outmsg->v4.olsr_packlen = htons(ifp->netbuf.pending); + + if (olsr_cnf->ip_version == AF_INET) { +- struct sockaddr_in dst; + /* IP version 4 */ + sin = (struct sockaddr_in *)&ifp->int_broadaddr; + +@@ -365,7 +366,6 @@ net_output(struct interface *ifp) + if (sin->sin_port == 0) + sin->sin_port = htons(olsr_cnf->olsrport); + } else { +- struct sockaddr_in6 dst6; + /* IP version 6 */ + sin6 = (struct sockaddr_in6 *)&ifp->int6_multaddr; + /* Copy sin */ +-- +1.7.9.5 + diff -Nru olsrd-0.6.2/debian/patches/series olsrd-0.6.2/debian/patches/series --- olsrd-0.6.2/debian/patches/series 2012-02-19 16:07:42.000000000 +0100 +++ olsrd-0.6.2/debian/patches/series 2013-03-28 04:27:57.000000000 +0100 @@ -6,3 +6,4 @@ 270-gui-linux-gtk-align-olsr_ip_addr-to-olsr-definition-of-it.patch 280-fix-linux-gtk-build.patch 290-hardcode-etc-olsrd-olsrd-conf.patch +300-fix-stack-corruption-in-net-output.patch