Your message dated Sat, 02 Mar 2013 09:11:41 +0100
with message-id <[email protected]>
and subject line Re: Bug#701996: unblock: openconnect/3.20-4
has caused the Debian Bug report #701996,
regarding unblock: openconnect/3.20-4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
701996: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701996
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Dear Release Team,
Please unblock package openconnect, version 3.20-4 already in unstable.
This version fixes bug #700805, possible memory leak introduced by
previous version. This fix was requested for wheezy [1]. The debdiff is
included below. Thank you.
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700806#22
diffstat for openconnect-3.20 openconnect-3.20
changelog | 7 ++
patches/03_fix-abuse-of-realloc.patch | 97 ++++++++++++++++++++++++++++++++++
patches/series | 1
3 files changed, 105 insertions(+)
diff -Nru openconnect-3.20/debian/changelog openconnect-3.20/debian/changelog
--- openconnect-3.20/debian/changelog 2013-02-17 12:25:52.000000000 -0500
+++ openconnect-3.20/debian/changelog 2013-02-28 23:42:35.000000000 -0500
@@ -1,3 +1,10 @@
+openconnect (3.20-4) unstable; urgency=low
+
+ * debian/patches/03_fix-abuse-of-realloc.patch: Backport patch from upstream
+ to fix possible memory leaks on realloc. (Closes: #700805)
+
+ -- Mike Miller <[email protected]> Thu, 28 Feb 2013 23:42:31 -0500
+
openconnect (3.20-3) unstable; urgency=low
* debian/patches/02_CVE-2012-6128.patch: Backport patch from upstream to fix
diff -Nru openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch
openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch
--- openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch
1969-12-31 19:00:00.000000000 -0500
+++ openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch
2013-02-28 19:28:20.000000000 -0500
@@ -0,0 +1,97 @@
+Origin: upstream,
http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/8dad4f3ad009e45bbd1ba21f1bd03d3f7639deab
+From: David Woodhouse <[email protected]>
+Subject: Fix abuse of realloc() causing memory leaks
+
+Implement a helper which actually *does* free the original pointer on
+allocation failure, as I evidently always expected it to.
+
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700805
+
+Reported by: Niels Thykier <[email protected]>
+Signed-off-by: David Woodhouse <[email protected]>
+---
+ auth.c | 4 ++--
+ compat.c | 2 +-
+ http.c | 8 ++++----
+ openconnect-internal.h | 8 ++++++++
+ 4 files changed, 15 insertions(+), 7 deletions(-)
+
+--- a/auth.c
++++ b/auth.c
+@@ -140,8 +140,8 @@ static int parse_auth_choice(struct open
+ continue;
+
+ opt->nr_choices++;
+- opt = realloc(opt, sizeof(*opt) +
+- opt->nr_choices * sizeof(*choice));
++ realloc_inplace(opt, sizeof(*opt) +
++ opt->nr_choices * sizeof(*choice));
+ if (!opt)
+ return -ENOMEM;
+
+--- a/compat.c
++++ b/compat.c
+@@ -131,7 +131,7 @@ ssize_t openconnect__getline(char **line
+ break;
+
+ *n *= 2;
+- *lineptr = realloc(*lineptr, *n);
++ realloc_inplace(*lineptr, *n);
+ if (!*lineptr)
+ return -1;
+ }
+--- a/http.c
++++ b/http.c
+@@ -97,7 +97,7 @@ static void buf_append(struct oc_text_bu
+ break;
+ }
+
+- buf->data = realloc(buf->data, new_buf_len);
++ realloc_inplace(buf->data, new_buf_len);
+ if (!buf->data) {
+ buf->error = -ENOMEM;
+ break;
+@@ -354,7 +354,7 @@ static int process_http_response(struct
+ lastchunk = 1;
+ goto skip;
+ }
+- body = realloc(body, done + chunklen + 1);
++ realloc_inplace(body, done + chunklen + 1);
+ if (!body)
+ return -ENOMEM;
+ while (chunklen) {
+@@ -394,7 +394,7 @@ static int process_http_response(struct
+
+ /* HTTP 1.0 response. Just eat all we can in 16KiB chunks */
+ while (1) {
+- body = realloc(body, done + 16384);
++ realloc_inplace(body, done + 16384);
+ if (!body)
+ return -ENOMEM;
+ i = openconnect_SSL_read(vpninfo, body + done, 16384);
+@@ -407,7 +407,7 @@ static int process_http_response(struct
+ return i;
+ } else {
+ /* Connection closed. Reduce allocation to just
what we need */
+- body = realloc(body, done + 1);
++ realloc_inplace(body, done + 1);
+ if (!body)
+ return -ENOMEM;
+ break;
+--- a/openconnect-internal.h
++++ b/openconnect-internal.h
+@@ -256,6 +256,14 @@ int openconnect__asprintf(char **strp, c
+ ssize_t openconnect__getline(char **lineptr, size_t *n, FILE *stream);
+ #endif
+
++/* I always coded as if it worked like this. Now it does. */
++#define realloc_inplace(p, size) do { \
++ void *__realloc_old = p; \
++ p = realloc(p, size); \
++ if (size && !p) \
++ free(__realloc_old); \
++ } while (0)
++
+ /****************************************************************************/
+
+ /* tun.c */
diff -Nru openconnect-3.20/debian/patches/series
openconnect-3.20/debian/patches/series
--- openconnect-3.20/debian/patches/series 2013-02-17 12:25:52.000000000
-0500
+++ openconnect-3.20/debian/patches/series 2013-02-28 19:27:05.000000000
-0500
@@ -1,2 +1,3 @@
01_man-vpnc-script-path.patch
02_CVE-2012-6128.patch
+03_fix-abuse-of-realloc.patch
--
mike
--- End Message ---
--- Begin Message ---
On 2013-03-01 14:52, Mike Miller wrote:
> Package: release.debian.org
> Severity: normal
> User: [email protected]
> Usertags: unblock
>
> Dear Release Team,
>
> Please unblock package openconnect, version 3.20-4 already in unstable.
> This version fixes bug #700805, possible memory leak introduced by
> previous version. This fix was requested for wheezy [1]. The debdiff is
> included below. Thank you.
>
> [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700806#22
>
>
> [...]
Unblocked, thanks.
~Niels
--- End Message ---
