OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src openpkg-web Date: 24-Sep-2003 09:09:00
Branch: OPENPKG_1_2_SOLID HEAD Handle: 2003092408085801
Modified files:
openpkg-web news.txt
Modified files: (Branch: OPENPKG_1_2_SOLID)
openpkg-src/proftpd proftpd.patch proftpd.spec
Log:
apply security fix
Summary:
Revision Changes Path
1.2.4.2 +138 -0 openpkg-src/proftpd/proftpd.patch
1.42.2.1.2.3+1 -1 openpkg-src/proftpd/proftpd.spec
1.6702 +1 -0 openpkg-web/news.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/proftpd/proftpd.patch
============================================================================
$ cvs diff -u -r1.2.4.1 -r1.2.4.2 proftpd.patch
--- openpkg-src/proftpd/proftpd.patch 20 Jan 2003 11:34:34 -0000 1.2.4.1
+++ openpkg-src/proftpd/proftpd.patch 24 Sep 2003 07:08:59 -0000 1.2.4.2
@@ -1,3 +1,141 @@
+Apply security bugfix related to
+http://xforce.iss.net/xforce/alerts/id/154
+
+--- src/data.c Tue Oct 29 16:51:54 2002
++++ src/data.c Thu Sep 18 05:59:15 2003
+@@ -114,16 +114,14 @@
+ * value and its value when this function returns
+ */
+ static void _xlate_ascii_write(char **buf, unsigned int *buflen,
+- unsigned int bufsize, unsigned int *expand) {
++ unsigned int bufsize) {
+ char *tmpbuf = *buf;
+ unsigned int tmplen = *buflen;
+ unsigned int lfcount = 0;
++ unsigned int added = 0;
+ int res = 0;
+ register unsigned int i = 0;
+
+- /* Make sure this is zero (could be a holdover from a previous call). */
+- *expand = 0;
+-
+ /* First, determine how many bare LFs are present. */
+ if (tmpbuf[0] == '\n')
+ lfcount++;
+@@ -132,6 +130,9 @@
+ if (tmpbuf[i] == '\n' && tmpbuf[i-1] != '\r')
+ lfcount++;
+
++ if (lfcount == 0)
++ return;
++
+ /* Assume that for each LF (including a leading LF), space for another
+ * char (a '\r') is needed. Determine whether there is enough space in
+ * the buffer for the adjusted data. If not, allocate a new buffer that is
+@@ -146,7 +147,7 @@
+ * would be of the same type as the operands: an unsigned int (which will
+ * never be less than zero).
+ */
+- if ((res = (bufsize - tmplen - lfcount)) < 0) {
++ if ((res = (bufsize - tmplen - lfcount)) <= 0) {
+ pool *copy_pool = make_sub_pool(session.xfer.p);
+ char *copy_buf = pcalloc(copy_pool, tmplen);
+
+@@ -180,7 +181,7 @@
+ /* Increment the number of "expanded" characters, and decrement the
+ * number of bare LFs.
+ */
+- (*expand)++;
++ added++;
+ lfcount--;
+ }
+
+@@ -188,15 +189,15 @@
+ if (tmpbuf[i] == '\n' && tmpbuf[i-1] != '\r') {
+ memmove(&(tmpbuf[i+1]), &(tmpbuf[i]), bufsize - i);
+ tmpbuf[i] = '\r';
+- (*expand)++;
++ added++;
+ lfcount--;
+ }
+ }
+
+ /* Always make sure the buffer is NUL-terminated. */
+- tmpbuf[tmplen + (*expand)] = '\0';
++ tmpbuf[tmplen + added] = '\0';
+ *buf = tmpbuf;
+- *buflen = tmplen + (*expand);
++ *buflen = tmplen + added;
+ }
+
+ static void _data_new_xfer(char *filename, int direction) {
+@@ -826,41 +827,29 @@
+ * xlate ascii as necessary
+ */
+ while (cl_size) {
+- int o_size, size = cl_size;
+-
+- if (size > PR_TUNABLE_BUFFER_SIZE)
+- size = PR_TUNABLE_BUFFER_SIZE;
+-
+- o_size = size;
+- memcpy(buf, cl_buf, size);
+-
+- while (size) {
+- char *wb = buf;
+- unsigned int wsize = size, adjlen = 0;
+-
+- if (session.flags & (SF_ASCII|SF_ASCII_OVERRIDE))
+- _xlate_ascii_write(&wb, &wsize, session.xfer.bufsize, &adjlen);
+-
+- if (pr_netio_write(session.d->outstrm, wb, wsize) == -1)
+- return -1;
+-
+- if (TimeoutStalled)
+- reset_timer(TIMER_STALLED, ANY_MODULE);
+-
+- /* Do not take any added CRs into account for the session sum. */
+- total += (wsize - adjlen);
+- size -= (wsize - adjlen);
+-
+- if (size) {
+- /* Advance the output buffer pointer into unsent buffer space. */
+- wb += wsize;
+- memcpy(buf, wb, size);
+- buf[size] = '\0';
+- }
+- }
++ int buflen = cl_size;
++ unsigned int xferbuflen;
+
+- cl_size -= o_size;
+- cl_buf += o_size;
++ if (buflen > PR_TUNABLE_BUFFER_SIZE)
++ buflen = PR_TUNABLE_BUFFER_SIZE;
++
++ xferbuflen = buflen;
++ memcpy(session.xfer.buf, cl_buf, buflen);
++
++ if (session.flags & (SF_ASCII|SF_ASCII_OVERRIDE))
++ _xlate_ascii_write(&session.xfer.buf, &xferbuflen,
++ session.xfer.bufsize);
++
++ if (pr_netio_write(session.d->outstrm, session.xfer.buf,
++ xferbuflen) == -1)
++ return -1;
++
++ if (TimeoutStalled)
++ reset_timer(TIMER_STALLED, ANY_MODULE);
++
++ cl_size -= buflen;
++ cl_buf += buflen;
++ total += buflen;
+ }
+
+ len = total;
+
+-----------------------------------------------------------------------------
+
--- include/glibc-glob.h Mon Jan 20 11:59:41 2003
+++ include/glibc-glob.h Mon Jan 20 12:08:48 2003
@@ -49,24 +49,6 @@
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/proftpd/proftpd.spec
============================================================================
$ cvs diff -u -r1.42.2.1.2.2 -r1.42.2.1.2.3 proftpd.spec
--- openpkg-src/proftpd/proftpd.spec 20 Jan 2003 11:34:34 -0000 1.42.2.1.2.2
+++ openpkg-src/proftpd/proftpd.spec 24 Sep 2003 07:08:59 -0000 1.42.2.1.2.3
@@ -33,7 +33,7 @@
Group: FTP
License: GPL
Version: 1.2.7
-Release: 1.2.0
+Release: 1.2.1
# package options
%option with_pam no
@@ .
patch -p0 <<'@@ .'
Index: openpkg-web/news.txt
============================================================================
$ cvs diff -u -r1.6701 -r1.6702 news.txt
--- openpkg-web/news.txt 23 Sep 2003 20:13:59 -0000 1.6701
+++ openpkg-web/news.txt 24 Sep 2003 07:08:58 -0000 1.6702
@@ -1,3 +1,4 @@
+24-Sep-2003: Upgraded package: P<proftpd-1.2.7-1.2.1>
23-Sep-2003: Upgraded package: P<proftpd-1.2.9rc2-20030923>
23-Sep-2003: Upgraded package: P<postfix-2.0.16-20030923>
23-Sep-2003: Upgraded package: P<openssh-3.7.1p2-20030923>
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
