Hello community, here is the log from the commit of package libtirpc for openSUSE:Factory checked in at 2019-12-02 11:26:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libtirpc (Old) and /work/SRC/openSUSE:Factory/.libtirpc.new.4691 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libtirpc" Mon Dec 2 11:26:29 2019 rev:51 rq:750501 version:1.1.4 Changes: -------- --- /work/SRC/openSUSE:Factory/libtirpc/libtirpc.changes 2019-03-25 09:47:22.816012945 +0100 +++ /work/SRC/openSUSE:Factory/.libtirpc.new.4691/libtirpc.changes 2019-12-02 11:26:45.738684806 +0100 @@ -1,0 +2,36 @@ +Tue Nov 12 10:24:59 UTC 2019 - Petr Vorel <[email protected]> + +- Fix previous version: + - actually delete + 0001-xdrstdio_create-buffers-do-not-output-encoded-values.patch + - use 0001-Makefile.am-Use-LIBADD-instead-of-LDFLAGS-to-link-ag.patch + - use 0002-man-rpc_secure.3t-Fix-typo-in-manpage.patch (renamed from + 0003-man-rpc_secure.3t-Fix-typo-in-manpage.patch) + - use 0003-xdr-add-a-defensive-mask-in-xdr_int64_t-and-xdr_u_in.patch + (renamed from + 0004-xdr-add-a-defensive-mask-in-xdr_int64_t-and-xdr_u_in.patch) + +------------------------------------------------------------------- +Wed Oct 16 11:46:28 UTC 2019 - Petr Vorel <[email protected]> + +- Updated to libtirpc 1.1.5 rc2 (this includes changes in 1.1.4 release) + - add libtirpc-1-1-5-rc1.patch and libtirpc-1-1-5-rc2.patch to reflect + upstream changes after 1.1.4 release + - remove /etc/bindresvport.blacklist as it's still supported by glibc + although it's not compiled with --enable-obsolete-rpc + +- Drop patches accepted in previous releases or not needed + - 000-bindresvport_blacklist.patch (accepted in 5b037cc9, libtirpc 1.1.4) + - 001-new-rpcbindsock-path.patch (not needed, rpcbind now uses /var/run directory) + - 002-revert-binddynport.patch (fixed in 2802259, libtirpc-1-0-4-rc1) + - 0001-Fix-regression-introduced-by-change-rpc-version-orde.patch + (backport of 25d38d7, libtirpc-1-0-4-rc1) + - 0001-xdrstdio_create-buffers-do-not-output-encoded-values.patch + (backport of 145272c, libtirpc-1-0-4-rc2) + +- Add fixes from upcomming release + - 0001-Makefile.am-Use-LIBADD-instead-of-LDFLAGS-to-link-ag.patch + - 0003-man-rpc_secure.3t-Fix-typo-in-manpage.patch + - 0004-xdr-add-a-defensive-mask-in-xdr_int64_t-and-xdr_u_in.patch + +------------------------------------------------------------------- Old: ---- 000-bindresvport_blacklist.patch 0001-Fix-regression-introduced-by-change-rpc-version-orde.patch 0001-xdrstdio_create-buffers-do-not-output-encoded-values.patch 001-new-rpcbindsock-path.patch 002-revert-binddynport.patch libtirpc-1.0.3.tar.bz2 New: ---- 0001-Makefile.am-Use-LIBADD-instead-of-LDFLAGS-to-link-ag.patch 0002-man-rpc_secure.3t-Fix-typo-in-manpage.patch 0003-xdr-add-a-defensive-mask-in-xdr_int64_t-and-xdr_u_in.patch libtirpc-1-1-5-rc1.patch libtirpc-1-1-5-rc2.patch libtirpc-1.1.4.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libtirpc.spec ++++++ --- /var/tmp/diff_new_pack.3Y6Lzh/_old 2019-12-02 11:26:47.866684001 +0100 +++ /var/tmp/diff_new_pack.3Y6Lzh/_new 2019-12-02 11:26:47.870683999 +0100 @@ -18,7 +18,7 @@ Name: libtirpc # src/crypt_client.c and tirpc/rpcsvc/crypt.x have the BSD advertising clause -Version: 1.0.3 +Version: 1.1.4 Release: 0 Summary: Transport Independent RPC Library License: BSD-3-Clause @@ -34,13 +34,11 @@ Url: https://sourceforge.net/projects/libtirpc/ Source: %{name}-%{version}.tar.bz2 Source1: baselibs.conf -Patch0: 000-bindresvport_blacklist.patch -# only needed on openSUSE >= 13.1, SLE >= 12 -Patch1: 001-new-rpcbindsock-path.patch -# Revert upstream change until tirpc 1.0.4 with a final solutions comes out -Patch2: 002-revert-binddynport.patch -Patch3: 0001-Fix-regression-introduced-by-change-rpc-version-orde.patch -Patch16: 0001-xdrstdio_create-buffers-do-not-output-encoded-values.patch +Patch0: libtirpc-1-1-5-rc1.patch +Patch1: libtirpc-1-1-5-rc2.patch +Patch2: 0001-Makefile.am-Use-LIBADD-instead-of-LDFLAGS-to-link-ag.patch +Patch3: 0002-man-rpc_secure.3t-Fix-typo-in-manpage.patch +Patch4: 0003-xdr-add-a-defensive-mask-in-xdr_int64_t-and-xdr_u_in.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %define debug_package_requires libtirpc3 = %{version}-%{release} @@ -85,13 +83,11 @@ %prep %setup -q -n %name-%version -%patch0 -p0 -%if 0%{suse_version} >= 1310 +%patch0 -p1 %patch1 -p1 -%endif %patch2 -p1 %patch3 -p1 -%patch16 -p1 +%patch4 -p1 %build sed -i -e 's|@includedir@/tirpc|@includedir@|g' libtirpc.pc.in @@ -118,6 +114,7 @@ # they are now default mv -v %{buildroot}%{_includedir}/tirpc/* %{buildroot}%{_includedir} rmdir %{buildroot}%{_includedir}/tirpc +rm -v %{buildroot}/etc/bindresvport.blacklist %post -n libtirpc3 -p /sbin/ldconfig ++++++ 0001-Makefile.am-Use-LIBADD-instead-of-LDFLAGS-to-link-ag.patch ++++++ >From 013cc45abef8055b3ee135fc072e402611a4a3f0 Mon Sep 17 00:00:00 2001 From: Laurent Bigonville <[email protected]> Date: Tue, 11 Jun 2019 11:34:16 -0400 Subject: [PATCH 1/7] Makefile.am: Use LIBADD instead of LDFLAGS to link against krb5 LDFLAGS shouldn't be used to link against libraries as this would break positional flags like --as-needed Use LIBADD instead Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1639032 Signed-off-by: Steve Dickson <[email protected]> Signed-off-by: Petr Vorel <[email protected]> [Upstream status: 013cc45abef8055b3ee135fc072e402611a4a3f0] --- src/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile.am b/src/Makefile.am index 932414d..b40a6b4 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -38,7 +38,7 @@ endif if GSS libtirpc_la_SOURCES += auth_gss.c authgss_prot.c svc_auth_gss.c \ rpc_gss_utils.c - libtirpc_la_LDFLAGS += $(GSSAPI_LIBS) + libtirpc_la_LIBADD = $(GSSAPI_LIBS) libtirpc_la_CFLAGS = -DHAVE_RPCSEC_GSS $(GSSAPI_CFLAGS) endif -- 2.23.0 ++++++ 0002-man-rpc_secure.3t-Fix-typo-in-manpage.patch ++++++ >From e51590d6c4ab61f1a22a2f47104053fe2966ecdd Mon Sep 17 00:00:00 2001 From: Laurent Bigonville <[email protected]> Date: Tue, 11 Jun 2019 11:53:14 -0400 Subject: [PATCH 3/7] man/rpc_secure.3t: Fix typo in manpage Currently the publickey parameter of the authdes_pk_create() function is not displayed because of a typo Signed-off-by: Steve Dickson <[email protected]> Signed-off-by: Petr Vorel <[email protected]> [Upstream status: e51590d6c4ab61f1a22a2f47104053fe2966ecdd] --- man/rpc_secure.3t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/man/rpc_secure.3t b/man/rpc_secure.3t index 4a1ad93..404df0b 100644 --- a/man/rpc_secure.3t +++ b/man/rpc_secure.3t @@ -19,7 +19,7 @@ .Ft AUTH * .Fo authdes_pk_create .Fa "char *name" -.FA "netobj *publickey" +.Fa "netobj *publickey" .Fa "unsigned window" .Fa "struct sockaddr *addr" .Fa "des_block *ckey" -- 2.23.0 ++++++ 0003-xdr-add-a-defensive-mask-in-xdr_int64_t-and-xdr_u_in.patch ++++++ >From d1208b5de7b52172a34e3a7262e96f99830c9770 Mon Sep 17 00:00:00 2001 From: Stefano Garzarella <[email protected]> Date: Tue, 3 Sep 2019 10:54:11 -0400 Subject: [PATCH 4/7] xdr: add a defensive mask in xdr_int64_t() and xdr_u_int64_t() In order to be more defensive, we should mask bits of u_int64_t value if we want to use only the first 32bit. Signed-off-by: Stefano Garzarella <[email protected]> Signed-off-by: Steve Dickson <[email protected]> Signed-off-by: Petr Vorel <[email protected]> [Upstream status: d1208b5de7b52172a34e3a7262e96f99830c9770] --- src/xdr.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/xdr.c b/src/xdr.c index b9a1558..28d1382 100644 --- a/src/xdr.c +++ b/src/xdr.c @@ -877,7 +877,8 @@ xdr_int64_t(xdrs, llp) if (XDR_GETLONG(xdrs, (long *)&ul[1]) == FALSE) return (FALSE); *llp = (int64_t) - (((u_int64_t)ul[0] << 32) | ((u_int64_t)ul[1])); + (((u_int64_t)ul[0] << 32) | + ((u_int64_t)(ul[1]) & 0xffffffff)); return (TRUE); case XDR_FREE: return (TRUE); @@ -910,7 +911,8 @@ xdr_u_int64_t(xdrs, ullp) if (XDR_GETLONG(xdrs, (long *)&ul[1]) == FALSE) return (FALSE); *ullp = (u_int64_t) - (((u_int64_t)ul[0] << 32) | ((u_int64_t)ul[1])); + (((u_int64_t)ul[0] << 32) | + ((u_int64_t)(ul[1]) & 0xffffffff)); return (TRUE); case XDR_FREE: return (TRUE); -- 2.23.0 ++++++ libtirpc-1-1-5-rc1.patch ++++++ git diff libtirpc-1-1-4..libtirpc-1-1-5-rc1 Commits: e49077d clnt_vc.c: remove a false positive from a covscan 4d2ceca svc_simple.c: resource_leak 92d4b35 svc_generic.c: resource_leak 3b2e537 rtime.c: resource_leak 830e3f6 rpcb_clnt.c: resource_leak c0885a7 rpc_soc.c: buffer_size_warning 6db7f04 rpc_soc.c: resource_leak 710a713 rpc_generic.c: resource_leak 57d1529 getnetpath.c: resource_leak a1fae25 getnetconfig.c: cppcheck_warning 55d1460 clnt_vc.c: resource_leak 757f379 clnt_bcast.c: resource_leak 489dd50 auth_gss.c: buffer_size_warning 25fdba9 auth_gss.c: resource_leak Signed-off-by: Petr Vorel <[email protected]> diff --git a/src/auth_gss.c b/src/auth_gss.c index 5959893..7d08262 100644 --- a/src/auth_gss.c +++ b/src/auth_gss.c @@ -207,6 +207,7 @@ authgss_create(CLIENT *clnt, gss_name_t name, struct rpc_gss_sec *sec) rpc_createerr.cf_stat = RPC_SYSTEMERROR; rpc_createerr.cf_error.re_errno = ENOMEM; free(auth); + free(gd); return (NULL); } } @@ -592,7 +593,7 @@ _rpc_gss_refresh(AUTH *auth, rpc_gss_options_ret_t *options_ret) if (rpc_gss_oid_to_mech(actual_mech_type, &mechanism)) { strncpy(options_ret->actual_mechanism, mechanism, - sizeof(options_ret->actual_mechanism)); + (sizeof(options_ret->actual_mechanism)-1)); } gd->established = TRUE; diff --git a/src/clnt_bcast.c b/src/clnt_bcast.c index 98cf061..2ad6c89 100644 --- a/src/clnt_bcast.c +++ b/src/clnt_bcast.c @@ -330,6 +330,7 @@ rpc_broadcast_exp(prog, vers, proc, xargs, argsp, xresults, resultsp, if (nettype == NULL) nettype = "datagram_n"; if ((handle = __rpc_setconf(nettype)) == NULL) { + AUTH_DESTROY(sys_auth); return (RPC_UNKNOWNPROTO); } while ((nconf = __rpc_getconf(handle)) != NULL) { diff --git a/src/getnetconfig.c b/src/getnetconfig.c index 92e7c43..d67d97d 100644 --- a/src/getnetconfig.c +++ b/src/getnetconfig.c @@ -709,6 +709,8 @@ struct netconfig *ncp; p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *)); if (p->nc_lookups == NULL) { free(p->nc_netid); + free(p); + free(tmp); return(NULL); } for (i=0; i < p->nc_nlookups; i++) { diff --git a/src/getnetpath.c b/src/getnetpath.c index 7c19932..ea1a18c 100644 --- a/src/getnetpath.c +++ b/src/getnetpath.c @@ -88,6 +88,7 @@ setnetpath() } if ((np_sessionp->nc_handlep = setnetconfig()) == NULL) { syslog (LOG_ERR, "rpc: failed to open " NETCONFIG); + free(np_sessionp); return (NULL); } np_sessionp->valid = NP_VALID; diff --git a/src/rpc_generic.c b/src/rpc_generic.c index 589cbd5..51f36ac 100644 --- a/src/rpc_generic.c +++ b/src/rpc_generic.c @@ -319,6 +319,7 @@ __rpc_setconf(nettype) handle->nflag = FALSE; break; default: + free(handle); return (NULL); } diff --git a/src/rpc_soc.c b/src/rpc_soc.c index 5a6eeb7..a85cb17 100644 --- a/src/rpc_soc.c +++ b/src/rpc_soc.c @@ -663,15 +663,17 @@ svcunix_create(sock, sendsize, recvsize, path) strcmp(nconf->nc_protofmly, NC_LOOPBACK) == 0) break; } - if (nconf == NULL) + if (nconf == NULL) { + endnetconfig(localhandle); return(xprt); + } if ((sock = __rpc_nconf2fd(nconf)) < 0) goto done; memset(&sun, 0, sizeof sun); sun.sun_family = AF_LOCAL; - strncpy(sun.sun_path, path, sizeof(sun.sun_path)); + strncpy(sun.sun_path, path, (sizeof(sun.sun_path)-1)); addrlen = sizeof(struct sockaddr_un); sa = (struct sockaddr *)&sun; @@ -692,6 +694,8 @@ svcunix_create(sock, sendsize, recvsize, path) } xprt = (SVCXPRT *)svc_tli_create(sock, nconf, &taddr, sendsize, recvsize); + if (xprt == NULL) + close(sock); done: endnetconfig(localhandle); diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c index e45736a..0c34cb7 100644 --- a/src/rpcb_clnt.c +++ b/src/rpcb_clnt.c @@ -547,6 +547,7 @@ try_nconf: if (tmpnconf == NULL) { rpc_createerr.cf_stat = RPC_UNKNOWNPROTO; mutex_unlock(&loopnconf_lock); + endnetconfig(nc_handle); return (NULL); } loopnconf = getnetconfigent(tmpnconf->nc_netid); diff --git a/src/rtime.c b/src/rtime.c index b642840..29fbf0a 100644 --- a/src/rtime.c +++ b/src/rtime.c @@ -90,6 +90,7 @@ rtime(addrp, timep, timeout) /* TCP and UDP port are the same in this case */ if ((serv = getservbyname("time", "tcp")) == NULL) { + do_close(s); return(-1); } diff --git a/src/svc_generic.c b/src/svc_generic.c index 52a56c2..20abaa2 100644 --- a/src/svc_generic.c +++ b/src/svc_generic.c @@ -113,6 +113,7 @@ svc_create(dispatch, prognum, versnum, nettype) if (l == NULL) { warnx("svc_create: no memory"); mutex_unlock(&xprtlist_lock); + __rpc_endconf(handle); return (0); } l->xprt = xprt; diff --git a/src/svc_simple.c b/src/svc_simple.c index cb58002..c32fe0a 100644 --- a/src/svc_simple.c +++ b/src/svc_simple.c @@ -157,6 +157,7 @@ rpc_reg(prognum, versnum, procnum, progname, inproc, outproc, nettype) ((netid = strdup(nconf->nc_netid)) == NULL)) { warnx(rpc_reg_err, rpc_reg_msg, __no_mem_str); SVC_DESTROY(svcxprt); + free(xdrbuf); break; } madenow = TRUE; ++++++ libtirpc-1-1-5-rc2.patch ++++++ git diff libtirpc-1-1-5-rc1..libtirpc-1-1-5-rc2 Commits: 3a17941 Fix EOF detection on non-blocking socket e80e668 getrpcent.c: fix typo 9e738df __getpublickey_real: Removed a warning 959b200 getnetconfig.c: fix a BAD_FREE (CWE-763) Signed-off-by: Petr Vorel <[email protected]> diff --git a/src/getnetconfig.c b/src/getnetconfig.c index d67d97d..cfd33c2 100644 --- a/src/getnetconfig.c +++ b/src/getnetconfig.c @@ -681,6 +681,7 @@ struct netconfig *ncp; { struct netconfig *p; char *tmp; + char *t; u_int i; if ((tmp=malloc(MAXNETCONFIGLINE)) == NULL) @@ -700,22 +701,21 @@ struct netconfig *ncp; */ *p = *ncp; p->nc_netid = (char *)strcpy(tmp,ncp->nc_netid); - tmp = strchr(tmp, 0) + 1; - p->nc_protofmly = (char *)strcpy(tmp,ncp->nc_protofmly); - tmp = strchr(tmp, 0) + 1; - p->nc_proto = (char *)strcpy(tmp,ncp->nc_proto); - tmp = strchr(tmp, 0) + 1; - p->nc_device = (char *)strcpy(tmp,ncp->nc_device); + t = strchr(tmp, 0) + 1; + p->nc_protofmly = (char *)strcpy(t,ncp->nc_protofmly); + t = strchr(t, 0) + 1; + p->nc_proto = (char *)strcpy(t,ncp->nc_proto); + t = strchr(t, 0) + 1; + p->nc_device = (char *)strcpy(t,ncp->nc_device); p->nc_lookups = (char **)malloc((size_t)(p->nc_nlookups+1) * sizeof(char *)); if (p->nc_lookups == NULL) { - free(p->nc_netid); free(p); free(tmp); return(NULL); } for (i=0; i < p->nc_nlookups; i++) { - tmp = strchr(tmp, 0) + 1; - p->nc_lookups[i] = (char *)strcpy(tmp,ncp->nc_lookups[i]); + t = strchr(t, 0) + 1; + p->nc_lookups[i] = (char *)strcpy(t,ncp->nc_lookups[i]); } return(p); } diff --git a/src/getpublickey.c b/src/getpublickey.c index 8cf4dc2..be37a24 100644 --- a/src/getpublickey.c +++ b/src/getpublickey.c @@ -74,7 +74,7 @@ __getpublickey_real(netname, publickey) return (0); } *p = '\0'; - (void) strncpy(publickey, lookup, HEXKEYBYTES); + memcpy(publickey, lookup, HEXKEYBYTES); publickey[HEXKEYBYTES] = '\0'; return (1); } diff --git a/src/getrpcent.c b/src/getrpcent.c index cba4cd8..e49dc05 100644 --- a/src/getrpcent.c +++ b/src/getrpcent.c @@ -100,7 +100,7 @@ _rpcdata() return (d); } -#if !HAVE_GETRPCBYNYMBER +#if !HAVE_GETRPCBYNUMBER struct rpcent * getrpcbynumber(number) int number; diff --git a/src/svc_vc.c b/src/svc_vc.c index 97a76a3..c23cd36 100644 --- a/src/svc_vc.c +++ b/src/svc_vc.c @@ -502,9 +502,14 @@ read_vc(xprtp, buf, len) cfp = (struct cf_conn *)xprt->xp_p1; if (cfp->nonblock) { + /* Since len == 0 is returned on zero length + * read or EOF errno needs to be reset before + * the read + */ + errno = 0; len = read(sock, buf, (size_t)len); if (len < 0) { - if (errno == EAGAIN) + if (errno == EAGAIN || errno == EWOULDBLOCK) len = 0; else goto fatal_err; diff --git a/src/xdr_rec.c b/src/xdr_rec.c index 7d535cf..676cc82 100644 --- a/src/xdr_rec.c +++ b/src/xdr_rec.c @@ -61,6 +61,7 @@ #include <rpc/svc.h> #include <rpc/clnt.h> #include <stddef.h> +#include <errno.h> #include "rpc_com.h" static bool_t xdrrec_getlong(XDR *, long *); static bool_t xdrrec_putlong(XDR *, const long *); @@ -537,7 +538,13 @@ __xdrrec_getrec(xdrs, statp, expectdata) n = rstrm->readit(rstrm->tcp_handle, rstrm->in_hdrp, (int)sizeof (rstrm->in_header) - rstrm->in_hdrlen); if (n == 0) { - *statp = expectdata ? XPRT_DIED : XPRT_IDLE; + /* EAGAIN or EWOULDBLOCK means a zero length + * read not an EOF. + */ + if (errno == EAGAIN || errno == EWOULDBLOCK) + *statp = XPRT_IDLE; + else + *statp = expectdata ? XPRT_DIED : XPRT_IDLE; return FALSE; } if (n < 0) { @@ -564,6 +571,7 @@ __xdrrec_getrec(xdrs, statp, expectdata) rstrm->in_header &= ~LAST_FRAG; rstrm->last_frag = TRUE; } + rstrm->in_haveheader = 1; } n = rstrm->readit(rstrm->tcp_handle, @@ -576,7 +584,13 @@ __xdrrec_getrec(xdrs, statp, expectdata) } if (n == 0) { - *statp = expectdata ? XPRT_DIED : XPRT_IDLE; + /* EAGAIN or EWOULDBLOCK means a zero length + * read not an EOF. + */ + if (errno == EAGAIN || errno == EWOULDBLOCK) + *statp = XPRT_IDLE; + else + *statp = expectdata ? XPRT_DIED : XPRT_IDLE; return FALSE; } ++++++ libtirpc-1.0.3.tar.bz2 -> libtirpc-1.1.4.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/compile new/libtirpc-1.1.4/compile --- old/libtirpc-1.0.3/compile 2018-03-14 14:56:24.000000000 +0100 +++ new/libtirpc-1.1.4/compile 2018-08-27 16:10:10.000000000 +0200 @@ -1,4 +1,4 @@ -#! /bin/sh +#!/bin/sh # Wrapper for compilers which do not understand '-c -o'. scriptversion=2016-01-11.22; # UTC diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/config.guess new/libtirpc-1.1.4/config.guess --- old/libtirpc-1.0.3/config.guess 2018-03-14 14:56:24.000000000 +0100 +++ new/libtirpc-1.1.4/config.guess 2018-08-27 16:10:10.000000000 +0200 @@ -1,4 +1,4 @@ -#! /bin/sh +#!/bin/sh # Attempt to guess a canonical system name. # Copyright 1992-2017 Free Software Foundation, Inc. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/config.sub new/libtirpc-1.1.4/config.sub --- old/libtirpc-1.0.3/config.sub 2018-03-14 14:56:24.000000000 +0100 +++ new/libtirpc-1.1.4/config.sub 2018-08-27 16:10:10.000000000 +0200 @@ -1,4 +1,4 @@ -#! /bin/sh +#!/bin/sh # Configuration validation subroutine script. # Copyright 1992-2017 Free Software Foundation, Inc. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/configure new/libtirpc-1.1.4/configure --- old/libtirpc-1.0.3/configure 2018-03-14 14:56:24.000000000 +0100 +++ new/libtirpc-1.1.4/configure 2018-08-27 16:10:11.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for libtirpc 1.0.3. +# Generated by GNU Autoconf 2.69 for libtirpc 1.1.4. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ # Identity of this package. PACKAGE_NAME='libtirpc' PACKAGE_TARNAME='libtirpc' -PACKAGE_VERSION='1.0.3' -PACKAGE_STRING='libtirpc 1.0.3' +PACKAGE_VERSION='1.1.4' +PACKAGE_STRING='libtirpc 1.1.4' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1325,7 +1325,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libtirpc 1.0.3 to adapt to many kinds of systems. +\`configure' configures libtirpc 1.1.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1395,7 +1395,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libtirpc 1.0.3:";; + short | recursive ) echo "Configuration of libtirpc 1.1.4:";; esac cat <<\_ACEOF @@ -1508,7 +1508,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libtirpc configure 1.0.3 +libtirpc configure 1.1.4 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1873,7 +1873,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libtirpc $as_me 1.0.3, which was +It was created by libtirpc $as_me 1.1.4, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2736,7 +2736,7 @@ # Define the identity of the package. PACKAGE='libtirpc' - VERSION='1.0.3' + VERSION='1.1.4' cat >>confdefs.h <<_ACEOF @@ -12964,7 +12964,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libtirpc $as_me 1.0.3, which was +This file was extended by libtirpc $as_me 1.1.4, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -13030,7 +13030,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -libtirpc config.status 1.0.3 +libtirpc config.status 1.1.4 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/configure.ac new/libtirpc-1.1.4/configure.ac --- old/libtirpc-1.0.3/configure.ac 2018-03-14 14:55:12.000000000 +0100 +++ new/libtirpc-1.1.4/configure.ac 2018-08-27 16:06:49.000000000 +0200 @@ -1,4 +1,4 @@ -AC_INIT(libtirpc, 1.0.3) +AC_INIT(libtirpc, 1.1.4) AM_INIT_AUTOMAKE([silent-rules]) AM_SILENT_RULES([yes]) AC_CONFIG_SRCDIR([src/auth_des.c]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/depcomp new/libtirpc-1.1.4/depcomp --- old/libtirpc-1.0.3/depcomp 2018-03-14 14:56:24.000000000 +0100 +++ new/libtirpc-1.1.4/depcomp 2018-08-27 16:10:10.000000000 +0200 @@ -1,4 +1,4 @@ -#! /bin/sh +#!/bin/sh # depcomp - compile a program generating dependencies as side-effects scriptversion=2016-01-11.22; # UTC diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/doc/Makefile.am new/libtirpc-1.1.4/doc/Makefile.am --- old/libtirpc-1.0.3/doc/Makefile.am 2018-03-14 14:55:12.000000000 +0100 +++ new/libtirpc-1.1.4/doc/Makefile.am 2018-08-27 16:06:49.000000000 +0200 @@ -1,4 +1,4 @@ -dist_sysconf_DATA = netconfig +dist_sysconf_DATA = netconfig bindresvport.blacklist CLEANFILES = cscope.* *~ DISTCLEANFILES = Makefile.in diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/doc/Makefile.in new/libtirpc-1.1.4/doc/Makefile.in --- old/libtirpc-1.0.3/doc/Makefile.in 2018-03-14 14:56:24.000000000 +0100 +++ new/libtirpc-1.1.4/doc/Makefile.in 2018-08-27 16:10:10.000000000 +0200 @@ -270,7 +270,7 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -dist_sysconf_DATA = netconfig +dist_sysconf_DATA = netconfig bindresvport.blacklist CLEANFILES = cscope.* *~ DISTCLEANFILES = Makefile.in all: all-am diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/doc/bindresvport.blacklist new/libtirpc-1.1.4/doc/bindresvport.blacklist --- old/libtirpc-1.0.3/doc/bindresvport.blacklist 1970-01-01 01:00:00.000000000 +0100 +++ new/libtirpc-1.1.4/doc/bindresvport.blacklist 2018-08-27 16:06:49.000000000 +0200 @@ -0,0 +1,13 @@ +# +# This file contains a list of port numbers between 600 and 1024, +# which should not be used by bindresvport. bindresvport is mostly +# called by RPC services. This mostly solves the problem, that a +# RPC service uses a well known port of another service. +# +623 # ASF, used by IPMI on some cards +631 # cups +636 # ldaps +664 # Secure ASF, used by IPMI on some cards +921 # lwresd +993 # imaps +995 # pops diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/ltmain.sh new/libtirpc-1.1.4/ltmain.sh --- old/libtirpc-1.0.3/ltmain.sh 2018-03-14 14:56:23.000000000 +0100 +++ new/libtirpc-1.1.4/ltmain.sh 2018-08-27 16:10:09.000000000 +0200 @@ -7272,10 +7272,12 @@ # -tp=* Portland pgcc target processor selection # --sysroot=* for sysroot support # -O*, -g*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization + # -specs=* GCC specs files # -stdlib=* select c++ std lib with clang -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ - -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*) + -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*| \ + -specs=*) func_quote_for_eval "$arg" arg=$func_quote_for_eval_result func_append compile_command " $arg" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/missing new/libtirpc-1.1.4/missing --- old/libtirpc-1.0.3/missing 2018-03-14 14:56:24.000000000 +0100 +++ new/libtirpc-1.1.4/missing 2018-08-27 16:10:10.000000000 +0200 @@ -1,4 +1,4 @@ -#! /bin/sh +#!/bin/sh # Common wrapper for a few potentially missing GNU programs. scriptversion=2016-01-11.22; # UTC diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/src/bindresvport.c new/libtirpc-1.1.4/src/bindresvport.c --- old/libtirpc-1.0.3/src/bindresvport.c 2018-03-14 14:55:12.000000000 +0100 +++ new/libtirpc-1.1.4/src/bindresvport.c 2018-08-27 16:06:49.000000000 +0200 @@ -39,7 +39,10 @@ #include <netdb.h> #include <netinet/in.h> +#include <stdio.h> +#include <ctype.h> #include <errno.h> +#include <stdlib.h> #include <string.h> #include <unistd.h> @@ -68,6 +71,80 @@ #define ENDPORT (IPPORT_RESERVED - 1) #define NPORTS (ENDPORT - STARTPORT + 1) +/* + * Read the file /etc/bindresvport.blacklist, so that we don't bind + * to these ports. + */ + +static int blacklist_read; +static int *list; +static int list_size = 0; + +static void +load_blacklist (void) +{ + FILE *fp; + char *buf = NULL; + size_t buflen = 0; + int size = 0, ptr = 0; + + blacklist_read = 1; + + fp = fopen ("/etc/bindresvport.blacklist", "r"); + if (NULL == fp) + return; + + while (!feof (fp)) + { + unsigned long port; + char *tmp, *cp; + ssize_t n = getline (&buf, &buflen, fp); + if (n < 1) + break; + + cp = buf; + tmp = strchr (cp, '#'); /* remove comments */ + if (tmp) + *tmp = '\0'; + while (isspace ((int)*cp)) /* remove spaces and tabs */ + ++cp; + if (*cp == '\0') /* ignore empty lines */ + continue; + if (cp[strlen (cp) - 1] == '\n') + cp[strlen (cp) - 1] = '\0'; + + port = strtoul (cp, &tmp, 0); + while (isspace(*tmp)) + ++tmp; + if (*tmp != '\0' || (port == ULONG_MAX && errno == ERANGE)) + continue; + + /* Don't bother with out-of-range ports */ + if (port < LOWPORT || port > ENDPORT) + continue; + + if (ptr >= size) + { + size += 10; + list = realloc (list, size * sizeof (int)); + if (list == NULL) + { + free (buf); + return; + } + } + + list[ptr++] = port; + } + + fclose (fp); + + if (buf) + free (buf); + + list_size = ptr; +} + int bindresvport_sa(sd, sa) int sd; @@ -87,6 +164,9 @@ int endport = ENDPORT; int i; + if (!blacklist_read) + load_blacklist(); + mutex_lock(&port_lock); nports = ENDPORT - startport + 1; @@ -132,12 +212,21 @@ errno = EADDRINUSE; again: for (i = 0; i < nports; ++i) { - *portp = htons(port++); - if (port > endport) - port = startport; - res = bind(sd, sa, salen); + int j; + + /* Check if this port is not blacklisted. */ + for (j = 0; j < list_size; j++) + if (port == list[j]) + goto try_next_port; + + *portp = htons(port); + res = bind(sd, sa, salen); if (res >= 0 || errno != EADDRINUSE) break; + +try_next_port: + if (++port > endport) + port = startport; } if (i == nports && startport != LOWPORT) { startport = LOWPORT; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/src/clnt_dg.c new/libtirpc-1.1.4/src/clnt_dg.c --- old/libtirpc-1.0.3/src/clnt_dg.c 2018-03-14 14:55:12.000000000 +0100 +++ new/libtirpc-1.1.4/src/clnt_dg.c 2018-08-27 16:06:49.000000000 +0200 @@ -160,15 +160,22 @@ thr_sigsetmask(SIG_SETMASK, &newmask, &mask); mutex_lock(&clnt_fd_lock); if (dg_fd_locks == (int *) NULL) { - int cv_allocsz; - size_t fd_allocsz; - int dtbsize = __rpc_dtbsize(); + size_t cv_allocsz, fd_allocsz; + unsigned int dtbsize = __rpc_dtbsize(); + + if ( (size_t) dtbsize > SIZE_MAX/sizeof(cond_t)) { + mutex_unlock(&clnt_fd_lock); + thr_sigsetmask(SIG_SETMASK, &(mask), NULL); + errno = EOVERFLOW; + goto err1; + } fd_allocsz = dtbsize * sizeof (int); dg_fd_locks = (int *) mem_alloc(fd_allocsz); if (dg_fd_locks == (int *) NULL) { mutex_unlock(&clnt_fd_lock); thr_sigsetmask(SIG_SETMASK, &(mask), NULL); + errno = ENOMEM; goto err1; } else memset(dg_fd_locks, '\0', fd_allocsz); @@ -180,6 +187,7 @@ dg_fd_locks = (int *) NULL; mutex_unlock(&clnt_fd_lock); thr_sigsetmask(SIG_SETMASK, &(mask), NULL); + errno = ENOMEM; goto err1; } else { int i; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/src/clnt_generic.c new/libtirpc-1.1.4/src/clnt_generic.c --- old/libtirpc-1.0.3/src/clnt_generic.c 2018-03-14 14:55:12.000000000 +0100 +++ new/libtirpc-1.1.4/src/clnt_generic.c 2018-08-27 16:06:49.000000000 +0200 @@ -47,7 +47,6 @@ extern bool_t __rpc_is_local_host(const char *); int __rpc_raise_fd(int); -extern int __binddynport(int fd); #ifndef NETIDLEN #define NETIDLEN 32 @@ -341,8 +340,7 @@ servtype = nconf->nc_semantics; if (!__rpc_fd2sockinfo(fd, &si)) goto err; - if (__binddynport(fd) == -1) - goto err; + bindresvport(fd, NULL); } else { if (!__rpc_fd2sockinfo(fd, &si)) goto err; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/src/clnt_vc.c new/libtirpc-1.1.4/src/clnt_vc.c --- old/libtirpc-1.0.3/src/clnt_vc.c 2018-03-14 14:55:12.000000000 +0100 +++ new/libtirpc-1.1.4/src/clnt_vc.c 2018-08-27 16:06:49.000000000 +0200 @@ -63,6 +63,7 @@ #include <string.h> #include <unistd.h> #include <signal.h> +#include <stdint.h> #include <rpc/rpc.h> #include "rpc_com.h" @@ -201,14 +202,25 @@ thr_sigsetmask(SIG_SETMASK, &newmask, &mask); mutex_lock(&clnt_fd_lock); if (vc_fd_locks == (int *) NULL) { - int cv_allocsz, fd_allocsz; - int dtbsize = __rpc_dtbsize(); + size_t cv_allocsz, fd_allocsz; + unsigned int dtbsize = __rpc_dtbsize(); + struct rpc_createerr *ce = &get_rpc_createerr(); + + if ( (size_t) dtbsize > SIZE_MAX/sizeof(cond_t)) { + mutex_unlock(&clnt_fd_lock); + thr_sigsetmask(SIG_SETMASK, &(mask), NULL); + ce->cf_stat = RPC_SYSTEMERROR; + ce->cf_error.re_errno = EOVERFLOW; + goto err; + } fd_allocsz = dtbsize * sizeof (int); vc_fd_locks = (int *) mem_alloc(fd_allocsz); if (vc_fd_locks == (int *) NULL) { mutex_unlock(&clnt_fd_lock); thr_sigsetmask(SIG_SETMASK, &(mask), NULL); + ce->cf_stat = RPC_SYSTEMERROR; + ce->cf_error.re_errno = ENOMEM; goto err; } else memset(vc_fd_locks, '\0', fd_allocsz); @@ -221,6 +233,8 @@ vc_fd_locks = (int *) NULL; mutex_unlock(&clnt_fd_lock); thr_sigsetmask(SIG_SETMASK, &(mask), NULL); + ce->cf_stat = RPC_SYSTEMERROR; + ce->cf_error.re_errno = ENOMEM; goto err; } else { int i; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/src/rpc_soc.c new/libtirpc-1.1.4/src/rpc_soc.c --- old/libtirpc-1.0.3/src/rpc_soc.c 2018-03-14 14:55:12.000000000 +0100 +++ new/libtirpc-1.1.4/src/rpc_soc.c 2018-08-27 16:06:49.000000000 +0200 @@ -67,8 +67,6 @@ extern mutex_t rpcsoc_lock; -extern int __binddynport(int fd); - static CLIENT *clnt_com_create(struct sockaddr_in *, rpcprog_t, rpcvers_t, int *, u_int, u_int, char *, int); static SVCXPRT *svc_com_create(int, u_int, u_int, char *); @@ -147,8 +145,7 @@ bindaddr.maxlen = bindaddr.len = sizeof (struct sockaddr_in); bindaddr.buf = raddr; - if (__binddynport(fd) == -1) - goto err; + bindresvport(fd, NULL); cl = clnt_tli_create(fd, nconf, &bindaddr, prog, vers, sendsz, recvsz); if (cl) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/src/rpcb_clnt.c new/libtirpc-1.1.4/src/rpcb_clnt.c --- old/libtirpc-1.0.3/src/rpcb_clnt.c 2018-03-14 14:55:12.000000000 +0100 +++ new/libtirpc-1.1.4/src/rpcb_clnt.c 2018-08-27 16:06:49.000000000 +0200 @@ -752,7 +752,7 @@ client = getpmaphandle(nconf, host, &parms.r_addr); if (client == NULL) - return (NULL); + goto error; /* * Set retry timeout. @@ -771,11 +771,11 @@ if (clnt_st != RPC_SUCCESS) { rpc_createerr.cf_stat = RPC_PMAPFAILURE; clnt_geterr(client, &rpc_createerr.cf_error); - return (NULL); + goto error; } else if (port == 0) { pmapaddress = NULL; rpc_createerr.cf_stat = RPC_PROGNOTREGISTERED; - return (NULL); + goto error; } port = htons(port); CLNT_CONTROL(client, CLGET_SVC_ADDR, (char *)&remote); @@ -789,14 +789,24 @@ free(pmapaddress); pmapaddress = NULL; } - return (NULL); + goto error; } memcpy(pmapaddress->buf, remote.buf, remote.len); memcpy(&((char *)pmapaddress->buf)[sizeof (short)], (char *)(void *)&port, sizeof (short)); pmapaddress->len = pmapaddress->maxlen = remote.len; + CLNT_DESTROY(client); return pmapaddress; + +error: + if (client) { + CLNT_DESTROY(client); + client = NULL; + + } + return (NULL); + } #endif @@ -836,6 +846,7 @@ struct netbuf *address = NULL; rpcvers_t start_vers = RPCBVERS4; struct netbuf servaddr; + struct rpc_err rpcerr; /* parameter checking */ if (nconf == NULL) { @@ -892,7 +903,8 @@ clnt_st = CLNT_CALL(client, (rpcproc_t)RPCBPROC_GETADDR, (xdrproc_t) xdr_rpcb, (char *)(void *)&parms, (xdrproc_t) xdr_wrapstring, (char *)(void *) &ua, *tp); - if (clnt_st == RPC_SUCCESS) { + switch (clnt_st) { + case RPC_SUCCESS: if ((ua == NULL) || (ua[0] == 0)) { /* address unknown */ rpc_createerr.cf_stat = RPC_PROGNOTREGISTERED; @@ -914,12 +926,15 @@ (char *)(void *)&servaddr); __rpc_fixup_addr(address, &servaddr); goto done; - } else if (clnt_st == RPC_PROGVERSMISMATCH) { - struct rpc_err rpcerr; + case RPC_PROGVERSMISMATCH: clnt_geterr(client, &rpcerr); if (rpcerr.re_vers.low > RPCBVERS4) goto error; /* a new version, can't handle */ - } else if (clnt_st != RPC_PROGUNAVAIL) { + /* Try the next lower version */ + case RPC_PROGUNAVAIL: + case RPC_CANTDECODEARGS: + break; + default: /* Cant handle this error */ rpc_createerr.cf_stat = clnt_st; clnt_geterr(client, &rpc_createerr.cf_error); @@ -929,7 +944,7 @@ #ifdef PORTMAP /* Try version 2 for TCP or UDP */ if (strcmp(nconf->nc_protofmly, NC_INET) == 0) { - address = __try_protocol_version_2(program, 2, nconf, host, tp); + address = __try_protocol_version_2(program, version, nconf, host, tp); if (address == NULL) goto error; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtirpc-1.0.3/src/xdr_stdio.c new/libtirpc-1.1.4/src/xdr_stdio.c --- old/libtirpc-1.0.3/src/xdr_stdio.c 2018-03-14 14:55:12.000000000 +0100 +++ new/libtirpc-1.1.4/src/xdr_stdio.c 2018-08-27 16:06:49.000000000 +0200 @@ -38,6 +38,7 @@ */ #include <stdio.h> +#include <stdint.h> #include <arpa/inet.h> #include <rpc/types.h> @@ -103,10 +104,12 @@ XDR *xdrs; long *lp; { + int32_t mycopy; - if (fread(lp, sizeof(int32_t), 1, (FILE *)xdrs->x_private) != 1) + if (fread(&mycopy, sizeof(int32_t), 1, (FILE *)xdrs->x_private) != 1) return (FALSE); - *lp = (long)ntohl((u_int32_t)*lp); + + *lp = (long)ntohl(mycopy); return (TRUE); } @@ -115,8 +118,14 @@ XDR *xdrs; const long *lp; { - long mycopy = (long)htonl((u_int32_t)*lp); + int32_t mycopy; + +#if defined(_LP64) + if ((*lp > UINT32_MAX) || (*lp < INT32_MIN)) + return (FALSE); +#endif + mycopy = (int32_t)htonl((int32_t)*lp); if (fwrite(&mycopy, sizeof(int32_t), 1, (FILE *)xdrs->x_private) != 1) return (FALSE); return (TRUE);
