Hello community,
here is the log from the commit of package uftpd for openSUSE:Factory checked
in at 2020-05-29 21:23:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/uftpd (Old)
and /work/SRC/openSUSE:Factory/.uftpd.new.3606 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "uftpd"
Fri May 29 21:23:44 2020 rev:9 rq:809770 version:2.12
Changes:
--------
--- /work/SRC/openSUSE:Factory/uftpd/uftpd.changes 2020-01-05
15:22:49.657611262 +0100
+++ /work/SRC/openSUSE:Factory/.uftpd.new.3606/uftpd.changes 2020-05-29
21:37:39.294699494 +0200
@@ -1,0 +2,16 @@
+Mon May 25 17:27:46 UTC 2020 - Martin Hauke <mar...@gmx.de>
+
+- Update to version 2.12
+ Changes
+ * Use common log message format and log level when user enters
+ an invalid path. This unfortunately affects changes introduced
+ in v2.11 to increase logging at default log level.
+ * Fixes
+ Issue #30: When entering an invalid directory with the FTP
+ command CWD, a NULL ptr was deref. in a DBG() message even
+ though the log level is set to a value lower than LOG_DEBUG.
+ This caused uftpd to crash and cause denial of service.
+ Depending on the init/inetd system used this could be
+ permanent.
+
+-------------------------------------------------------------------
Old:
----
uftpd-2.11.tar.gz
New:
----
uftpd-2.12.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ uftpd.spec ++++++
--- /var/tmp/diff_new_pack.eXcYMf/_old 2020-05-29 21:37:39.638700518 +0200
+++ /var/tmp/diff_new_pack.eXcYMf/_new 2020-05-29 21:37:39.642700530 +0200
@@ -1,7 +1,7 @@
#
# spec file for package uftpd
#
-# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
# Copyright (c) 2018, Martin Hauke <mar...@gmx.de>
#
# All modifications and additions to the file contributed by third parties
@@ -18,7 +18,7 @@
Name: uftpd
-Version: 2.11
+Version: 2.12
Release: 0
Summary: A combined TFTP/FTP server
License: ISC
++++++ uftpd-2.11.tar.gz -> uftpd-2.12.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/uftpd-2.11/.travis.yml new/uftpd-2.12/.travis.yml
--- old/uftpd-2.11/.travis.yml 2020-01-05 08:51:54.000000000 +0100
+++ new/uftpd-2.12/.travis.yml 2020-05-25 18:09:12.000000000 +0200
@@ -29,7 +29,7 @@
name: "troglobit/uftpd"
description: "uftpd -- the no nonsense (T)FTP server"
notification_email: troglo...@gmail.com
- build_command_prepend: "./autogen.sh && PKG_CONFIG_PATH=/tmp/lib/pkgconfig
./configure --disable-silent-rules --prefix=/tmp"
+ build_command_prepend: "./autogen.sh && PKG_CONFIG_PATH=/tmp/lib/pkgconfig
./configure --disable-silent-rules --prefix="
build_command: "make -j5 clean all"
branch_pattern: dev
@@ -43,10 +43,10 @@
script:
- ./autogen.sh
- - PKG_CONFIG_PATH=/tmp/lib/pkgconfig ./configure --disable-silent-rules
--prefix=/tmp
+ - PKG_CONFIG_PATH=/tmp/lib/pkgconfig ./configure --disable-silent-rules
--prefix=
- make clean
- make -j5
- - make install-strip
- - tree /tmp
- - ldd /tmp/sbin/uftpd
- - LD_LIBRARY_PATH=/tmp/lib /tmp/sbin/uftpd -h
+ - DESTDIR=~/tmp make install-strip
+ - tree ~/tmp
+ - ldd ~/tmp/sbin/uftpd
+ - LD_LIBRARY_PATH=/tmp/lib ~/tmp/sbin/uftpd -h
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/uftpd-2.11/ChangeLog.md new/uftpd-2.12/ChangeLog.md
--- old/uftpd-2.11/ChangeLog.md 2020-01-05 08:51:54.000000000 +0100
+++ new/uftpd-2.12/ChangeLog.md 2020-05-25 18:09:12.000000000 +0200
@@ -4,6 +4,22 @@
All notable changes to the project are documented in this file.
+[v2.12][] - 2020-05-25
+----------------------
+
+### Changes
+- Use common log message format and log level when user enters an
+ invalid path. This unfortunately affects changes introduced in
+ [v2.11][] to increase logging at default log level.
+
+### Fixes
+- Issue #30: When entering an invalid directory with the FTP command CWD,
+ a NULL ptr was deref. in a DBG() message even though the log level is
+ set to a value lower than `LOG_DEBUG`. This caused uftpd to crash
+ and cause denial of service. Depending on the init/inetd system used
+ this could be permanent.
+
+
[v2.11][] - 2020-01-05
----------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/uftpd-2.11/README.md new/uftpd-2.12/README.md
--- old/uftpd-2.11/README.md 2020-01-05 08:51:54.000000000 +0100
+++ new/uftpd-2.12/README.md 2020-05-25 18:09:12.000000000 +0200
@@ -104,6 +104,14 @@
Build & Install
---------------
+### Debian/Ubuntu
+
+ curl -sS https://deb.troglobit.com/pubkey.gpg | sudo apt-key add -
+ echo "deb [arch=amd64] https://deb.troglobit.com/debian stable main" |
sudo tee /etc/apt/sources.list.d/troglobit.list
+ sudo apt-get update && sudo apt-get install uftpd
+
+### Building from Source
+
`uftpd` depends on two other projects to build from source, [libuEv][]
and [lite][]. See their respective README for details, there should be
no real surprises, both use the familiar configure, make, make install.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/uftpd-2.11/configure.ac new/uftpd-2.12/configure.ac
--- old/uftpd-2.11/configure.ac 2020-01-05 08:51:54.000000000 +0100
+++ new/uftpd-2.12/configure.ac 2020-05-25 18:09:12.000000000 +0200
@@ -1,4 +1,4 @@
-AC_INIT([uftpd], [2.11], [https://github.com/troglobit/uftpd/issues],,
+AC_INIT([uftpd], [2.12], [https://github.com/troglobit/uftpd/issues],,
[https://troglobit.com/projects/uftpd/])
AM_INIT_AUTOMAKE([1.11 foreign no-dist-gzip dist-xz])
AM_SILENT_RULES([yes])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/uftpd-2.11/debian/changelog
new/uftpd-2.12/debian/changelog
--- old/uftpd-2.11/debian/changelog 2020-01-05 08:51:54.000000000 +0100
+++ new/uftpd-2.12/debian/changelog 2020-05-25 18:09:12.000000000 +0200
@@ -1,3 +1,10 @@
+uftpd (2.12) stable; urgency=medium
+
+ * Fix issue #30: uftpd crashes when an invalid CWD is entered
+ * Use common log message format and log level for all path refs.
+
+ -- Joachim Nilsson <troglo...@gmail.com> Mon, 25 May 2020 18:08:32 +0200
+
uftpd (2.11) unstable; urgency=medium
* Increased logging at default log level. Now all relevant interaction
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/uftpd-2.11/docs/SECURITY.md
new/uftpd-2.12/docs/SECURITY.md
--- old/uftpd-2.11/docs/SECURITY.md 1970-01-01 01:00:00.000000000 +0100
+++ new/uftpd-2.12/docs/SECURITY.md 2020-05-25 18:09:12.000000000 +0200
@@ -0,0 +1,12 @@
+# Security Policy
+
+## Supported Versions
+
+uftpd is a small project, as such we have no possibility to support older
versions.
+The only supported version is the latest released on GitHub:
+
+<https://github.com/troglobit/uftpd/releases>
+
+## Reporting a Vulnerability
+
+Contact the project's main author and owner to report and discuss
vulnerabilities.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/uftpd-2.11/src/ftpcmd.c new/uftpd-2.12/src/ftpcmd.c
--- old/uftpd-2.11/src/ftpcmd.c 2020-01-05 08:51:54.000000000 +0100
+++ new/uftpd-2.12/src/ftpcmd.c 2020-05-25 18:09:12.000000000 +0200
@@ -404,19 +404,13 @@
*/
dir = compose_abspath(ctrl, path);
if (!dir || stat(dir, &st) || !S_ISDIR(st.st_mode)) {
- DBG("chrooted:%d, ctrl->cwd: %s, home:%s, dir:%s, len:%zd,
dirlen:%zd",
- chrooted, ctrl->cwd, home, dir, strlen(home), strlen(dir));
+ INFO("%s: CWD: invalid path to %s: %m", ctrl->clientaddr, path);
send_msg(ctrl->sd, "550 No such directory.\r\n");
return;
}
- if (!chrooted) {
- size_t len = strlen(home);
-
- DBG("non-chrooted CWD, home:%s, dir:%s, len:%zd, dirlen:%zd",
- home, dir, len, strlen(dir));
- dir += len;
- }
+ if (!chrooted)
+ dir += strlen(home);
snprintf(ctrl->cwd, sizeof(ctrl->cwd), "%s", dir);
if (ctrl->cwd[0] == 0)
@@ -711,7 +705,7 @@
path = compose_path(ctrl, cwd);
if (!path) {
fail:
- LOGIT(LOG_INFO, errno, "Failed reading status for %s",
path ? path : name);
+ INFO("%s: LIST: Failed reading status for %s: %m",
ctrl->clientaddr, path ? path : name);
continue;
}
@@ -735,7 +729,7 @@
ERR(errno, "Failed sending file %s to client",
ctrl->file);
while (ctrl->i < ctrl->d_num) {
- struct dirent *entry = ctrl->d[ctrl->i++];
+ entry = ctrl->d[ctrl->i++];
free(entry);
}
do_abort(ctrl);
@@ -757,6 +751,18 @@
send_msg(ctrl->sd, "226 Transfer complete.\r\n");
}
+static const char *mode2op(int mode)
+{
+ switch (mode) {
+ case 0: return "LIST";
+ case 1: return "NLST";
+ case 2: return "MLST";
+ case 3: return "MLSD";
+ }
+
+ return "LST?";
+}
+
static void list(ctrl_t *ctrl, char *arg, int mode)
{
char *path;
@@ -797,6 +803,7 @@
else
path = compose_path(ctrl, arg);
if (!path) {
+ INFO("%s: %s: invalid path to %s: %m", ctrl->clientaddr,
mode2op(mode), arg);
send_msg(ctrl->sd, "550 No such file or directory.\r\n");
return;
}
@@ -1102,7 +1109,7 @@
path = compose_abspath(ctrl, file);
if (!path || stat(path, &st)) {
- LOG("%s: Failed opening '%s'. No such file or directory",
ctrl->clientaddr, path);
+ INFO("%s: RETR: invalid path to %s: %m", ctrl->clientaddr,
file);
send_msg(ctrl->sd, "550 No such file or directory.\r\n");
return;
}
@@ -1163,6 +1170,7 @@
path = compose_abspath(ctrl, file);
if (!path || stat(path, &st) || !S_ISREG(st.st_mode)) {
missing:
+ INFO("MDTM: invalid path to %s: %m", file);
send_msg(ctrl->sd, "550 Not a regular file.\r\n");
return;
}
@@ -1256,7 +1264,7 @@
path = compose_abspath(ctrl, file);
if (!path) {
- INFO("Invalid path for %s: %m", file);
+ INFO("STOR: invalid path to %s: %m", file);
goto fail;
}
@@ -1297,7 +1305,7 @@
path = compose_abspath(ctrl, file);
if (!path) {
- ERR(errno, "Cannot find %s", file);
+ INFO("DELE: invalid path to %s: %m", file);
goto fail;
}
@@ -1323,7 +1331,7 @@
path = compose_abspath(ctrl, arg);
if (!path) {
- INFO("Invalid path for %s: %m", arg);
+ INFO("MKD: invalid path to %s: %m", arg);
goto fail;
}
