summaryrefslogtreecommitdiff
path: root/debian/patches
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches')
-rw-r--r--debian/patches/0001-ftpfs-fix-error-handling-in-refresh_dir.patch46
-rw-r--r--debian/patches/0002-libshouldbeinlibc-fix-dead-initialization-in-fmt_nam.patch30
-rw-r--r--debian/patches/0003-trans-fakeroot-fix-error-handling.patch29
-rw-r--r--debian/patches/0004-libports-avoid-realloc-3-corner-case.patch34
-rw-r--r--debian/patches/0005-libdiskfs-add-permission-check-to-file_chflags.patch59
-rw-r--r--debian/patches/series5
6 files changed, 203 insertions, 0 deletions
diff --git a/debian/patches/0001-ftpfs-fix-error-handling-in-refresh_dir.patch b/debian/patches/0001-ftpfs-fix-error-handling-in-refresh_dir.patch
new file mode 100644
index 00000000..086f5c3a
--- /dev/null
+++ b/debian/patches/0001-ftpfs-fix-error-handling-in-refresh_dir.patch
@@ -0,0 +1,46 @@
+From 94e684b35dd5455e1cb4ac5e5f2aab2df0ebb2db Mon Sep 17 00:00:00 2001
+From: Justus Winter <4winter@informatik.uni-hamburg.de>
+Date: Wed, 20 Nov 2013 11:58:41 +0100
+Subject: [PATCH 1/5] ftpfs: fix error handling in refresh_dir
+
+Found using the Clang Static Analyzer.
+
+* ftpfs/dir.c (refresh_dir): Fix error handling.
+---
+ ftpfs/dir.c | 20 ++++++++++++--------
+ 1 file changed, 12 insertions(+), 8 deletions(-)
+
+diff --git a/ftpfs/dir.c b/ftpfs/dir.c
+index da5ddbe..a9fea22 100644
+--- a/ftpfs/dir.c
++++ b/ftpfs/dir.c
+@@ -384,14 +384,18 @@ refresh_dir (struct ftpfs_dir *dir, int update_stats, time_t timestamp,
+ if (! err)
+ err = update_ordered_name ("..", &dfs);
+
+- /* Refetch the directory from the server. */
+- if (update_stats)
+- /* Fetch both names and stat info. */
+- err = ftp_conn_get_stats (conn, dir->rmt_path, 1,
+- update_ordered_entry, &dfs);
+- else
+- /* Just fetch names. */
+- err = ftp_conn_get_names (conn, dir->rmt_path, update_ordered_name, &dfs);
++ if (! err)
++ {
++ /* Refetch the directory from the server. */
++ if (update_stats)
++ /* Fetch both names and stat info. */
++ err = ftp_conn_get_stats (conn, dir->rmt_path, 1,
++ update_ordered_entry, &dfs);
++ else
++ /* Just fetch names. */
++ err = ftp_conn_get_names (conn, dir->rmt_path,
++ update_ordered_name, &dfs);
++ }
+
+ if (! err)
+ /* GC any directory entries that weren't seen this time. */
+--
+2.0.0
+
diff --git a/debian/patches/0002-libshouldbeinlibc-fix-dead-initialization-in-fmt_nam.patch b/debian/patches/0002-libshouldbeinlibc-fix-dead-initialization-in-fmt_nam.patch
new file mode 100644
index 00000000..dbabc031
--- /dev/null
+++ b/debian/patches/0002-libshouldbeinlibc-fix-dead-initialization-in-fmt_nam.patch
@@ -0,0 +1,30 @@
+From 3bef76f4db1d08ec1ee46d0c8d245523cf5feebb Mon Sep 17 00:00:00 2001
+From: Justus Winter <4winter@informatik.uni-hamburg.de>
+Date: Wed, 20 Nov 2013 12:17:03 +0100
+Subject: [PATCH 2/5] libshouldbeinlibc: fix dead initialization in
+ fmt_named_interval
+
+Found using the Clang Static Analyzer.
+
+* libshouldbeinlibc/timefmt.c (fmt_named_interval): Fix dead
+initialization.
+---
+ libshouldbeinlibc/timefmt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libshouldbeinlibc/timefmt.c b/libshouldbeinlibc/timefmt.c
+index a28f58b..cef72e0 100644
+--- a/libshouldbeinlibc/timefmt.c
++++ b/libshouldbeinlibc/timefmt.c
+@@ -105,7 +105,7 @@ fmt_named_interval (struct timeval *tv, size_t width,
+ {{0, 1}, {0, 1}, {0, 0}, {" microsecond", "us", 0 }},
+ {{0, 0} }
+ };
+- struct tscale *ts = time_scales;
++ struct tscale *ts;
+
+ if (width <= 0 || width >= buf_len)
+ width = buf_len - 1;
+--
+2.0.0
+
diff --git a/debian/patches/0003-trans-fakeroot-fix-error-handling.patch b/debian/patches/0003-trans-fakeroot-fix-error-handling.patch
new file mode 100644
index 00000000..2a6bae94
--- /dev/null
+++ b/debian/patches/0003-trans-fakeroot-fix-error-handling.patch
@@ -0,0 +1,29 @@
+From 8c769b20fdc47d3e943806abe5aa5fe2b517a092 Mon Sep 17 00:00:00 2001
+From: Justus Winter <4winter@informatik.uni-hamburg.de>
+Date: Mon, 16 Jun 2014 16:50:12 +0200
+Subject: [PATCH 3/5] trans/fakeroot: fix error handling
+
+Found using the Clang Static Analyzer.
+
+* trans/fakeroot.c (new_node): Do not leak a pointer to freed memory.
+Store NULL at *np instead. This fixes a node use-after-free in
+netfs_S_dir_lookup.
+---
+ trans/fakeroot.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/trans/fakeroot.c b/trans/fakeroot.c
+index 32a34ec..df2de64 100644
+--- a/trans/fakeroot.c
++++ b/trans/fakeroot.c
+@@ -119,6 +119,7 @@ new_node (file_t file, mach_port_t idport, int locked, int openmodes,
+ mach_port_deallocate (mach_task_self (), nn->idport);
+ mach_port_deallocate (mach_task_self (), file);
+ free (*np);
++ *np = NULL;
+ return err;
+ }
+
+--
+2.0.0
+
diff --git a/debian/patches/0004-libports-avoid-realloc-3-corner-case.patch b/debian/patches/0004-libports-avoid-realloc-3-corner-case.patch
new file mode 100644
index 00000000..7af7f42b
--- /dev/null
+++ b/debian/patches/0004-libports-avoid-realloc-3-corner-case.patch
@@ -0,0 +1,34 @@
+From 430cd222921336dc9e06170c2e4a2e7024a8cadb Mon Sep 17 00:00:00 2001
+From: Justus Winter <4winter@informatik.uni-hamburg.de>
+Date: Mon, 16 Jun 2014 17:34:22 +0200
+Subject: [PATCH 4/5] libports: avoid realloc(3) corner case
+
+If the size argument is 0, realloc may either return NULL, or return a
+pointer that is only valid for use with free(3). In either case, the
+memory is freed. So if realloc would return NULL (it does not on
+GNU), the current code would double free p.
+
+Found using the Clang Static Analyzer.
+
+* libports/bucket-iterate.c (_ports_bucket_class_iterate): Avoid
+calling realloc if no ports were matched.
+---
+ libports/bucket-iterate.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libports/bucket-iterate.c b/libports/bucket-iterate.c
+index babc204..2d1b00d 100644
+--- a/libports/bucket-iterate.c
++++ b/libports/bucket-iterate.c
+@@ -65,7 +65,7 @@ _ports_bucket_class_iterate (struct port_bucket *bucket,
+ }
+ pthread_mutex_unlock (&_ports_lock);
+
+- if (n != nr_items)
++ if (n != 0 && n != nr_items)
+ {
+ /* We allocated too much. Release unused memory. */
+ void **new = realloc (p, n * sizeof *p);
+--
+2.0.0
+
diff --git a/debian/patches/0005-libdiskfs-add-permission-check-to-file_chflags.patch b/debian/patches/0005-libdiskfs-add-permission-check-to-file_chflags.patch
new file mode 100644
index 00000000..44140fc2
--- /dev/null
+++ b/debian/patches/0005-libdiskfs-add-permission-check-to-file_chflags.patch
@@ -0,0 +1,59 @@
+From 3ea1eb1af128d1a20949983d212ef529becc6a77 Mon Sep 17 00:00:00 2001
+From: Justus Winter <4winter@informatik.uni-hamburg.de>
+Date: Tue, 10 Jun 2014 14:22:31 +0200
+Subject: [PATCH 5/5] libdiskfs: add permission check to file_chflags
+
+Only root is allowed to change the high 16 bits. The TODO entry says
+otherwise, but that must be a mistake. For reference, see the glibc
+sources, sysdeps/mach/hurd/bits/stat.h.
+
+* libdiskfs/file-chflags.c (diskfs_S_file_chflags): Add permission
+check.
+* TODO (libdiskfs): Remove entry.
+---
+ TODO | 2 --
+ libdiskfs/file-chflags.c | 8 ++++++++
+ 2 files changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/TODO b/TODO
+index d2500dc..0387e9f 100644
+--- a/TODO
++++ b/TODO
+@@ -108,8 +108,6 @@ See `tasks', the exported task list.
+ Rename the rest to libhurdutil or somesuch.
+
+ ** libdiskfs
+-*** file_chflags does not do proper permission checking (non-root isn't
+- supposed to be able to change the low bits)
+ *** Add the short-circuited-but-not-builtin translator startup code from
+ dir-lookup to fsys_getroot. Compare and match carefully these two
+ routines and then share common code.
+diff --git a/libdiskfs/file-chflags.c b/libdiskfs/file-chflags.c
+index 01dc495..a29ff07 100644
+--- a/libdiskfs/file-chflags.c
++++ b/libdiskfs/file-chflags.c
+@@ -23,8 +23,15 @@ kern_return_t
+ diskfs_S_file_chflags (struct protid *cred,
+ int flags)
+ {
++#define HI(X) ((X) & 0xffff0000u)
+ CHANGE_NODE_FIELD (cred,
+ ({
++ /* Only root is allowed to change the high 16
++ bits. */
++ if ((HI (flags) != HI (np->dn_stat.st_flags))
++ && ! idvec_contains (cred->user->uids, 0))
++ return EPERM;
++
+ err = fshelp_isowner (&np->dn_stat, cred->user);
+ if (!err)
+ err = diskfs_validate_flags_change (np, flags);
+@@ -37,4 +44,5 @@ diskfs_S_file_chflags (struct protid *cred,
+ diskfs_notice_filechange(np, FILE_CHANGED_META,
+ 0, 0);
+ }));
++#undef HI
+ }
+--
+2.0.0
+
diff --git a/debian/patches/series b/debian/patches/series
index a7efa410..ccef28f8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -45,3 +45,8 @@ fix-net_rcv_msg.patch
#pp.patch
#pp-dde.patch
#pp-random.patch
+0001-ftpfs-fix-error-handling-in-refresh_dir.patch
+0002-libshouldbeinlibc-fix-dead-initialization-in-fmt_nam.patch
+0003-trans-fakeroot-fix-error-handling.patch
+0004-libports-avoid-realloc-3-corner-case.patch
+0005-libdiskfs-add-permission-check-to-file_chflags.patch