diff options
author | Justin Lecher <jlec@gentoo.org> | 2012-11-07 21:21:34 +0000 |
---|---|---|
committer | Justin Lecher <jlec@gentoo.org> | 2012-11-07 21:21:34 +0000 |
commit | a72c2801e74a55d1fe5df7168fbe1d57714cd89c (patch) | |
tree | a336098ca3c2cb1b5c919a602faaa403da766785 /app-misc/dtach | |
parent | Slot gstreamer dependencies in preparation for gstreamer-1.0. (diff) | |
download | gentoo-2-a72c2801e74a55d1fe5df7168fbe1d57714cd89c.tar.gz gentoo-2-a72c2801e74a55d1fe5df7168fbe1d57714cd89c.tar.bz2 gentoo-2-a72c2801e74a55d1fe5df7168fbe1d57714cd89c.zip |
app-misc/dtach: Backport fix for CVE-2012-3368, #426496
(Portage version: 2.2.0_alpha142/cvs/Linux x86_64, signed Manifest commit with key 8009D6F070EB7916)
Diffstat (limited to 'app-misc/dtach')
-rw-r--r-- | app-misc/dtach/ChangeLog | 10 | ||||
-rw-r--r-- | app-misc/dtach/dtach-0.8-r1.ebuild | 26 | ||||
-rw-r--r-- | app-misc/dtach/files/dtach-0.8-CVE-2012-3368.patch | 35 |
3 files changed, 69 insertions, 2 deletions
diff --git a/app-misc/dtach/ChangeLog b/app-misc/dtach/ChangeLog index fda68d5291e9..138cf1388949 100644 --- a/app-misc/dtach/ChangeLog +++ b/app-misc/dtach/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-misc/dtach -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-misc/dtach/ChangeLog,v 1.17 2011/01/04 17:55:39 jlec Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/app-misc/dtach/ChangeLog,v 1.18 2012/11/07 21:21:34 jlec Exp $ + +*dtach-0.8-r1 (07 Nov 2012) + + 07 Nov 2012; Justin Lecher <jlec@gentoo.org> +dtach-0.8-r1.ebuild, + +files/dtach-0.8-CVE-2012-3368.patch: + Backport fix for CVE-2012-3368, #426496 04 Jan 2011; Justin Lecher <jlec@gentoo.org> dtach-0.8.ebuild: Some Clean up diff --git a/app-misc/dtach/dtach-0.8-r1.ebuild b/app-misc/dtach/dtach-0.8-r1.ebuild new file mode 100644 index 000000000000..af5d42545172 --- /dev/null +++ b/app-misc/dtach/dtach-0.8-r1.ebuild @@ -0,0 +1,26 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-misc/dtach/dtach-0.8-r1.ebuild,v 1.1 2012/11/07 21:21:34 jlec Exp $ + +EAPI=4 + +inherit eutils + +DESCRIPTION="Emulates the detach feature of screen" +HOMEPAGE="http://dtach.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="" + +src_prepare() { + epatch "${FILESDIR}"/${P}-CVE-2012-3368.patch +} + +src_install() { + dobin dtach + doman dtach.1 + dodoc README +} diff --git a/app-misc/dtach/files/dtach-0.8-CVE-2012-3368.patch b/app-misc/dtach/files/dtach-0.8-CVE-2012-3368.patch new file mode 100644 index 000000000000..82d5f0e1e159 --- /dev/null +++ b/app-misc/dtach/files/dtach-0.8-CVE-2012-3368.patch @@ -0,0 +1,35 @@ +Fix error handling for read from stdin in attach.c + +attach.c did not correctly handle a read from stdin when read returned +an error. The code assigned the return value of read to pkt.len (an +unsigned char) before checking the value. This prevented the error check +from working correctly, since an unsigned integer can never be < 0. + +A packet with an invalid length was then sent to the master, which then +sent 255 bytes of garbage to the program. + +Fix the bug in attach.c and the unchecked packet length bug in master.c. + +Report and initial patch by Enrico Scholz. + +--- attach.c 2012/07/01 21:26:10 1.12 ++++ attach.c 2012/07/01 21:44:34 1.13 +@@ -237,12 +237,16 @@ + /* stdin activity */ + if (n > 0 && FD_ISSET(0, &readfds)) + { ++ ssize_t len; ++ + pkt.type = MSG_PUSH; + memset(pkt.u.buf, 0, sizeof(pkt.u.buf)); +- pkt.len = read(0, pkt.u.buf, sizeof(pkt.u.buf)); ++ len = read(0, pkt.u.buf, sizeof(pkt.u.buf)); + +- if (pkt.len <= 0) ++ if (len <= 0) + exit(1); ++ ++ pkt.len = len; + process_kbd(s, &pkt); + n--; + } |