rpms/ncpfs/devel ncpfs-2.2.4-gcc4.patch, NONE, 1.1 ncpfs-2.2.4-getuid.patch, NONE, 1.1 ncpfs.spec, 1.16, 1.17
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Apr 8 11:36:57 UTC 2005
- Previous message (by thread): rpms/man/devel man-1.5p-man-pages.patch, NONE, 1.1 man.spec, 1.34, 1.35
- Next message (by thread): rpms/kernel/devel linux-2.6.11-cpufreq-add-suspend.patch, NONE, 1.1 linux-2.6.11-ppc32-750-erratum-fix.patch, NONE, 1.1 linux-2.6.11-ppc32-pmac-sleep-fix.patch, 1.1, 1.2 linux-2.6.11-ppc32-cpufreq-gpio-off.patch, 1.1, 1.2 kernel-2.6.spec, 1.1232, 1.1233
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvs/dist/rpms/ncpfs/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv3584
Modified Files:
ncpfs.spec
Added Files:
ncpfs-2.2.4-gcc4.patch ncpfs-2.2.4-getuid.patch
Log Message:
fixed getuid security bug CAN-2005-0013
gcc4 fix
ncpfs-2.2.4-gcc4.patch:
lib/ncplib.c | 2 +-
util/nwpjmv.c | 2 +-
util/pserver.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
--- NEW FILE ncpfs-2.2.4-gcc4.patch ---
--- ncpfs-2.2.4/util/pserver.c.gcc4 2004-02-10 19:28:47.000000000 +0100
+++ ncpfs-2.2.4/util/pserver.c 2005-04-08 13:31:04.066547184 +0200
@@ -153,7 +153,7 @@
char *s = q->command;
char *target_end = target + target_size;
- static void add_string(const char *str)
+ void add_string(const char *str)
{
int len = strlen(str);
if (target + len + 1 > target_end)
--- ncpfs-2.2.4/util/nwpjmv.c.gcc4 2005-04-08 13:32:43.201476384 +0200
+++ ncpfs-2.2.4/util/nwpjmv.c 2005-04-08 13:32:43.201476384 +0200
@@ -131,7 +131,7 @@
char *s = q->command;
char *target_end = target + target_size;
- static void add_string(const char *str)
+ void add_string(const char *str)
{
int len = strlen(str);
if (target + len + 1 > target_end)
--- ncpfs-2.2.4/lib/ncplib.c.gcc4 2005-04-08 13:31:04.047550072 +0200
+++ ncpfs-2.2.4/lib/ncplib.c 2005-04-08 13:31:04.068546880 +0200
@@ -2413,7 +2413,7 @@
int i = 1;
NWCCODE nwerr;
- static int get_argument(int arg_no, const char **target) {
+ int get_argument(int arg_no, const char **target) {
int count = 1;
if (target != NULL) {
ncpfs-2.2.4-getuid.patch:
contrib/tcl-utils/chgpwd.c | 4 ++--
contrib/tcl-utils/ncplist.c | 7 ++++++-
contrib/tcl-utils/ncpreadprop.c | 2 +-
contrib/tcl-utils/ncpreadprops.c | 2 +-
lib/nwclient.c | 12 ++++++++----
sutil/ncplogin.c | 5 ++++-
6 files changed, 22 insertions(+), 10 deletions(-)
--- NEW FILE ncpfs-2.2.4-getuid.patch ---
--- ncpfs-2.2.4/sutil/ncplogin.c.nogetuid 2004-02-10 13:28:47.000000000 -0500
+++ ncpfs-2.2.4/sutil/ncplogin.c 2005-04-08 07:00:22.819565176 -0400
@@ -582,7 +582,10 @@
int flags = 0;
if (!info.tree) {
- NWCXGetPreferredDSTree(ntree, sizeof(ntree));
+ err=NWCXGetPreferredDSTree(ntree, sizeof(ntree));
+ if (err){
+ errexit(104, _("Cannot get preffered DS tree: %s\n"),strnwerror(err));
+ }
info.tree = ntree;
}
--- ncpfs-2.2.4/lib/nwclient.c.nogetuid 2004-02-10 13:28:49.000000000 -0500
+++ ncpfs-2.2.4/lib/nwclient.c 2005-04-08 06:57:58.657481144 -0400
@@ -497,6 +497,10 @@
*err = errno;
return NULL;
}
+ if (st.st_uid != getuid()) {
+ *err = EACCES;
+ return NULL;
+ }
if ((st.st_mode & (S_IRWXO | S_IRWXG)) != 0) {
*err = NCPLIB_INVALID_MODE;
return NULL;
@@ -576,7 +580,7 @@
if (!res)
res=readnwinfosfile (NULL,NDS_PREFERRED_TREE,NULL, &err);
if (!res)
- return -1;
+ return err;
if (strlen (res)+1 >maxLen)
return NWE_BUFFER_OVERFLOW;
strcpy(preferTree,res);
@@ -597,7 +601,7 @@
if (!res)
res=readnwinfosfile (NULL,NDS_PREFERRED_NAME_CTX,forTree,&err);
if (!res)
- return -1;
+ return err;
if (strlen (res)+1 >maxLen)
return NWE_BUFFER_OVERFLOW;
strcpy(nameContext,res);
@@ -619,7 +623,7 @@
res=readnwinfosfile (NULL, NDS_PREFERRED_SERVER, forTree, &err);
if (!res) {
- return -1;
+ return err;
}
}
/* test that this server DO belongs to tree forTree*/
@@ -660,7 +664,7 @@
if (!res)
res=readnwinfosfile (NULL,NDS_USER,forTree, &err);
if (!res)
- return -1;
+ return err;
if (strlen (res)+1 >maxLen)
return NWE_BUFFER_OVERFLOW;
strcpy(defaultName,res);
--- ncpfs-2.2.4/contrib/tcl-utils/ncpreadprop.c.nogetuid 2004-02-10 13:28:48.000000000 -0500
+++ ncpfs-2.2.4/contrib/tcl-utils/ncpreadprop.c 2005-04-08 06:57:58.658480992 -0400
@@ -470,7 +470,7 @@
}
} else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
}
if (!treeName[0]) {
--- ncpfs-2.2.4/contrib/tcl-utils/ncplist.c.nogetuid 2004-02-10 13:28:47.000000000 -0500
+++ ncpfs-2.2.4/contrib/tcl-utils/ncplist.c 2005-04-08 06:57:58.659480840 -0400
@@ -299,7 +299,12 @@
}else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ if (dserr){
+ fprintf(stderr, "failed: Cannot get preffered DS tree: %s\n",
+ strnwerror(dserr);
+ exit(106);
+ }
}
if (!treeName[0]) {
--- ncpfs-2.2.4/contrib/tcl-utils/ncpreadprops.c.nogetuid 2004-02-10 13:28:49.000000000 -0500
+++ ncpfs-2.2.4/contrib/tcl-utils/ncpreadprops.c 2005-04-08 06:57:58.659480840 -0400
@@ -507,7 +507,7 @@
}
} else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
}
if (!treeName[0]) {
--- ncpfs-2.2.4/contrib/tcl-utils/chgpwd.c.nogetuid 2004-02-10 13:28:47.000000000 -0500
+++ ncpfs-2.2.4/contrib/tcl-utils/chgpwd.c 2005-04-08 06:57:58.660480688 -0400
@@ -292,12 +292,12 @@
}
} else {
if (!treeName[0]) {
- NWCXGetPreferredDSTree(treeName,sizeof(treeName));
+ dserr=NWCXGetPreferredDSTree(treeName,sizeof(treeName));
}
if (!treeName[0]) {
fprintf(stderr,"failed: You must specify a server or a tree\n");
- dserr=114;
+ /*dserr=114;*/
goto finished;
}
Index: ncpfs.spec
===================================================================
RCS file: /cvs/dist/rpms/ncpfs/devel/ncpfs.spec,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- ncpfs.spec 16 Mar 2005 21:37:02 -0000 1.16
+++ ncpfs.spec 8 Apr 2005 11:36:55 -0000 1.17
@@ -1,7 +1,7 @@
Summary: Utilities for the ncpfs filesystem, a NetWare client for Linux.
Name: ncpfs
Version: 2.2.4
-Release: 6
+Release: 7
License: GPL
Source: http://ftp.cvut.cz/ncpfs/ncpfs-%{version}.tar.gz
Patch: ncpfs-2.2.3-fix.patch
@@ -9,6 +9,8 @@
Patch2: ncpfs-2.2.3-lvalue.patch
Patch3: ncpfs-2.2.4-pie.patch
Patch4: ncpfs-2.2.4-overflow.patch
+Patch5: ncpfs-2.2.4-getuid.patch
+Patch6: ncpfs-2.2.4-gcc4.patch
Group: Applications/System
Requires: ipxutils
Buildroot: %{_tmppath}/%{name}-%{version}-root
@@ -43,6 +45,8 @@
%patch2 -p1 -b .lvalue
%patch3 -p1 -b .pie
%patch4 -p1 -b .overflow
+%patch5 -p1 -b .nogetuid
+%patch6 -p1 -b .gcc4
%build
%ifarch s390 s390x
@@ -112,6 +116,10 @@
%{_mandir}/man8/ipx*
%changelog
+* Fri Apr 8 2005 Jiri Ryska <jryska at redhat.com>
+- fixed getuid security bug CAN-2005-0013
+- gcc4 fix
+
* Wed Mar 16 2005 Elliot Lee <sopwith at redhat.com>
- rebuilt
- Previous message (by thread): rpms/man/devel man-1.5p-man-pages.patch, NONE, 1.1 man.spec, 1.34, 1.35
- Next message (by thread): rpms/kernel/devel linux-2.6.11-cpufreq-add-suspend.patch, NONE, 1.1 linux-2.6.11-ppc32-750-erratum-fix.patch, NONE, 1.1 linux-2.6.11-ppc32-pmac-sleep-fix.patch, 1.1, 1.2 linux-2.6.11-ppc32-cpufreq-gpio-off.patch, 1.1, 1.2 kernel-2.6.spec, 1.1232, 1.1233
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list