rpms/proftpd/F-12 proftpd-1.3.2b-segfault-on-auth-fail.patch, NONE, 1.1 proftpd.spec, 1.59, 1.60

Paul Howarth pghmcfc at fedoraproject.org
Thu Dec 10 16:09:46 UTC 2009 

Author: pghmcfc

Update of /cvs/pkgs/rpms/proftpd/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv16782/F-12

Modified Files:
	proftpd.spec 
Added Files:
	proftpd-1.3.2b-segfault-on-auth-fail.patch 
Log Message:
Add patch for upstream bug 3350 - segfault on auth failures

proftpd-1.3.2b-segfault-on-auth-fail.patch:
 support.c |    5 +++++
 1 file changed, 5 insertions(+)

--- NEW FILE proftpd-1.3.2b-segfault-on-auth-fail.patch ---
Got this backtrace on auth failures on Fedora 12 with OpenSSL 1.0.0 beta 4

Core was generated by `proftpd -n'.
Program terminated with signal 11, Segmentation fault.
#0  strcmp () at ../sysdeps/x86_64/strcmp.S:64
64		cmpb	(%rsi), %al
(gdb) bt
#0  strcmp () at ../sysdeps/x86_64/strcmp.S:64
#1  0x0000003a1b00e965 in _dl_name_match_p (name=0x3a1b53a89e "libgcc_s.so.1", map=0x7fc600) at dl-misc.c:302
#2  0x0000003a1b007ad2 in _dl_map_object (loader=0x3a1b21f0e8, name=0x3a1b53a89e "libgcc_s.so.1", preloaded=<value optimized out>, 
    type=<value optimized out>, trace_mode=<value optimized out>, mode=-1879048191, nsid=<value optimized out>) at dl-load.c:1977
#3  0x0000003a1b012500 in dl_open_worker (a=0x7fff079d1010) at dl-open.c:254
#4  0x0000003a1b00dd46 in _dl_catch_error (objname=<value optimized out>, errstring=<value optimized out>, mallocedp=<value optimized out>, 
    operate=<value optimized out>, args=<value optimized out>) at dl-error.c:178
#5  0x0000003a1b011f87 in _dl_open (file=0x3a1b53a89e "libgcc_s.so.1", mode=-2147483647, caller_dlopen=0x0, nsid=-2, argc=2, 
    argv=<value optimized out>, env=<value optimized out>) at dl-open.c:583
#6  0x0000003a1b51a620 in do_dlopen (ptr=0x7fff079d1200) at dl-libc.c:86
#7  0x0000003a1b00dd46 in _dl_catch_error (objname=<value optimized out>, errstring=<value optimized out>, mallocedp=<value optimized out>, 
    operate=<value optimized out>, args=<value optimized out>) at dl-error.c:178
#8  0x0000003a1b51a777 in dlerror_run (args=<value optimized out>, operate=<value optimized out>) at dl-libc.c:47
#9  __libc_dlopen_mode (args=<value optimized out>, operate=<value optimized out>) at dl-libc.c:160
#10 0x0000003a1b4f3345 in init () at ../sysdeps/ia64/backtrace.c:41
#11 0x0000003a1bc0c733 in pthread_once () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_once.S:104
#12 0x0000003a1b4f3444 in __backtrace (array=<value optimized out>, size=32) at ../sysdeps/ia64/backtrace.c:85
#13 0x0000000000414312 in handle_segv (signo=11, info=0x7fff079d1530, ptr=0x7fff079d1400) at main.c:1871
#14 <signal handler called>
#15 OPENSSL_cleanse () at x86_64cpuid.s:135
#16 0x0000000000424abb in pr_memscrub (ptr=0x7fbe40, ptrlen=0) at support.c:570
#17 0x0000000000473322 in setup_env (p=0x80b150, cmd=0x7fbdb8, user=0x80c3f0 "", pass=0x7fbe40 "") at mod_auth.c:1381
#18 0x0000000000474eb3 in auth_pass (cmd=0x7fbdb8) at mod_auth.c:1963
#19 0x000000000043a0ee in pr_module_call (m=0x6e3480, func=0x474d9e <auth_pass>, cmd=0x7fbdb8) at modules.c:502
#20 0x0000000000411702 in _dispatch (cmd=0x7fbdb8, cmd_type=2, validate=1, match=0x7fbe38 "PASS") at main.c:446
#21 0x0000000000411f5e in pr_cmd_dispatch_phase (cmd=0x7fbdb8, phase=0, flags=3) at main.c:703
#22 0x000000000041220d in pr_cmd_dispatch (cmd=0x7fbdb8) at main.c:773
#23 0x0000000000412796 in cmd_loop (server=0x7b4628, c=0x805e88) at main.c:914
#24 0x00000000004136be in fork_server (fd=9, l=0x804408, nofork=0 '\000') at main.c:1436
#25 0x0000000000413ca7 in daemon_loop () at main.c:1643
#26 0x00000000004151ff in standalone_main () at main.c:2504
#27 0x0000000000415e08 in main (argc=2, argv=0x7fff079d2118, envp=0x7fff079d2130) at main.c:3124

--- proftpd-1.3.3rc2/src/support.c	2009-08-04 16:53:28.000000000 +0100
+++ proftpd-1.3.3rc2/src/support.c	2009-12-10 13:52:06.916586992 +0000
@@ -567,6 +567,11 @@
   /* Just use OpenSSL's function for this.  They have optimized it for
    * performance in later OpenSSL releases.
    */
+
+  if (!ptr || ptrlen == 0) {
+    return;
+  }
+
   OPENSSL_cleanse(ptr, ptrlen);
 
 #else 


Index: proftpd.spec
===================================================================
RCS file: /cvs/pkgs/rpms/proftpd/F-12/proftpd.spec,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -p -r1.59 -r1.60
--- proftpd.spec	9 Dec 2009 21:05:10 -0000	1.59
+++ proftpd.spec	10 Dec 2009 16:09:45 -0000	1.60
@@ -7,7 +7,7 @@
 %endif
 
 #global prever rc3
-%global rpmrel 2
+%global rpmrel 3
 
 Summary:		Flexible, stable and highly-configurable FTP server
 Name:			proftpd
@@ -31,6 +31,7 @@ Source11:		http://www.castaglia.org/prof
 Patch0:			proftpd-1.3.2rc3-nostrip.patch
 Patch2:			proftpd-1.3.2-parallel-build.patch
 Patch3:			proftpd-1.3.2a-mlsd.patch
+Patch4:			proftpd-1.3.2b-segfault-on-auth-fail.patch
 BuildRoot:		%{_tmppath}/%{name}-%{version}-%{release}-root
 Requires(post):		/sbin/chkconfig
 Requires(preun):	/sbin/service, /sbin/chkconfig, coreutils, findutils
@@ -99,6 +100,9 @@ Module to add PostgreSQL support to the 
 # (upstream patch)
 %patch3 -p1 -b .mlsd
 
+# Fix segfault on auth failures (bug 3350)
+%patch4 -p1 -b .segfault-on-auth-failure
+
 # Avoid documentation name conflicts
 %{__mv} contrib/README contrib/README.contrib
 
@@ -291,6 +295,9 @@ fi
 
 
 %changelog
+* Thu Dec 10 2009 Paul Howarth <paul at city-fan.org> 1.3.2b-3
+- Add patch for upstream bug 3350 - segfault on auth failures
+
 * Wed Dec  9 2009 Paul Howarth <paul at city-fan.org> 1.3.2b-2
 - Reduce the mod_facts patch to the single commit addressing the issue with
   directory names with glob characters (#521634), avoiding introducing a

More information about the fedora-extras-commits mailing list