rpms/ganglia/EL-4 gmetad-bof-dos.patch, NONE, 1.1 .cvsignore, 1.4, 1.5 ganglia.spec, 1.5, 1.6 sources, 1.4, 1.5
Kostas Georgiou
georgiou at fedoraproject.org
Tue Jan 20 22:08:31 UTC 2009
- Previous message (by thread): rpms/gnome-media/devel .cvsignore, 1.48, 1.49 gnome-media.spec, 1.150, 1.151 sources, 1.47, 1.48
- Next message (by thread): rpms/cpphs/devel cpphs.spec, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: georgiou
Update of /cvs/extras/rpms/ganglia/EL-4
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv6844
Modified Files:
.cvsignore ganglia.spec sources
Added Files:
gmetad-bof-dos.patch
Log Message:
Update to latest release and security fixes from #480236
gmetad-bof-dos.patch:
--- NEW FILE gmetad-bof-dos.patch ---
--- gmetad/server.c.orig
+++ gmetad/server.c
@@ -11,6 +11,7 @@
#include "dtd.h"
#include "gmetad.h"
#include "my_inet_ntop.h"
+#include <stdlib.h>
extern g_tcp_socket *server_socket;
extern pthread_mutex_t server_socket_mutex;
@@ -370,14 +371,13 @@ tree_report(datum_t *key, datum_t *val, void *arg)
/* sacerdoti: This function does a tree walk while respecting the filter path.
* Will return valid XML even if we have chosen a subtree. Since tree depth is
- * bounded, this function guarantees O(1) search time. The recursive structure
- * does not require any memory allocations.
+ * bounded, this function guarantees O(1) search time.
*/
static int
process_path (client_t *client, char *path, datum_t *myroot, datum_t *key)
{
char *p, *q, *pathend;
- char element[256];
+ char *element;
int rc, len;
datum_t *found;
datum_t findkey;
@@ -419,6 +419,10 @@ process_path (client_t *client, char *path, datum_t *myroot, datum_t *key)
if (!q) q=pathend;
len = q-p;
+ element = malloc(len + 1);
+ if ( element == NULL )
+ return 1;
+
strncpy(element, p, len);
element[len] = '\0';
@@ -435,10 +439,13 @@ process_path (client_t *client, char *path, datum_t *myroot, datum_t *key)
rc = process_path(client, q, found, &findkey);
datum_free(found);
+ free(element);
}
else
{
- rc = process_path(client, 0, myroot, NULL);
+ /* element not found */
+ free(element);
+ return 1;
}
}
if (rc) return 1;
@@ -537,7 +544,7 @@ server_thread (void *arg)
socklen_t len;
client_t client;
char remote_ip[16];
- char request[REQUESTLEN];
+ char request[REQUESTLEN + 1];
llist_entry *le;
datum_t rootdatum;
@@ -600,8 +607,8 @@ server_thread (void *arg)
if (process_request(&client, request))
{
err_msg("Got a malformed path request from %s", remote_ip);
- /* Send them the entire tree to discourage attacks. */
- strcpy(request, "/");
+ close(client.fd);
+ continue;
}
}
else
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/ganglia/EL-4/.cvsignore,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- .cvsignore 19 Dec 2007 15:55:29 -0000 1.4
+++ .cvsignore 20 Jan 2009 22:08:00 -0000 1.5
@@ -1,2 +1 @@
-ganglia-3.0.5.tar.gz
-ganglia-3.0.6.tar.gz
+ganglia-3.0.7.tar.gz
Index: ganglia.spec
===================================================================
RCS file: /cvs/extras/rpms/ganglia/EL-4/ganglia.spec,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- ganglia.spec 19 Dec 2007 15:55:29 -0000 1.5
+++ ganglia.spec 20 Jan 2009 22:08:00 -0000 1.6
@@ -1,5 +1,5 @@
Name: ganglia
-Version: 3.0.6
+Version: 3.0.7
Release: 1%{?dist}
Summary: Ganglia Distributed Monitoring System
@@ -7,6 +7,7 @@
License: BSD
URL: http://ganglia.sourceforge.net/
Source0: http://dl.sourceforge.net/sourceforge/%{name}/%{name}-%{version}.tar.gz
+Patch0: gmetad-bof-dos.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: rrdtool-devel
@@ -70,6 +71,7 @@
%prep
%setup -q
+%patch0 -p0
## Hey, those shouldn't be executable...
chmod -x lib/*.{h,x}
@@ -205,6 +207,10 @@
%{_datadir}/%{name}
%changelog
+* Tue Jan 20 2009 Kostas Georgiou <k.georgiou at imperial.ac.uk> - 3.0.7-1
+- New upstream release
+- [480236] fix for a buffer overflow and an off-by-one bug in gmetad
+
* Mon Dec 17 2007 Jarod Wilson <jwilson at redhat.com> 3.0.6-1
- New upstream release (security fix for web frontend
cross-scripting vulnerability)
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/ganglia/EL-4/sources,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- sources 19 Dec 2007 15:55:29 -0000 1.4
+++ sources 20 Jan 2009 22:08:00 -0000 1.5
@@ -1 +1 @@
-f2fecaae424be95ddf8b2cc6247be31d ganglia-3.0.6.tar.gz
+20c210ed33061737e2496fee9243b1f4 ganglia-3.0.7.tar.gz
- Previous message (by thread): rpms/gnome-media/devel .cvsignore, 1.48, 1.49 gnome-media.spec, 1.150, 1.151 sources, 1.47, 1.48
- Next message (by thread): rpms/cpphs/devel cpphs.spec, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list