diff options
author | Mike Frysinger <vapier@gentoo.org> | 2005-12-22 04:50:18 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2005-12-22 04:50:18 +0000 |
commit | ac693e5ec9f4bf87ce3546f4d865263cb206fd8a (patch) | |
tree | f3ca36d3f8755accb5e7f01cccc5dcd03e99ab78 /sys-block | |
parent | Version bump (bug #116226). (diff) | |
download | gentoo-2-ac693e5ec9f4bf87ce3546f4d865263cb206fd8a.tar.gz gentoo-2-ac693e5ec9f4bf87ce3546f4d865263cb206fd8a.tar.bz2 gentoo-2-ac693e5ec9f4bf87ce3546f4d865263cb206fd8a.zip |
Add patch to check for buffer overflow #116314.
(Portage version: 2.0.53)
Diffstat (limited to 'sys-block')
-rw-r--r-- | sys-block/nbd/ChangeLog | 8 | ||||
-rw-r--r-- | sys-block/nbd/files/digest-nbd-2.8.2-r1 | 2 | ||||
-rw-r--r-- | sys-block/nbd/files/nbd-2.8.2-buffer-check.patch | 26 | ||||
-rw-r--r-- | sys-block/nbd/nbd-2.8.2-r1.ebuild | 43 |
4 files changed, 78 insertions, 1 deletions
diff --git a/sys-block/nbd/ChangeLog b/sys-block/nbd/ChangeLog index 23bc6169afba..53827610a314 100644 --- a/sys-block/nbd/ChangeLog +++ b/sys-block/nbd/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-block/nbd # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-block/nbd/ChangeLog,v 1.5 2005/11/20 13:04:26 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-block/nbd/ChangeLog,v 1.6 2005/12/22 04:50:18 vapier Exp $ + +*nbd-2.8.2-r1 (22 Dec 2005) + + 22 Dec 2005; Mike Frysinger <vapier@gentoo.org> + +files/nbd-2.8.2-buffer-check.patch, +nbd-2.8.2-r1.ebuild: + Add patch to check for buffer overflow #116314. *nbd-2.8.2 (20 Nov 2005) diff --git a/sys-block/nbd/files/digest-nbd-2.8.2-r1 b/sys-block/nbd/files/digest-nbd-2.8.2-r1 new file mode 100644 index 000000000000..8ba4e4456dfa --- /dev/null +++ b/sys-block/nbd/files/digest-nbd-2.8.2-r1 @@ -0,0 +1,2 @@ +MD5 ca9087568f2d5d3d2d3ed5fe1b506ec4 nbd-2.8.2.tar.gz 154065 +MD5 3e45be16d413bda30b23bf7dd30c48d7 nbd-linux-include.h.bz2 1248 diff --git a/sys-block/nbd/files/nbd-2.8.2-buffer-check.patch b/sys-block/nbd/files/nbd-2.8.2-buffer-check.patch new file mode 100644 index 000000000000..5367b0c0aa14 --- /dev/null +++ b/sys-block/nbd/files/nbd-2.8.2-buffer-check.patch @@ -0,0 +1,26 @@ +Kurt Fitzner writes: +There is a buffer size bug in the nbd server from at least version 2.7.5 +and on. + +The buffer size is exactly one megabyte, but nbd-server will accept +requests that are the buffer size. The problem is, the server makes no +allowance that the buffer must also hold the reply header. A read +request that is exactly one megabyte will write past the end of the +buffer by the size of the reply header. + +The allocation of the buffer needs to be BUFSIZE + sizeof(struct nbd_reply). + +http://sourceforge.net/mailarchive/forum.php?thread_id=9201144&forum_id=40388 +http://bugs.gentoo.org/116314 + +--- nbd/nbd-server.c ++++ nbd/nbd-server.c +@@ -677,7 +677,7 @@ int mainloop(CLIENT *client) { + + if (request.magic != htonl(NBD_REQUEST_MAGIC)) + err("Not enough magic."); +- if (len > BUFSIZE) ++ if (len > BUFSIZE - sizeof(struct nbd_reply)) + err("Request too big!"); + #ifdef DODBG + printf("%s from %Lu (%Lu) len %d, ", request.type ? "WRITE" : diff --git a/sys-block/nbd/nbd-2.8.2-r1.ebuild b/sys-block/nbd/nbd-2.8.2-r1.ebuild new file mode 100644 index 000000000000..818b4f65150d --- /dev/null +++ b/sys-block/nbd/nbd-2.8.2-r1.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-block/nbd/nbd-2.8.2-r1.ebuild,v 1.1 2005/12/22 04:50:18 vapier Exp $ + +inherit eutils flag-o-matic + +DESCRIPTION="Userland client/server for kernel network block device" +HOMEPAGE="http://nbd.sourceforge.net/" +SRC_URI="mirror://sourceforge/nbd/${P}.tar.gz + mirror://gentoo/nbd-linux-include.h.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="" + +DEPEND="" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${P}-gznbd.patch + epatch "${FILESDIR}"/${P}-buffer-check.patch + + mkdir -p "${S}"/inc-after/linux + mv "${WORKDIR}"/nbd-linux-include.h "${S}"/inc-after/linux/nbd.h + append-flags -idirafter "${S}"/inc-after +} + +src_compile() { + econf \ + --enable-lfs \ + --enable-syslog \ + || die + emake || die + emake -C gznbd || die +} + +src_install() { + make install DESTDIR="${D}" || die + dobin gznbd/gznbd || die + dodoc README +} |