[Glibc-bsd-commits] r3740 - in trunk/kfreebsd-8/debian: . patches

Mon Oct 17 15:35:40 UTC 2011

Author: ps-guest
Date: 2011-10-17 15:35:40 +0000 (Mon, 17 Oct 2011)
New Revision: 3740

Added:
   trunk/kfreebsd-8/debian/patches/918_unix_socket_overflow.diff
Modified:
   trunk/kfreebsd-8/debian/changelog
   trunk/kfreebsd-8/debian/patches/series
Log:
 918_unix_socket_overflow.diff, to fix up breakage in our userland after 000_unix_socket_overflow.diff. Closes: #645527.



Modified: trunk/kfreebsd-8/debian/changelog
===================================================================

--- trunk/kfreebsd-8/debian/changelog	2011-10-17 13:03:21 UTC (rev 3739)
+++ trunk/kfreebsd-8/debian/changelog	2011-10-17 15:35:40 UTC (rev 3740)
@@ -1,9 +1,14 @@
 kfreebsd-8 (8.2-10) UNRELEASED; urgency=low
 
+  [ Robert Millan ]
   * Disable -frename-registers on i386.  I enabled it in 2006 only because I
     mistakenly thought upstream had done the same.  In fact, upstream only
     enabled this flag on amd64.  See SVN revision 1302.
 
+   [ Petr Salinger ]
+   * Add 918_unix_socket_overflow.diff, to fix up breakage in our userland
+     after 000_unix_socket_overflow.diff. Closes: #645527.
+
  -- Robert Millan <rmh at debian.org>  Sun, 16 Oct 2011 11:43:34 +0200
 
 kfreebsd-8 (8.2-9) unstable; urgency=high

Added: trunk/kfreebsd-8/debian/patches/918_unix_socket_overflow.diff
===================================================================
--- trunk/kfreebsd-8/debian/patches/918_unix_socket_overflow.diff	                        (rev 0)
+++ trunk/kfreebsd-8/debian/patches/918_unix_socket_overflow.diff	2011-10-17 15:35:40 UTC (rev 3740)
@@ -0,0 +1,33 @@
+See #645527.
+
+Our former userspace allows 108 bytes in sun_path,
+but kernel restrict it to 104 bytes.
+
+--- a/sys/kern/uipc_usrreq.c
++++ b/sys/kern/uipc_usrreq.c
+@@ -420,7 +420,12 @@
+ 	KASSERT(unp != NULL, ("uipc_bind: unp == NULL"));
+ 
+ 	if (soun->sun_len > sizeof(struct sockaddr_un))
++	{
++	    if (soun->sun_len <= (4 + sizeof(struct sockaddr_un)))
++	        soun->sun_len = sizeof(struct sockaddr_un);  	/* clip it */
++	    else
+ 		return (EINVAL);
++	};
+ 	namelen = soun->sun_len - offsetof(struct sockaddr_un, sun_path);
+ 	if (namelen <= 0)
+ 		return (EINVAL);
+@@ -1168,7 +1173,12 @@
+ 	KASSERT(unp != NULL, ("unp_connect: unp == NULL"));
+ 
+ 	if (nam->sa_len > sizeof(struct sockaddr_un))
++	{
++	    if (nam->sa_len <= (4 + sizeof(struct sockaddr_un)))
++	        nam->sa_len = sizeof(struct sockaddr_un);	/* clip it */
++	    else
+ 		return (EINVAL);
++	};
+ 	len = nam->sa_len - offsetof(struct sockaddr_un, sun_path);
+ 	if (len <= 0)
+ 		return (EINVAL);

Modified: trunk/kfreebsd-8/debian/patches/series
===================================================================
--- trunk/kfreebsd-8/debian/patches/series	2011-10-17 13:03:21 UTC (rev 3739)
+++ trunk/kfreebsd-8/debian/patches/series	2011-10-17 15:35:40 UTC (rev 3740)
@@ -38,6 +38,7 @@
 915_ip6.v6only.diff
 916_NKPT_amd64.diff
 917_track_alignment.diff
+918_unix_socket_overflow.diff
 950_no_stack_protector.diff
 999_config.diff
 999_firmware.diff


