[Glibc-bsd-commits] r3755 - in trunk: kfreebsd-10/debian kfreebsd-10/debian/patches kfreebsd-9/debian kfreebsd-9/debian/patches

Robert Millan rmh at alioth.debian.org
Sat Oct 22 12:25:42 UTC 2011 

Author: rmh
Date: 2011-10-22 12:25:42 +0000 (Sat, 22 Oct 2011)
New Revision: 3755

Added:
   trunk/kfreebsd-10/debian/patches/918_unix_socket_overflow.diff
   trunk/kfreebsd-9/debian/patches/918_unix_socket_overflow.diff
Modified:
   trunk/kfreebsd-10/debian/changelog
   trunk/kfreebsd-10/debian/patches/series
   trunk/kfreebsd-9/debian/changelog
   trunk/kfreebsd-9/debian/patches/series
Log:
Propagate Petr's 918_unix_socket_overflow.diff fix to kfreebsd-{9,10}

Modified: trunk/kfreebsd-10/debian/changelog
===================================================================
--- trunk/kfreebsd-10/debian/changelog	2011-10-22 12:22:20 UTC (rev 3754)
+++ trunk/kfreebsd-10/debian/changelog	2011-10-22 12:25:42 UTC (rev 3755)
@@ -9,6 +9,8 @@
 
   [ Petr Salinger ]
   * Drop 103_stat_pipe.diff, fixed upstream.
+  * Add 918_unix_socket_overflow.diff, to fix up breakage in our userland
+    after 000_unix_socket_overflow.diff. Closes: #645527.
 
  -- Robert Millan <rmh at debian.org>  Sun, 16 Oct 2011 13:29:14 +0200
 

Added: trunk/kfreebsd-10/debian/patches/918_unix_socket_overflow.diff
===================================================================
--- trunk/kfreebsd-10/debian/patches/918_unix_socket_overflow.diff	                        (rev 0)
+++ trunk/kfreebsd-10/debian/patches/918_unix_socket_overflow.diff	2011-10-22 12:25:42 UTC (rev 3755)
@@ -0,0 +1,33 @@
+See #645527.
+
+Our former userspace allows 108 bytes in sun_path,
+but kernel restrict it to 104 bytes.
+
+--- a/sys/kern/uipc_usrreq.c
++++ b/sys/kern/uipc_usrreq.c
+@@ -463,7 +463,12 @@
+ 	KASSERT(unp != NULL, ("uipc_bind: unp == NULL"));
+ 
+ 	if (soun->sun_len > sizeof(struct sockaddr_un))
++	{
++	    if (soun->sun_len <= (4 + sizeof(struct sockaddr_un)))
++	        soun->sun_len = sizeof(struct sockaddr_un);  	/* clip it */
++	    else
+ 		return (EINVAL);
++	};
+ 	namelen = soun->sun_len - offsetof(struct sockaddr_un, sun_path);
+ 	if (namelen <= 0)
+ 		return (EINVAL);
+@@ -1255,7 +1260,12 @@
+ 	KASSERT(unp != NULL, ("unp_connect: unp == NULL"));
+ 
+ 	if (nam->sa_len > sizeof(struct sockaddr_un))
++	{
++	    if (nam->sa_len <= (4 + sizeof(struct sockaddr_un)))
++	        nam->sa_len = sizeof(struct sockaddr_un);	/* clip it */
++	    else
+ 		return (EINVAL);
++	};
+ 	len = nam->sa_len - offsetof(struct sockaddr_un, sun_path);
+ 	if (len <= 0)
+ 		return (EINVAL);

Modified: trunk/kfreebsd-10/debian/patches/series
===================================================================
--- trunk/kfreebsd-10/debian/patches/series	2011-10-22 12:22:20 UTC (rev 3754)
+++ trunk/kfreebsd-10/debian/patches/series	2011-10-22 12:25:42 UTC (rev 3755)
@@ -23,6 +23,7 @@
 915_ip6.v6only.diff
 916_NKPT_amd64.diff
 917_disable_kgssapi.diff
+918_unix_socket_overflow.diff
 950_no_stack_protector.diff
 951_disable_mk_magic.diff
 999_config.diff

Modified: trunk/kfreebsd-9/debian/changelog
===================================================================
--- trunk/kfreebsd-9/debian/changelog	2011-10-22 12:22:20 UTC (rev 3754)
+++ trunk/kfreebsd-9/debian/changelog	2011-10-22 12:25:42 UTC (rev 3755)
@@ -1,9 +1,14 @@
 kfreebsd-9 (9.0~svn226368-2) UNRELEASED; urgency=low
 
+  [ Robert Millan ]
   * Disable -frename-registers on i386.  I enabled it in 2006 only because I
     mistakenly thought upstream had done the same.  In fact, upstream only
     enabled this flag on amd64.  See SVN revision 1302.
 
+  [ Petr Salinger ]
+  * Add 918_unix_socket_overflow.diff, to fix up breakage in our userland
+    after 000_unix_socket_overflow.diff. Closes: #645527.
+
  -- Robert Millan <rmh at debian.org>  Sun, 16 Oct 2011 13:29:21 +0200
 
 kfreebsd-9 (9.0~svn226368-1) experimental; urgency=low

Added: trunk/kfreebsd-9/debian/patches/918_unix_socket_overflow.diff
===================================================================
--- trunk/kfreebsd-9/debian/patches/918_unix_socket_overflow.diff	                        (rev 0)
+++ trunk/kfreebsd-9/debian/patches/918_unix_socket_overflow.diff	2011-10-22 12:25:42 UTC (rev 3755)
@@ -0,0 +1,33 @@
+See #645527.
+
+Our former userspace allows 108 bytes in sun_path,
+but kernel restrict it to 104 bytes.
+
+--- a/sys/kern/uipc_usrreq.c
++++ b/sys/kern/uipc_usrreq.c
+@@ -463,7 +463,12 @@
+ 	KASSERT(unp != NULL, ("uipc_bind: unp == NULL"));
+ 
+ 	if (soun->sun_len > sizeof(struct sockaddr_un))
++	{
++	    if (soun->sun_len <= (4 + sizeof(struct sockaddr_un)))
++	        soun->sun_len = sizeof(struct sockaddr_un);  	/* clip it */
++	    else
+ 		return (EINVAL);
++	};
+ 	namelen = soun->sun_len - offsetof(struct sockaddr_un, sun_path);
+ 	if (namelen <= 0)
+ 		return (EINVAL);
+@@ -1255,7 +1260,12 @@
+ 	KASSERT(unp != NULL, ("unp_connect: unp == NULL"));
+ 
+ 	if (nam->sa_len > sizeof(struct sockaddr_un))
++	{
++	    if (nam->sa_len <= (4 + sizeof(struct sockaddr_un)))
++	        nam->sa_len = sizeof(struct sockaddr_un);	/* clip it */
++	    else
+ 		return (EINVAL);
++	};
+ 	len = nam->sa_len - offsetof(struct sockaddr_un, sun_path);
+ 	if (len <= 0)
+ 		return (EINVAL);

Modified: trunk/kfreebsd-9/debian/patches/series
===================================================================
--- trunk/kfreebsd-9/debian/patches/series	2011-10-22 12:22:20 UTC (rev 3754)
+++ trunk/kfreebsd-9/debian/patches/series	2011-10-22 12:25:42 UTC (rev 3755)
@@ -24,6 +24,7 @@
 915_ip6.v6only.diff
 916_NKPT_amd64.diff
 917_disable_kgssapi.diff
+918_unix_socket_overflow.diff
 950_no_stack_protector.diff
 951_disable_mk_magic.diff
 999_config.diff

More information about the Glibc-bsd-commits mailing list