[SCM] KDE Base Workspace module packaging branch, master, updated. debian/4.10.5-2-4-g235d1ca

Pino Toscano pino at alioth.debian.org
Mon Jul 22 10:04:47 UTC 2013 

Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-sc/kde-workspace.git;a=commitdiff;h=c4e1f39

The following commit has been merged in the master branch:
commit c4e1f3990f62b6e2502109d56ea24052abf088a9
Author: Pino Toscano <pino at debian.org>
Date:   Mon Jul 22 11:57:38 2013 +0200

    fix CVE-2013-4132 (#717180)
    
    backport upstream commit 45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7
---
 debian/changelog                                   |    4 +
 debian/patches/series                              |    1 +
 ...ass-Check-for-NULL-return-from-crypt-3-an.patch |  103 ++++++++++++++++++++
 3 files changed, 108 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 956ffe2..12adbb4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,10 @@ kde-workspace (4:4.10.5-3) UNRELEASED; urgency=low
   [ Pino Toscano ]
   * Fix breaks/replaces of ktouchpadenabler: remove the ones against itself,
     adjust version of kde-workspace-bin.
+  * Backport upstream commit 45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7 to fix
+    NULL pointer dereference in kcheckpass and kdm, CVE-2013-4132; patch
+    upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch.
+    (Closes: #717180)
 
  -- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>  Sun, 21 Jul 2013 15:20:50 +0200
 
diff --git a/debian/patches/series b/debian/patches/series
index ff13579..ced992b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
+upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch
 kdm_does_not_wreak_havoc.diff
 kdmrc_defaults.diff
 genkdmconf.diff
diff --git a/debian/patches/upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch b/debian/patches/upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch
new file mode 100644
index 0000000..f31f7db
--- /dev/null
+++ b/debian/patches/upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch
@@ -0,0 +1,103 @@
+From 45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7 Mon Sep 17 00:00:00 2001
+From: Michael Pyne <mpyne at kde.org>
+Date: Sat, 29 Jun 2013 16:13:20 -0400
+Subject: [PATCH] kdm, kcheckpass: Check for NULL return from crypt(3) and
+ friends.
+
+Potential issue noted and fixed by Mancha <mancha1 at hush.com>.
+
+Patch reviewed by myself and ossi. Backported to 4.10 by myself.
+
+REVIEW:111261
+FIXED-IN:4.10.5
+---
+ kcheckpass/checkpass_etcpasswd.c   |    3 ++-
+ kcheckpass/checkpass_osfc2passwd.c |    3 ++-
+ kcheckpass/checkpass_shadow.c      |    2 +-
+ kdm/backend/client.c               |    7 +++++--
+ 4 files changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/kcheckpass/checkpass_etcpasswd.c b/kcheckpass/checkpass_etcpasswd.c
+index 1dbe06f..e261b7c 100644
+--- a/kcheckpass/checkpass_etcpasswd.c
++++ b/kcheckpass/checkpass_etcpasswd.c
+@@ -35,6 +35,7 @@ AuthReturn Authenticate(const char *method,
+ {
+   struct passwd *pw;
+   char *passwd;
++  char *crpt_passwd;
+ 
+   if (strcmp(method, "classic"))
+     return AuthError;
+@@ -49,7 +50,7 @@ AuthReturn Authenticate(const char *method,
+   if (!(passwd = conv(ConvGetHidden, 0)))
+     return AuthAbort;
+ 
+-  if (!strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd))) {
++  if ((crpt_passwd = crypt(passwd, pw->pw_passwd)) && !strcmp(pw->pw_passwd, crpt_passwd)) {
+     dispose(passwd);
+     return AuthOk; /* Success */
+   }
+diff --git a/kcheckpass/checkpass_osfc2passwd.c b/kcheckpass/checkpass_osfc2passwd.c
+index 9a074f9..d181233 100644
+--- a/kcheckpass/checkpass_osfc2passwd.c
++++ b/kcheckpass/checkpass_osfc2passwd.c
+@@ -38,6 +38,7 @@ AuthReturn Authenticate(const char *method,
+         const char *login, char *(*conv) (ConvRequest, const char *))
+ {
+   char *passwd;
++  char *crpt_passwd;
+   char c2passwd[256];
+ 
+   if (strcmp(method, "classic"))
+@@ -52,7 +53,7 @@ AuthReturn Authenticate(const char *method,
+   if (!(passwd = conv(ConvGetHidden, 0)))
+     return AuthAbort;
+ 
+-  if (!strcmp(c2passwd, osf1c2crypt(passwd, c2passwd))) {
++  if ((crpt_passwd = osf1c2crypt(passwd, c2passwd)) && !strcmp(c2passwd, crpt_passwd)) {
+     dispose(passwd);
+     return AuthOk; /* Success */
+   }
+diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c
+index ec3a4e0..c0f6913 100644
+--- a/kcheckpass/checkpass_shadow.c
++++ b/kcheckpass/checkpass_shadow.c
+@@ -69,7 +69,7 @@ AuthReturn Authenticate(const char *method,
+   crpt_passwd = crypt(typed_in_password, password);
+ #endif
+ 
+-  if (!strcmp(password, crpt_passwd )) {
++  if (crpt_passwd && !strcmp(password, crpt_passwd )) {
+     dispose(typed_in_password);
+     return AuthOk; /* Success */
+   }
+diff --git a/kdm/backend/client.c b/kdm/backend/client.c
+index bdff6da..26bb0b4 100644
+--- a/kdm/backend/client.c
++++ b/kdm/backend/client.c
+@@ -540,6 +540,9 @@ verify(GConvFunc gconv, int rootok)
+ # if defined(HAVE_STRUCT_PASSWD_PW_EXPIRE) || defined(USESHADOW)
+     int tim, expir, warntime, quietlog;
+ # endif
++# if !defined(ultrix) && !defined(__ultrix__) && (defined(HAVE_PW_ENCRYPT) || defined(HAVE_CRYPT))
++    char *crpt_passwd;
++# endif
+ #endif
+ 
+     debug("verify ...
");
+@@ -752,9 +755,9 @@ verify(GConvFunc gconv, int rootok)
+ # if defined(ultrix) || defined(__ultrix__)
+     if (authenticate_user(p, curpass, 0) < 0)
+ # elif defined(HAVE_PW_ENCRYPT)
+-    if (strcmp(pw_encrypt(curpass, p->pw_passwd), p->pw_passwd))
++    if (!(crpt_passwd = pw_encrypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd))
+ # elif defined(HAVE_CRYPT)
+-    if (strcmp(crypt(curpass, p->pw_passwd), p->pw_passwd))
++    if (!(crpt_passwd = crypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd))
+ # else
+     if (strcmp(curpass, p->pw_passwd))
+ # endif
+-- 
+1.7.10.4
+

-- 
KDE Base Workspace module packaging

More information about the pkg-kde-commits mailing list