[Pkg-mysql-commits] r1822 - mysql-dfsg-5.1/branches/unstable/debian/patches
Norbert Tretkowski
nobse at alioth.debian.org
Sun Jan 31 16:46:09 UTC 2010
Author: nobse
Date: 2010-01-31 16:46:08 +0000 (Sun, 31 Jan 2010)
New Revision: 1822
Removed:
mysql-dfsg-5.1/branches/unstable/debian/patches/96_SECURITY_CVE-2009-4484.dpatch
Modified:
mysql-dfsg-5.1/branches/unstable/debian/patches/00list
Log:
Drop 96_SECURITY_CVE-2009-4484.dpatch
Modified: mysql-dfsg-5.1/branches/unstable/debian/patches/00list
===================================================================
--- mysql-dfsg-5.1/branches/unstable/debian/patches/00list 2010-01-31 16:44:02 UTC (rev 1821)
+++ mysql-dfsg-5.1/branches/unstable/debian/patches/00list 2010-01-31 16:46:08 UTC (rev 1822)
@@ -8,4 +8,3 @@
41_scripts__mysql_install_db.sh__no_test.dpatch
44_scripts__mysql_config__libs.dpatch
50_mysql-test__db_test.dpatch
-96_SECURITY_CVE-2009-4484.dpatch
Deleted: mysql-dfsg-5.1/branches/unstable/debian/patches/96_SECURITY_CVE-2009-4484.dpatch
===================================================================
--- mysql-dfsg-5.1/branches/unstable/debian/patches/96_SECURITY_CVE-2009-4484.dpatch 2010-01-31 16:44:02 UTC (rev 1821)
+++ mysql-dfsg-5.1/branches/unstable/debian/patches/96_SECURITY_CVE-2009-4484.dpatch 2010-01-31 16:46:08 UTC (rev 1822)
@@ -1,245 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 96_SECURITY_CVE-2009-4484.dpatch by Norbert Tretkowski <nobse at debian.org>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Fix for CVE-2009-4484: Copying issuer's (or subject's) name tags into an
-## DP: internal buffer from incoming stream we didn't check the buffer overflow.
-## DP: That may lead to memory overrun, crash etc.
-
-
- at DPATCH@
-=== modified file 'extra/yassl/taocrypt/include/asn.hpp'
---- a/extra/yassl/taocrypt/include/asn.hpp 2007-01-29 15:54:40 +0000
-+++ b/extra/yassl/taocrypt/include/asn.hpp 2010-01-13 05:20:45 +0000
-@@ -305,6 +305,7 @@ private:
- bool ValidateSignature(SignerList*);
- bool ConfirmSignature(Source&);
- void GetKey();
-+ char* AddTag(char*, const char*, const char*, word32, word32);
- void GetName(NameType);
- void GetValidity();
- void GetDate(DateType);
-
-=== modified file 'extra/yassl/taocrypt/src/asn.cpp'
---- a/extra/yassl/taocrypt/src/asn.cpp 2009-06-29 13:17:01 +0000
-+++ b/extra/yassl/taocrypt/src/asn.cpp 2010-01-13 05:20:45 +0000
-@@ -652,6 +652,23 @@ word32 CertDecoder::GetDigest()
- }
-
-
-+char *CertDecoder::AddTag(char *ptr, const char *buf_end,
-+ const char *tag_name, word32 tag_name_length,
-+ word32 tag_value_length)
-+{
-+ if (ptr + tag_name_length + tag_value_length > buf_end)
-+ return 0;
-+
-+ memcpy(ptr, tag_name, tag_name_length);
-+ ptr+= tag_name_length;
-+
-+ memcpy(ptr, source_.get_current(), tag_value_length);
-+ ptr+= tag_value_length;
-+
-+ return ptr;
-+}
-+
-+
- // process NAME, either issuer or subject
- void CertDecoder::GetName(NameType nt)
- {
-@@ -659,11 +676,21 @@ void CertDecoder::GetName(NameType nt)
-
- SHA sha;
- word32 length = GetSequence(); // length of all distinguished names
-- assert (length < ASN_NAME_MAX);
-+
-+ if (length >= ASN_NAME_MAX)
-+ goto err;
- length += source_.get_index();
-
-- char* ptr = (nt == ISSUER) ? issuer_ : subject_;
-- word32 idx = 0;
-+ char *ptr, *buf_end;
-+
-+ if (nt == ISSUER) {
-+ ptr= issuer_;
-+ buf_end= ptr + sizeof(issuer_) - 1; // 1 byte for trailing 0
-+ }
-+ else {
-+ ptr= subject_;
-+ buf_end= ptr + sizeof(subject_) - 1; // 1 byte for trailing 0
-+ }
-
- while (source_.get_index() < length) {
- GetSet();
-@@ -685,47 +712,36 @@ void CertDecoder::GetName(NameType nt)
- byte id = source_.next();
- b = source_.next(); // strType
- word32 strLen = GetLength(source_);
-- bool copy = false;
-
-- if (id == COMMON_NAME) {
-- memcpy(&ptr[idx], "/CN=", 4);
-- idx += 4;
-- copy = true;
-- }
-- else if (id == SUR_NAME) {
-- memcpy(&ptr[idx], "/SN=", 4);
-- idx += 4;
-- copy = true;
-- }
-- else if (id == COUNTRY_NAME) {
-- memcpy(&ptr[idx], "/C=", 3);
-- idx += 3;
-- copy = true;
-- }
-- else if (id == LOCALITY_NAME) {
-- memcpy(&ptr[idx], "/L=", 3);
-- idx += 3;
-- copy = true;
-- }
-- else if (id == STATE_NAME) {
-- memcpy(&ptr[idx], "/ST=", 4);
-- idx += 4;
-- copy = true;
-- }
-- else if (id == ORG_NAME) {
-- memcpy(&ptr[idx], "/O=", 3);
-- idx += 3;
-- copy = true;
-- }
-- else if (id == ORGUNIT_NAME) {
-- memcpy(&ptr[idx], "/OU=", 4);
-- idx += 4;
-- copy = true;
-- }
--
-- if (copy) {
-- memcpy(&ptr[idx], source_.get_current(), strLen);
-- idx += strLen;
-+ switch (id) {
-+ case COMMON_NAME:
-+ if (!(ptr= AddTag(ptr, buf_end, "/CN=", 4, strLen)))
-+ goto err;
-+ break;
-+ case SUR_NAME:
-+ if (!(ptr= AddTag(ptr, buf_end, "/SN=", 4, strLen)))
-+ goto err;
-+ break;
-+ case COUNTRY_NAME:
-+ if (!(ptr= AddTag(ptr, buf_end, "/C=", 3, strLen)))
-+ goto err;
-+ break;
-+ case LOCALITY_NAME:
-+ if (!(ptr= AddTag(ptr, buf_end, "/L=", 3, strLen)))
-+ goto err;
-+ break;
-+ case STATE_NAME:
-+ if (!(ptr= AddTag(ptr, buf_end, "/ST=", 4, strLen)))
-+ goto err;
-+ break;
-+ case ORG_NAME:
-+ if (!(ptr= AddTag(ptr, buf_end, "/O=", 3, strLen)))
-+ goto err;
-+ break;
-+ case ORGUNIT_NAME:
-+ if (!(ptr= AddTag(ptr, buf_end, "/OU=", 4, strLen)))
-+ goto err;
-+ break;
- }
-
- sha.Update(source_.get_current(), strLen);
-@@ -739,23 +755,20 @@ void CertDecoder::GetName(NameType nt)
- source_.advance(oidSz + 1);
- word32 length = GetLength(source_);
-
-- if (email) {
-- memcpy(&ptr[idx], "/emailAddress=", 14);
-- idx += 14;
--
-- memcpy(&ptr[idx], source_.get_current(), length);
-- idx += length;
-- }
-+ if (email && !(ptr= AddTag(ptr, buf_end, "/emailAddress=", 14, length)))
-+ goto err;
-
- source_.advance(length);
- }
- }
-- ptr[idx++] = 0;
-+ *ptr= 0;
-
-- if (nt == ISSUER)
-- sha.Final(issuerHash_);
-- else
-- sha.Final(subjectHash_);
-+ sha.Final(nt == ISSUER ? issuerHash_ : subjectHash_);
-+
-+ return;
-+
-+err:
-+ source_.SetError(CONTENT_E);
- }
-
-
-
-
---Boundary_(ID_+NCS5Ir28uUsrYRvF/Mg8g)
-MIME-version: 1.0
-Content-type: text/bzr-bundle; CHARSET=US-ASCII;
- name="bzr/ramil at stripped"
-Content-transfer-encoding: 7BIT
-Content-disposition: inline;
- filename="bzr/ramil at stripped"
-
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: ramil at stripped
-# target_branch: file:///home/ram/mysql/b50227-5.0-bugteam/
-# testament_sha1: efdd6cde5d04e8642a9e836e161402ebaf5659bd
-# timestamp: 2010-01-13 09:20:50 +0400
-# base_revision_id: gshchepa at stripped
-#
-# Begin bundle
-IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWc88VrsABGX/gFRVAQB5////
-/+/+YL////pgCQ+1o92KUFA1rWru46O7AOgAqGSjE0Uem1T1B6j1PU9NQMgaDT1AAAAeoDQAkkjU
-ZU9soyPUZENTamjJoNBhB6gPRAAA0DhoZNNDTI0NMjIMjI0MgMTRk0AZMjEMMhEU9DSbU0zKAYyg
-A9QANAAAADQOGhk00NMjQ0yMgyMjQyAxNGTQBkyMQwkkJoNAmmgCZBkTTTEKeZJpig0NPU0B5NR+
-kaZjNA+CCh/p85dE4vv03CwNQCyoWYIFgSQo20Jc+6w30JvunCsoclCKTJY9GGVqYZ6B0yxV6YJN
-kz1+aEyo+myYF2WRCmjO/G150z54EOF0cUUIWNitkIVQyEgYBKB1OFxiBht+YHz/Sx59W+pQwpri
-1HWrB5ioIUREJj209CJ8DHVha5FLpW9TWH123oCjBbaoDRmo3ThU/pjCZk1Tc9pnPzwzsBsMHG16
-6kx2dOYB9SbkWQsE+WqdOqdsmT99aCUDy8k4+vKf8vx+nkvsYW8acnys1X457TGtSkTka9mR5B0x
-IqKWedTEviWAXlOlKjnpeZlZpBEBLHVSpsF4ltxhIhVOObbJxk2deiCnPduV/wm4O6604XOa4CAD
-ATQuunANC4r+Vs2XTWp0r80zh4bm9fncoAcx8AI7vruA7t3E5enuonAjglHLNr/rVOYhgjwZDh86
-B3SAyDwK+L2OgZmdZc1s8ka+Ao7QXN7KFqFUocXv4AYF3qhfjsTlJVOsuqu7ttt7cWfVcyQyHMiv
-kLUaEq53XepF/rPJpD8BUR22ugkDO18YPhB1LwXncBuGSGIJDYhtAfEeKYB7DCqAh4TDyDYlBEhU
-oj6iQ4+x7FUTnjMoog0GUYDiDN0MkPYlbx6cZUK8kYZDKKgUvyGSmu6QFt4r1C1OlZHAiFzGZypJ
-c9bXTligPOY4DAcxGtmMKyAMUK5PPEEVATlDKaKwxBxSLOayAGEJtlGe5y01ifG6hyKS4jlMNfPl
-pjTqpzRCADK4uZPZYg4WrjVhk5gLZseSlSC4oP/rdd3LoTpwH45ab8jqa5g2TD1qOUmrInWmFPPN
-NS+UUEF7ylbpOOIqpV6ltrq2KGNxdbvNa+QG62rYrBZiBtUusJgMxo0mQpYwomrGoi4oMALlsWuU
-puUc+FWWoH8GJEXLOmKFVUKW/KWHPsV3D2cirn0Wung2kfsM2W0o5vLJIhUMGI2dNQWBmOHg4Np5
-K5aZZacvJeGgCiYUjbMaNhUFIxDJO64xNKuqpamVFZZO7gP52IHStvpSsXf2bKrSyg4mTNNbfWQg
-QeMmDSPZMUzzonz98tTUP3jtz+8iKKTxpHE7Fhmcl8WUXMB4jWjfA9Pz+nJg+cCWKbAWQLWQskdo
-ITmCjfNEjQqyQwKjnhdrRKAEfDG8COT9ekegolrGTM3mv0tH8WPx0HNWlTZrHum9+/EX9ZtXqjcy
-O6V0qz7T0JVzAZK6LXgY3tlc/FgjQU1E73KaKoKDGrbMqbNy5F9iFcRtLjGhos3KkXWxP1c6fTYm
-0plRcsKzrX7hpWdE98F8gxCcsFKIQZwWojeJkPAiGofNePHC8TtPku86z8C47FapEj1ln395+BSU
-tEbCcpnSKREggh3hHF9LMYf7s9APT0jcvoKeB2uMA9z0SYMANIE/kej8l2ucnbQy0sdlRFP/fiBA
-0nK41nnNJgGLPWiXvvYWksn4Su1sA31OOZDMstBiL4UD2oCqKNOoShTqrxvTC6I/gl2GIQhjioXI
-13QqqpuHtNeSJ9QKrC+QXBh9IBCXEThsoCEjnmK1apPcg6B1+8xCJEPaR9s4e0mCIHIkXVjj3pHS
-Nk2FcXlRRyrl8K4HJ7FbKo2+sBiH9licxDa/STtngOVEwzF87ZTO59oStl4lYTmqMXHnK0TIjpGZ
-hto4ee9GxBVN7lpH9JvIjlbcsxOlLQBhtN+GLf8GBdCUAOpC3TiPHnLE5MLeVq/ebmDPMxsgEaAl
-Dqkggqf5mkXE57sQqaX8ZpRBaJ0cxsKakjR0nBLifA0E/DvNi1oVRoEVp6XQv0PNtMDOs4SW5h4i
-GZ4YjoEiA1WitQIcang5CVa8Jev1/RLJZB6taCNU3BTNdBzaDhMQ5BcsqIA5CUBHKpxnGEV4GQpe
-3bplIgF63pDvj1rflAbNt83YI6qTcl495xmWnpsXN1iG6RDEiPUUh5W+l5mRn3znxLCJi3ZO6tBt
-o6UEFO3d7arwpCj2rYvcutHFd6ZbdoGtKiOpFyhUNxBWGNDgmEMfBxwadksba6zM0GRhO05F9/Wd
-ilyh6u6q0pD4Jz1mIDIURzHWr3D0jK9dpw5sp55xFRva9ShSp+DZ+2xeQKUxfXU9P0E2mJYlAwEP
-eBNF4DT1ahgYOWUAoEMhlORrksFECM9ThF+6Sq24xsBh4yq9LOTDClY9T9aRazrYhrTig13p5AAp
-kMEmDBqeF5JjAsNbieKOuEy0zWsbJSQUK4yKQYBUBmmEZdlmZULdu3C0dinVZkFoT+EOiDJkzXyk
-mOfzhabGPk4BmHOcB7TCouMVR2r8l1V6QXRzsjlVSrHuBzOB4l4wFtWZb3jIJgThkmTBOhj6ZzxB
-ijLarSR5lUDiX3VCVZ2W3gZ/LZ7OT2PMrJ9gdqaV6vT+3Jeegn6BYdCoEU/m4JmCTBFODUH3f2uK
-LtdFozODSB6NXojBanrBVrNoZA8cVEgY99Ih1M281tJznM3SCqhYikO2xD3BO5kUgutq0eqETt91
-TyKND5ONU1ew18Vo1VECNANQUdwNGvJ3MgdiZjz1ZNBvrybbq0YQW9Mi8YgBNRlHj3oHF6HrBCTk
-pBAcQCLBZH3K5TBzzo/dzF4no60kWpnrbxpUZljc9yoHDlrhitnBawneqEoc1iBymCgDmxNmVLc7
-E9qyprFnWjNERyLNLQO2DaVtUC1QuW81FBALYgrh0r0bn7wL+TTOBFds4D/i7kinChIZ54rXYA==
-
-
---Boundary_(ID_+NCS5Ir28uUsrYRvF/Mg8g)--
More information about the Pkg-mysql-commits
mailing list