[Pkg-silc-commits] r105 - in /silc-client/trunk: debian/changelog debian/control lib/silcapputil/silcapputil.c lib/silcsftp/sftp_client.c lib/silcutil/silcmime.c

lunar at users.alioth.debian.org lunar at users.alioth.debian.org
Wed Jun 27 13:27:45 UTC 2007 

Author: lunar
Date: Wed Jun 27 13:27:45 2007
New Revision: 105

URL: http://svn.debian.org/wsvn/pkg-silc/?sc=1&rev=105
Log:
* Depends on libsilc-1.1-2-dev to get security fixes into silc package.
* Backport fixes (for irssi-plugin-silc) to silc_create_key_pair(),
  silc_mime_decode() (exploitable buffer overflow) and
  silc_sftp_client_io (exploitable buffer overflow) from silc-toolkit 1.1.1.

Modified:
    silc-client/trunk/debian/changelog
    silc-client/trunk/debian/control
    silc-client/trunk/lib/silcapputil/silcapputil.c
    silc-client/trunk/lib/silcsftp/sftp_client.c
    silc-client/trunk/lib/silcutil/silcmime.c

Modified: silc-client/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-silc/silc-client/trunk/debian/changelog?rev=105&op=diff
==============================================================================
--- silc-client/trunk/debian/changelog (original)
+++ silc-client/trunk/debian/changelog Wed Jun 27 13:27:45 2007
@@ -1,3 +1,12 @@
+silc-client (1.1-2) unstable; urgency=low
+
+  * Depends on libsilc-1.1-2-dev to get security fixes into silc package.
+  * Backport fixes (for irssi-plugin-silc) to silc_create_key_pair(),
+    silc_mime_decode() (exploitable buffer overflow) and
+    silc_sftp_client_io (exploitable buffer overflow) from silc-toolkit 1.1.1.
+
+ -- Jérémy Bobbio <lunar at debian.org>  Wed, 27 Jun 2007 14:12:48 +0200
+
 silc-client (1.1-1) unstable; urgency=low
 
   * New upstream release

Modified: silc-client/trunk/debian/control
URL: http://svn.debian.org/wsvn/pkg-silc/silc-client/trunk/debian/control?rev=105&op=diff
==============================================================================
--- silc-client/trunk/debian/control (original)
+++ silc-client/trunk/debian/control Wed Jun 27 13:27:45 2007
@@ -4,7 +4,7 @@
 Maintainer: Debian SILC Team <pkg-silc-devel at lists.alioth.debian.org>
 Uploaders: Jérémy Bobbio <lunar at debian.org>
 Standards-Version: 3.7.2
-Build-Depends: debhelper (>> 5), libglib2.0-dev, ncurses-dev, autotools-dev, libsilc-1.1-1-dev, libperl-dev
+Build-Depends: debhelper (>> 5), libglib2.0-dev, ncurses-dev, autotools-dev, libsilc-1.1-2-dev, libperl-dev
 XS-Vcs-Svn: svn://svn.debian.org/pkg-silc/silc-client/trunk
 XS-Vcs-Browser: http://svn.debian.org/wsvn/pkg-silc/silc-client/trunk
 

Modified: silc-client/trunk/lib/silcapputil/silcapputil.c
URL: http://svn.debian.org/wsvn/pkg-silc/silc-client/trunk/lib/silcapputil/silcapputil.c?rev=105&op=diff
==============================================================================
--- silc-client/trunk/lib/silcapputil/silcapputil.c (original)
+++ silc-client/trunk/lib/silcapputil/silcapputil.c Wed Jun 27 13:27:45 2007
@@ -144,6 +144,12 @@
     }
 
     silc_free(def);
+  }
+
+  if (!strstr(identifier, "UN=") || !strstr(identifier, "HN=")) {
+    fprintf(stderr, "Invalid public key identifier.  You must specify both "
+	    "UN and HN\n");
+    return FALSE;
   }
 
   rng = silc_rng_alloc();
@@ -202,12 +208,14 @@
     return FALSE;
 
   /* Save public key into file */
-  silc_pkcs_save_public_key(pkfile, public_key, SILC_PKCS_FILE_BASE64);
+  if (!silc_pkcs_save_public_key(pkfile, public_key, SILC_PKCS_FILE_BASE64))
+    return FALSE;
 
   /* Save private key into file */
-  silc_pkcs_save_private_key(prvfile, private_key,
-			     (const unsigned char *)pass, strlen(pass),
-			     SILC_PKCS_FILE_BIN, rng);
+  if (!silc_pkcs_save_private_key(prvfile, private_key,
+				  (const unsigned char *)pass, strlen(pass),
+				  SILC_PKCS_FILE_BIN, rng))
+    return FALSE;
 
   if (return_public_key)
     *return_public_key = public_key;

Modified: silc-client/trunk/lib/silcsftp/sftp_client.c
URL: http://svn.debian.org/wsvn/pkg-silc/silc-client/trunk/lib/silcsftp/sftp_client.c?rev=105&op=diff
==============================================================================
--- silc-client/trunk/lib/silcsftp/sftp_client.c (original)
+++ silc-client/trunk/lib/silcsftp/sftp_client.c Wed Jun 27 13:27:45 2007
@@ -330,7 +330,7 @@
 				void *context)
 {
   SilcSFTPClient sftp = context;
-  unsigned char inbuf[63488];
+  unsigned char inbuf[65536];
   SilcBufferStruct packet;
   int ret;
 

Modified: silc-client/trunk/lib/silcutil/silcmime.c
URL: http://svn.debian.org/wsvn/pkg-silc/silc-client/trunk/lib/silcutil/silcmime.c?rev=105&op=diff
==============================================================================
--- silc-client/trunk/lib/silcutil/silcmime.c (original)
+++ silc-client/trunk/lib/silcutil/silcmime.c Wed Jun 27 13:27:45 2007
@@ -198,6 +198,7 @@
   if (field && strstr(field, "multipart")) {
     char b[1024];
     SilcMime p;
+    unsigned int len;
 
     mime->multiparts = silc_dlist_init();
     if (!mime->multiparts)
@@ -213,7 +214,10 @@
     if (!strchr(field, ';'))
       goto err;
     memset(b, 0, sizeof(b));
-    strncat(b, value, strchr(field, ';') - value);
+    len = (unsigned int)(strchr(field, ';') - value);
+    if (len > sizeof(b) - 1)
+      goto err;
+    strncpy(b, value, len);
     if (strchr(b, '"'))
       *strchr(b, '"') = '\0';
     mime->multitype = silc_memdup(b, strlen(b));

More information about the Pkg-silc-commits mailing list