Blame - import-layers/meta-openembedded/meta-networking/recipes-daemons/vsftpd/vsftpd-3.0.3/vsftpd-2.1.0-filter.patch - openbmc/openbmc

blob: 32f7e82183d626727c605738f3390d9ba4a523bc [file] [log] [blame]

Patrick Williams	b48b7b4	2016-08-17 15:04:38 -0500	[diff] [blame^]	1	Fix the CVE-2015-1419
				2
				3	Upstream-Status: Pending
				4
				5	Try to fix deny_file parsing to do more what is expected. Taken
				6	from fedora. CVE-2015-1419
				7
				8	ftp://195.220.108.108/linux/fedora/linux/development/rawhide/source/SRPMS/v/vsftpd-3.0.2-13.fc22.src.rpm
				9
				10	Signed-off-by: Roy Li <rongqing.li@windriver.com>
				11
				12	diff -up vsftpd-2.1.0/ls.c.filter vsftpd-2.1.0/ls.c
				13	--- vsftpd-2.1.0/ls.c.filter 2008-02-02 02:30:41.000000000 +0100
				14	+++ vsftpd-2.1.0/ls.c 2009-01-08 19:31:15.000000000 +0100
				15	@@ -239,9 +239,31 @@ vsf_filename_passes_filter(const struct
				16	int ret = 0;
				17	char last_token = 0;
				18	int must_match_at_current_pos = 1;
				19	+
				20	+
				21	str_copy(&filter_remain_str, p_filter_str);
				22	- str_copy(&name_remain_str, p_filename_str);
				23	-
				24	+
				25	+ if (!str_isempty (&filter_remain_str) && !str_isempty(p_filename_str)) {
				26	+ if (str_get_char_at(p_filter_str, 0) == '/') {
				27	+ if (str_get_char_at(p_filename_str, 0) != '/') {
				28	+ str_getcwd (&name_remain_str);
				29	+
				30	+ if (str_getlen(&name_remain_str) > 1) /* cwd != root dir */
				31	+ str_append_char (&name_remain_str, '/');
				32	+
				33	+ str_append_str (&name_remain_str, p_filename_str);
				34	+ }
				35	+ else
				36	+ str_copy (&name_remain_str, p_filename_str);
				37	+ } else {
				38	+ if (str_get_char_at(p_filter_str, 0) != '{')
				39	+ str_basename (&name_remain_str, p_filename_str);
				40	+ else
				41	+ str_copy (&name_remain_str, p_filename_str);
				42	+ }
				43	+ } else
				44	+ str_copy(&name_remain_str, p_filename_str);
				45	+
				46	while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX)
				47	{
				48	static struct mystr s_match_needed_str;
				49	diff -up vsftpd-2.1.0/str.c.filter vsftpd-2.1.0/str.c
				50	--- vsftpd-2.1.0/str.c.filter 2008-12-17 06:54:16.000000000 +0100
				51	+++ vsftpd-2.1.0/str.c 2009-01-08 19:31:15.000000000 +0100
				52	@@ -680,3 +680,14 @@ str_replace_unprintable(struct mystr* p_
				53	}
				54	}
				55
				56	+void
				57	+str_basename (struct mystr* d_str, const struct mystr* path)
				58	+{
				59	+ static struct mystr tmp;
				60	+
				61	+ str_copy (&tmp, path);
				62	+ str_split_char_reverse(&tmp, d_str, '/');
				63	+
				64	+ if (str_isempty(d_str))
				65	+ str_copy (d_str, path);
				66	+}
				67	diff -up vsftpd-2.1.0/str.h.filter vsftpd-2.1.0/str.h
				68	--- vsftpd-2.1.0/str.h.filter 2008-12-17 06:53:23.000000000 +0100
				69	+++ vsftpd-2.1.0/str.h 2009-01-08 19:32:14.000000000 +0100
				70	@@ -100,6 +100,7 @@ void str_replace_unprintable(struct myst
				71	int str_atoi(const struct mystr* p_str);
				72	filesize_t str_a_to_filesize_t(const struct mystr* p_str);
				73	unsigned int str_octal_to_uint(const struct mystr* p_str);
				74	+void str_basename (struct mystr* d_str, const struct mystr* path);
				75
				76	/* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string
				77	* buffer, starting at character position 'p_pos'. The extracted line will