Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p1.patch
diff options
context:
space:
mode:
Diffstat (limited to 'net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p1.patch')
-rw-r--r--net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p1.patch70
1 files changed, 0 insertions, 70 deletions
diff --git a/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p1.patch b/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p1.patch
deleted file mode 100644
index 03dd1d82fd6f..000000000000
--- a/net-ftp/proftpd/files/proftpd-1.3.5a-unbound-sftp-p1.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-commit a24db7f9864240a4ebb236a6615ec649138fef0e
-Author: TJ Saunders <tj@castaglia.org>
-Date: Sat Nov 28 17:08:03 2015 -0800
-
- Bug#4210 - Avoid unbounded SFTP extension key/values.
-
-diff --git a/contrib/mod_sftp/fxp.c b/contrib/mod_sftp/fxp.c
-index 5d9ae17..03c7eb5 100644
---- a/contrib/mod_sftp/fxp.c
-+++ b/contrib/mod_sftp/fxp.c
-@@ -241,6 +241,9 @@ struct fxp_extpair {
- unsigned char *ext_data;
- };
-
-+/* Maximum length of SFTP extension name, AND of the extension value. */
-+#define SFTP_EXT_MAX_LEN 1024
-+
- static pool *fxp_pool = NULL;
- static int fxp_use_gmt = TRUE;
-
-@@ -1240,6 +1243,14 @@ static struct fxp_extpair *fxp_msg_read_extpair(pool *p, unsigned char **buf,
- SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL);
- }
-
-+ if (namelen > SFTP_EXT_MAX_LEN) {
-+ (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION,
-+ "received too-long SFTP extension name (%lu > max %lu), ignoring",
-+ (unsigned long) namelen, (unsigned long) SFTP_EXT_MAX_LEN);
-+ errno = EINVAL;
-+ return NULL;
-+ }
-+
- name = palloc(p, namelen + 1);
- memcpy(name, *buf, namelen);
- (*buf) += namelen;
-@@ -1248,6 +1259,14 @@ static struct fxp_extpair *fxp_msg_read_extpair(pool *p, unsigned char **buf,
-
- datalen = sftp_msg_read_int(p, buf, buflen);
- if (datalen > 0) {
-+ if (datalen > SFTP_EXT_MAX_LEN) {
-+ (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION,
-+ "received too-long SFTP extension '%s' data (%lu > max %lu), ignoring",
-+ name, (unsigned long) datalen, (unsigned long) SFTP_EXT_MAX_LEN);
-+ errno = EINVAL;
-+ return NULL;
-+ }
-+
- data = sftp_msg_read_data(p, buf, buflen, datalen);
-
- } else {
-@@ -2210,11 +2229,13 @@ static struct stat *fxp_attrs_read(struct fxp_packet *fxp, unsigned char **buf,
- struct fxp_extpair *ext;
-
- ext = fxp_msg_read_extpair(fxp->pool, buf, buflen);
-- pr_trace_msg(trace_channel, 15,
-- "protocol version %lu: read EXTENDED attribute: "
-- "extension '%s' (%lu bytes of data)",
-- (unsigned long) fxp_session->client_version, ext->ext_name,
-- (unsigned long) ext->ext_datalen);
-+ if (ext != NULL) {
-+ pr_trace_msg(trace_channel, 15,
-+ "protocol version %lu: read EXTENDED attribute: "
-+ "extension '%s' (%lu bytes of data)",
-+ (unsigned long) fxp_session->client_version, ext->ext_name,
-+ (unsigned long) ext->ext_datalen);
-+ }
- }
- }
-
-