Accepting request 596060 from home:BinLiu:branches:network:ha-clustering:Factory

OBS-URL: https://build.opensuse.org/request/show/596060
OBS-URL: https://build.opensuse.org/package/show/network:ha-clustering:Factory/corosync?expand=0&rev=140

0018-bsc#1089346-corosync-Integer-overflow-in-totemcrypto.patch

@@ -0,0 +1,26 @@
+--- corosync-2.4.3.orig/exec/totemcrypto.c	2017-10-20 20:40:19.000000000 +0800
++++ corosync-2.4.3/exec/totemcrypto.c	2018-04-13 13:01:02.864922963 +0800
+@@ -736,6 +736,11 @@
+ 		unsigned char	tmp_hash[hash_len[instance->crypto_hash_type]];
+ 		int             datalen = *buf_len - hash_len[instance->crypto_hash_type];
+ 
++		if (*buf_len <= hash_len[instance->crypto_hash_type]) {
++			log_printf(instance->log_level_security, "Received message is too short...  ignoring");
++			return -1;
++		}
++        
+ 		if (calculate_nss_hash(instance, buf, datalen, tmp_hash) < 0) {
+ 			return -1;
+ 		}
+@@ -845,6 +850,11 @@
+ {
+ 	struct crypto_config_header *cch = (struct crypto_config_header *)buf;
+ 
++	if (*buf_len <= sizeof(struct crypto_config_header)) {
++		log_printf(instance->log_level_security, "Received message is too short...  ignoring");
++		return (-1);
++	}
++    
+ 	if (cch->crypto_cipher_type != CRYPTO_CIPHER_TYPE_2_3) {
+ 		log_printf(instance->log_level_security,
+ 			   "Incoming packet has different crypto type. Rejecting");

corosync.spec

@@ -79,6 +79,7 @@ Patch21:        0014-logging-Close-before-and-open-blackbox-after-fork.patch
 Patch22:        0015-coverity-fixes.patch
 Patch23:        0016-bsc#1083561-upgrade-from-1-x-y.patch
 Patch24:        0017-bsc#1088619-add-version.patch
+Patch25:        0018-bsc#1089346-corosync-Integer-overflow-in-totemcrypto.patch
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 # openais is indeed gone and should be uninstalled. Yes, we do not
@@ -168,6 +169,7 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %patch22 -p1
 %patch23 -p1
 %patch24 -p1
+%patch25 -p1
 
 %build
 %if %{with runautogen}