Accepting request 264450 from security:netfilter
- Add fix_h_expect_policy_free.patch to fix crash due to following a just-freed pointer [bnc#908875] OBS-URL: https://build.opensuse.org/request/show/264450 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libnetfilter_cthelper?expand=0&rev=10
This commit is contained in:
commit
d590c1a72a
21
fix_h_expect_policy_free.patch
Normal file
21
fix_h_expect_policy_free.patch
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
From: Chris Horler <cshorler@googlemail.com>
|
||||||
|
Date: 2014-12-08 11:54:20 CET
|
||||||
|
References: https://bugzilla.netfilter.org/show_bug.cgi?id=990
|
||||||
|
|
||||||
|
Dereferencing h after freeing leads to undefined behavior.
|
||||||
|
|
||||||
|
--- libnetfilter_cthelper-1.0.0.orig/src/libnetfilter_cthelper.c 2012-06-05 17:59:28.810356258 +0100
|
||||||
|
+++ libnetfilter_cthelper-1.0.0/src/libnetfilter_cthelper.c 2014-12-07 19:52:55.769975500 +0000
|
||||||
|
@@ -113,11 +113,11 @@
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
|
- free(h);
|
||||||
|
for (i=0; i<NF_CT_HELPER_CLASS_MAX; i++) {
|
||||||
|
if (h->expect_policy[i])
|
||||||
|
free(h->expect_policy[i]);
|
||||||
|
}
|
||||||
|
+ free(h);
|
||||||
|
}
|
||||||
|
EXPORT_SYMBOL(nfct_helper_free);
|
||||||
|
|
@ -1,3 +1,15 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Dec 8 17:27:32 UTC 2014 - jengelh@inai.de
|
||||||
|
|
||||||
|
- Remove version from subinclude directory; it tends to break
|
||||||
|
recompiles of third software after a library update.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Dec 7 19:58:44 UTC 2014 - cshorler@googlemail.com
|
||||||
|
|
||||||
|
- Add fix_h_expect_policy_free.patch to fix crash due to following
|
||||||
|
a just-freed pointer [bnc#908875]
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Sep 23 15:43:40 UTC 2014 - jengelh@inai.de
|
Tue Sep 23 15:43:40 UTC 2014 - jengelh@inai.de
|
||||||
|
|
||||||
|
@ -31,6 +31,7 @@ Source: http://netfilter.org/projects/libnetfilter_cthelper/files/%name-
|
|||||||
Source2: http://netfilter.org/projects/libnetfilter_cthelper/files/%name-%version.tar.bz2.sig
|
Source2: http://netfilter.org/projects/libnetfilter_cthelper/files/%name-%version.tar.bz2.sig
|
||||||
Source3: baselibs.conf
|
Source3: baselibs.conf
|
||||||
Source4: %name.keyring
|
Source4: %name.keyring
|
||||||
|
Patch1: fix_h_expect_policy_free.patch
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
#BuildRequires: autoconf
|
#BuildRequires: autoconf
|
||||||
#BuildRequires: automake >= 1.6
|
#BuildRequires: automake >= 1.6
|
||||||
@ -61,12 +62,13 @@ Netfilter userspace helper infrastructure.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
%patch -P 1 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
if [ ! -e configure ]; then
|
if [ ! -e configure ]; then
|
||||||
autoreconf -fi;
|
autoreconf -fi;
|
||||||
fi;
|
fi;
|
||||||
%configure --disable-static --includedir=%_includedir/%name-%version
|
%configure --disable-static --includedir="%_includedir/%name"
|
||||||
make %{?_smp_mflags}
|
make %{?_smp_mflags}
|
||||||
|
|
||||||
%install
|
%install
|
||||||
@ -83,7 +85,7 @@ rm -f "%buildroot/%_libdir"/*.la;
|
|||||||
|
|
||||||
%files devel
|
%files devel
|
||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
%_includedir/%name-%version
|
%_includedir/%name/
|
||||||
%_libdir/libnetfilter_cthelper.so
|
%_libdir/libnetfilter_cthelper.so
|
||||||
%_libdir/pkgconfig/libnetfilter_cthelper.pc
|
%_libdir/pkgconfig/libnetfilter_cthelper.pc
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user