Accepting request 45248 from network:vpn

Copy from network:vpn/strongswan based on submit request 45248 from user mtomaschewski

OBS-URL: https://build.opensuse.org/request/show/45248
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/strongswan?expand=0&rev=25
This commit is contained in:
OBS User autobuild 2010-08-13 00:40:58 +00:00 committed by Git OBS Bridge
parent 8ec0a8d6be
commit a20c4c2cac
3 changed files with 115 additions and 1 deletions

View File

@ -0,0 +1,105 @@
From 96e2f9f3a70a7c918772f7dde57c6cb8befbc60e Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Fri, 18 Jun 2010 09:18:27 +0200
Subject: [PATCH] snprintf() fixes, version 4.4.0
---
.../credentials/ietf_attributes/ietf_attributes.c | 13 +++++++++++--
src/libstrongswan/utils/identification.c | 12 ++++++++++++
src/pluto/x509.c | 4 ++++
3 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
index ff3ddeb..de5b85b 100644
--- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
+++ b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
@@ -159,7 +159,7 @@ static char* get_string(private_ietf_attributes_t *this)
enumerator = this->list->create_enumerator(this->list);
while (enumerator->enumerate(enumerator, &attr))
{
- int written = 0;
+ int written;
if (first)
{
@@ -168,8 +168,12 @@ static char* get_string(private_ietf_attributes_t *this)
else
{
written = snprintf(pos, len, ", ");
+ if (written < 0 || written >= len)
+ {
+ break;
+ }
pos += written;
- len -= written;
+ len -= written;
}
switch (attr->type)
@@ -194,8 +198,13 @@ static char* get_string(private_ietf_attributes_t *this)
break;
}
default:
+ written = 0;
break;
}
+ if (written < 0 || written >= len)
+ {
+ break;
+ }
pos += written;
len -= written;
}
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index 6a3c393..6ccfa19 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -297,18 +297,30 @@ static void dntoa(chunk_t dn, char *buf, size_t len)
{
written = snprintf(buf, len,"%s=", oid_names[oid].name);
}
+ if (written < 0 || written >= len)
+ {
+ break;
+ }
buf += written;
len -= written;
chunk_printable(data, &printable, '?');
written = snprintf(buf, len, "%.*s", printable.len, printable.ptr);
chunk_free(&printable);
+ if (written < 0 || written >= len)
+ {
+ break;
+ }
buf += written;
len -= written;
if (data.ptr + data.len != dn.ptr + dn.len)
{
written = snprintf(buf, len, ", ");
+ if (written < 0 || written >= len)
+ {
+ break;
+ }
buf += written;
len -= written;
}
diff --git a/src/pluto/x509.c b/src/pluto/x509.c
index 0a29830..0abebc6 100644
--- a/src/pluto/x509.c
+++ b/src/pluto/x509.c
@@ -393,6 +393,10 @@ void list_x509cert_chain(const char *caption, cert_t* cert,
{
written = snprintf(pos, len, ", %Y", id);
}
+ if (written < 0 || written >= len)
+ {
+ break;
+ }
pos += written;
len -= written;
}
--
1.7.0.4

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Fri Jul 2 15:40:17 UTC 2010 - mt@suse.de
- Applied upstream patch fixing snprintf flaws in the strongSwan
IKE daemons exploitable by unauthenticated attackers using a
crafted certificate or identification payload (bnc#615915).
-------------------------------------------------------------------
Fri Jul 2 14:16:18 UTC 2010 - mt@suse.de

View File

@ -23,7 +23,7 @@ Name: strongswan
%define strongswan_docdir %{_docdir}/%{name}
%define strongswan_plugins %{_libexecdir}/ipsec/plugins
Version: 4.4.0
Release: 2
Release: 6
License: GPLv2+
Group: Productivity/Networking/Security
Summary: OpenSource IPsec-based VPN Solution
@ -38,6 +38,7 @@ Source2: %{name}.init.in
Source3: %{name}-%{version}-rpmlintrc
Source4: README.SUSE
Patch1: %{name}_modprobe_syslog.patch
Patch2: %{name}-4.4.0-snprintf-fix.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison flex gmp-devel gperf pkg-config
BuildRequires: libcap-devel
@ -189,6 +190,7 @@ NetworkManager-strongswan graphical user interface.
%prep
%setup -q -n %{name}-%{upstream_version}
%patch1 -p0
%patch2 -p1
sed -e 's|@libexecdir@|%_libexecdir|g' \
< $RPM_SOURCE_DIR/strongswan.init.in \
> strongswan.init