From be709e4f90179dbbb9b4ca7be9da452d1310e6e9971ea84ac51e4e3369381ecd Mon Sep 17 00:00:00 2001 From: Sascha Peilicke Date: Tue, 14 Jun 2011 08:58:07 +0000 Subject: [PATCH] Accepting request 73431 from server:database security fix OBS-URL: https://build.opensuse.org/request/show/73431 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/unixODBC?expand=0&rev=12 --- unixODBC-2.2.12-CVE-2011-1145.patch | 26 ++++++++++++++++++++++++++ unixODBC-gui-qt.changes | 5 +++++ unixODBC-gui-qt.spec | 2 ++ unixODBC.changes | 5 +++++ unixODBC.spec | 2 ++ 5 files changed, 40 insertions(+) create mode 100644 unixODBC-2.2.12-CVE-2011-1145.patch diff --git a/unixODBC-2.2.12-CVE-2011-1145.patch b/unixODBC-2.2.12-CVE-2011-1145.patch new file mode 100644 index 0000000..d0913f5 --- /dev/null +++ b/unixODBC-2.2.12-CVE-2011-1145.patch @@ -0,0 +1,26 @@ +--- trunk/DriverManager/SQLDriverConnect.c 2011/01/12 15:50:07 23 ++++ trunk/DriverManager/SQLDriverConnect.c 2011/03/09 15:38:55 27 +@@ -664,7 +664,7 @@ + { + DMHDBC connection = (DMHDBC)hdbc; + struct con_struct con_struct; +- char *driver, *dsn = NULL, *filedsn, *tsavefile, savefile[ 128 ]; ++ char *driver, *dsn = NULL, *filedsn, *tsavefile, savefile[ INI_MAX_PROPERTY_VALUE + 1 ]; + char lib_name[ INI_MAX_PROPERTY_VALUE + 1 ]; + char driver_name[ INI_MAX_PROPERTY_VALUE + 1 ]; + SQLRETURN ret_from_connect; +@@ -969,7 +969,13 @@ + tsavefile = __get_attribute_value( &con_struct, "SAVEFILE" ); + if ( tsavefile ) + { +- strcpy( savefile, tsavefile ); ++ if ( strlen( tsavefile ) > INI_MAX_PROPERTY_VALUE ) { ++ memcpy( savefile, tsavefile, INI_MAX_PROPERTY_VALUE ); ++ savefile[ INI_MAX_PROPERTY_VALUE ] = '\0'; ++ } ++ else { ++ strcpy( savefile, tsavefile ); ++ } + } + else + { diff --git a/unixODBC-gui-qt.changes b/unixODBC-gui-qt.changes index ecc3aec..427a389 100644 --- a/unixODBC-gui-qt.changes +++ b/unixODBC-gui-qt.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Jun 13 11:17:00 CEST 2011 - mhrusecky@suse.cz + +- fixed CVE-2011-1145 (bnc#678796) + ------------------------------------------------------------------- Mon Oct 13 15:45:51 CEST 2008 - nadvornik@suse.cz diff --git a/unixODBC-gui-qt.spec b/unixODBC-gui-qt.spec index 37ef684..69fdcab 100644 --- a/unixODBC-gui-qt.spec +++ b/unixODBC-gui-qt.spec @@ -39,6 +39,7 @@ Patch8: unixODBC-%{version}-dm.patch Patch10: unixODBC-%{version}-libodbcinst-exports.patch Patch11: unixODBC-%{version}-flex.patch Patch12: unixODBC-%{version}-ctracing.patch +Patch13: unixODBC-2.2.12-CVE-2011-1145.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -62,6 +63,7 @@ Authors: %patch10 %patch11 %patch12 +%patch13 -p1 install -m 644 %{S:1} . %build diff --git a/unixODBC.changes b/unixODBC.changes index aa74512..ac3d5c0 100644 --- a/unixODBC.changes +++ b/unixODBC.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Jun 13 11:17:49 CEST 2011 - mhrusecky@suse.cz + +- fixed CVE-2011-1145 (bnc#678796) + ------------------------------------------------------------------- Sat Dec 19 13:43:00 CET 2009 - jengelh@medozas.de diff --git a/unixODBC.spec b/unixODBC.spec index ef2df25..df997e8 100644 --- a/unixODBC.spec +++ b/unixODBC.spec @@ -49,6 +49,7 @@ Patch10: %{name}-%{version}-libodbcinst-exports.patch Patch11: %{name}-%{version}-flex.patch Patch12: %{name}-%{version}-sqp.patch Patch13: %{name}-%{version}-uninitialized.patch +Patch14: unixODBC-2.2.12-CVE-2011-1145.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %package devel @@ -97,6 +98,7 @@ Authors: %patch11 %patch12 %patch13 +%patch14 -p1 install -m 644 %{S:1} . %build