- Add back patch attempting to fix bnc#900326 bnc#915522 and

bnc#922538: * vsftpd-path-normalize.patch OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=76
2015-03-23 20:22:32 +00:00 · 2015-03-23 20:22:32 +00:00 · fa040448aa
commit fa040448aa
parent 8c317ca736
3 changed files with 103 additions and 1 deletions
--- a/vsftpd-path-normalize.patch
+++ b/vsftpd-path-normalize.patch
@ -0,0 +1,93 @@
+Index: vsftpd-3.0.2/ls.c
+===================================================================
+--- vsftpd-3.0.2.orig/ls.c
+++ vsftpd-3.0.2/ls.c
+@@ -121,7 +121,10 @@ vsf_ls_populate_dir_list(struct mystr_li
+     if (!str_isempty(p_filter_str))
+     {
+       unsigned int iters = 0;
+-      if (!vsf_filename_passes_filter(&s_next_filename_str, p_filter_str,
+      struct mystr normalize_filename_str;
+      str_copy(&normalize_filename_str, &s_next_filename_str);
+      str_normalize_filepath(&normalize_filename_str);
+      if (!vsf_filename_passes_filter(&normalize_filename_str, p_filter_str,
+                                       &iters))
+       {
+         continue;
+Index: vsftpd-3.0.2/str.c
+===================================================================
+--- vsftpd-3.0.2.orig/str.c
+++ vsftpd-3.0.2/str.c
+@@ -16,6 +16,12 @@
+ #define PRIVATE_HANDS_OFF_alloc_bytes alloc_bytes
+ #include "str.h"
+ 
+/* normalize filepath */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <libgen.h>
+
+ /* Ick. Its for die() */
+ #include "utility.h"
+ #include "sysutil.h"
+@@ -781,3 +787,47 @@ str_basename (struct mystr* d_str, const
+   if (str_isempty(d_str))
+    str_copy (d_str, path);
+ }
+
+void
+str_normalize_filepath(struct mystr* filepath)
+{
+    char *path;
+    char *normdir;
+    char *dir;
+    char *filename;
+    static struct mystr tmp;
+
+    /* normalize filepath */
+    path = str_strdup(filepath);
+    char *ch1 = strdup(path);
+    char *ch2 = strdup(path);
+    /* we split dir/file as realpath /home/REGEXP is NULL so we need dir
+     * dir only to function correctly, later on we need to glue back the
+     * file if there is some
+     */
+    dir = dirname(ch1);
+    filename = basename(ch2);
+    normdir = realpath(dir, NULL);
+    if (normdir == NULL)
+    {
+        goto out;
+    }
+    str_alloc_text(&tmp, normdir);
+    unsigned int len = str_getlen(&tmp);
+    if (str_get_char_at(&tmp, len - 1) != '/')
+    {
+        str_append_char(&tmp, '/');
+    }
+    /* / is special it ends in both dirname and basename so ignore it here */
+    if (strcmp(filename, "/") != 0)
+    {
+        str_append_text(&tmp, filename);
+    }
+    str_copy(filepath, &tmp);
+out:
+    free(normdir);
+    free(path);
+    free(ch1);
+    free(ch2);
+    str_free(&tmp);
+}
+Index: vsftpd-3.0.2/str.h
+===================================================================
+--- vsftpd-3.0.2.orig/str.h
+++ vsftpd-3.0.2/str.h
+@@ -102,6 +102,7 @@ int str_atoi(const struct mystr* p_str);
+ filesize_t str_a_to_filesize_t(const struct mystr* p_str);
+ unsigned int str_octal_to_uint(const struct mystr* p_str);
+ void str_basename (struct mystr* d_str, const struct mystr* path);
+void str_normalize_filepath(struct mystr* filepath);
+ 
+ /* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string
+  * buffer, starting at character position 'p_pos'. The extracted line will
--- a/vsftpd.changes
+++ b/vsftpd.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Mar 23 20:13:51 UTC 2015 - tchvatal@suse.com
+
+- Add back patch attempting to fix bnc#900326 bnc#915522 and
+  bnc#922538:
+  * vsftpd-path-normalize.patch
+
 -------------------------------------------------------------------
 Mon Mar 23 20:08:19 UTC 2015 - tchvatal@suse.com

--- a/vsftpd.spec
+++ b/vsftpd.spec
@ -58,10 +58,11 @@ Patch16:        vsftpd-root-squashed-chroot.patch
 Patch17:        vsftpd-enable-gettimeofday-sec.patch
 #PATCH-FIX-UPSTREAM: bnc#890469 fix broken syscall on s390
 Patch18:        vsftpd-3.0.2-s390.patch
-#PATCH-FIX-UPSTREAM: bnc#900326 deny_file filtering acts weirdly
+#PATCH-FIX-UPSTREAM: bnc#900326 deny_file filtering acts weirdly (19-22)
 Patch19:        vsftpd-2.1.0-filter.patch
 Patch20:        vsftpd-2.2.0-wildchar.patch
 Patch21:        vsftpd-2.3.4-sqb.patch
+Patch22:        vsftpd-path-normalize.patch
 BuildRequires:  libcap-devel
 BuildRequires:  openssl-devel
 BuildRequires:  pam-devel
@ -105,6 +106,7 @@ tests.
 %patch19 -p1
 %patch20 -p1
 %patch21 -p1
+%patch22 -p1

 %build
 %define seccomp_opts -D_GNU_SOURCE -DUSE_SECCOMP