pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2008Q1]: pkgsrc/benchmarks/netperf pullup ticket #2374 - reque...

details:   https://anonhg.NetBSD.org/pkgsrc/rev/6d28f8ba9ccd
branches:  pkgsrc-2008Q1
changeset: 540333:6d28f8ba9ccd
user:      rtr <rtr%pkgsrc.org@localhost>
date:      Tue May 13 12:35:13 2008 +0000

description:
pullup ticket #2374 - requested by tonnerre
netperf: fix for symlink vulnerability

revisions pulled up:
- pkgsrc/benchmarks/netperf/Makefile            1.5
- pkgsrc/benchmarks/netperf/distinfo            1.3
- pkgsrc/benchmarks/netperf/patches/patch-ah    1.1
- pkgsrc/benchmarks/netperf/patches/patch-ai    1.1
- pkgsrc/benchmarks/netperf/patches/patch-ak    1.1

   Module Name: pkgsrc
   Committed By:        tonnerre
   Date:                Mon May 12 15:49:31 UTC 2008

   Modified Files:
        pkgsrc/benchmarks/netperf: Makefile distinfo
   Added Files:
        pkgsrc/benchmarks/netperf/patches: patch-ah patch-ai patch-ak

   Log Message:
   Use mkstemp in netperf code to open the debug log in order to avoid
   a symlink vulnerability. This fixes CVE-2007-1444.

diffstat:

 benchmarks/netperf/Makefile         |   3 +-
 benchmarks/netperf/distinfo         |   5 ++-
 benchmarks/netperf/patches/patch-ah |  12 +++++++
 benchmarks/netperf/patches/patch-ai |  56 +++++++++++++++++++++++++++++++++++++
 benchmarks/netperf/patches/patch-ak |  12 +++++++
 5 files changed, 86 insertions(+), 2 deletions(-)

diffs (122 lines):

diff -r 26ac2df27f1a -r 6d28f8ba9ccd benchmarks/netperf/Makefile
--- a/benchmarks/netperf/Makefile       Mon May 12 10:57:19 2008 +0000
+++ b/benchmarks/netperf/Makefile       Tue May 13 12:35:13 2008 +0000
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.4 2007/12/29 10:14:50 wiz Exp $
+# $NetBSD: Makefile,v 1.4.4.1 2008/05/13 12:35:13 rtr Exp $
 #
 
 DISTNAME=      netperf-2.3pl1
 PKGNAME=       netperf-2.3.1
+PKGREVISION=   1
 CATEGORIES=    benchmarks
 MASTER_SITES=  ftp://ftp.cup.hp.com/dist/networking/benchmarks/netperf/archive/ \
                ftp://ftp.netperf.org/netperf/archive/ \
diff -r 26ac2df27f1a -r 6d28f8ba9ccd benchmarks/netperf/distinfo
--- a/benchmarks/netperf/distinfo       Mon May 12 10:57:19 2008 +0000
+++ b/benchmarks/netperf/distinfo       Tue May 13 12:35:13 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.2 2007/08/08 20:30:13 joerg Exp $
+$NetBSD: distinfo,v 1.2.6.1 2008/05/13 12:35:13 rtr Exp $
 
 SHA1 (netperf-2.3pl1.tar.gz) = 288c34b6c4d937b06422a8cdab3dcae5ed58cc17
 RMD160 (netperf-2.3pl1.tar.gz) = 83f2afd612b7d4d4b486b82554f4e792c5e8509d
@@ -10,3 +10,6 @@
 SHA1 (patch-ae) = 4848b2699cdbf2b9059f6e0290afc929d94f514c
 SHA1 (patch-af) = 720808dcbdbc6fa1ea55aae43ea1e24c333d9891
 SHA1 (patch-ag) = 4139125768a4b037692ab3cefcb2562ccc5c4b0f
+SHA1 (patch-ah) = ae945388b12d9b964f2728d07ce17d543c440bdd
+SHA1 (patch-ai) = ca2d19efa72f2ac40f66eb5c61272b90b080aec4
+SHA1 (patch-ak) = 35da529b4509791718e2912bc8d59a32ea992933
diff -r 26ac2df27f1a -r 6d28f8ba9ccd benchmarks/netperf/patches/patch-ah
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/benchmarks/netperf/patches/patch-ah       Tue May 13 12:35:13 2008 +0000
@@ -0,0 +1,12 @@
+$NetBSD: patch-ah,v 1.1.2.2 2008/05/13 12:35:13 rtr Exp $
+
+--- netlib.h.orig      2004-09-21 23:33:40.000000000 +0200
++++ netlib.h
+@@ -343,6 +343,7 @@ extern  int     lib_num_loc_cpus;
+ extern  SOCKET  server_sock;
+ extern  int     times_up;
+ extern  FILE    *where;
++extern        int     fd;
+ extern  int     loops_per_msec;
+ extern  float   lib_local_per_cpu_util[];
+   
diff -r 26ac2df27f1a -r 6d28f8ba9ccd benchmarks/netperf/patches/patch-ai
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/benchmarks/netperf/patches/patch-ai       Tue May 13 12:35:13 2008 +0000
@@ -0,0 +1,56 @@
+$NetBSD: patch-ai,v 1.1.2.2 2008/05/13 12:35:13 rtr Exp $
+
+--- netserver.c.orig   2004-09-21 23:33:40.000000000 +0200
++++ netserver.c
+@@ -138,6 +138,9 @@ FILE       *afp;
+ short listen_port_num;
+ extern        char    *optarg;
+ extern        int     optind, opterr;
++#ifndef WIN32
++char debuglog[] = "/tmp/netperf.debugXXXXXX";
++#endif
+ 
+ #ifndef WIN32
+ #define SERVER_ARGS "dn:p:v:46"
+@@ -181,8 +184,14 @@ process_requests()
+       netperf_response.content.response_type = DEBUG_OK;
+       send_response();
+         //+*+SAF why???
+-        if (!debug) 
++        if (!debug)
++        {
+             fclose(where);
++#ifndef WIN32
++            unlink(debuglog);
++            close(fd);
++#endif
++        }
+       break;
+       
+     case CPU_CALIBRATE:
+@@ -730,7 +739,13 @@ struct sockaddr name;
+ 
+ /*  unlink(DEBUG_LOG_FILE); */
+ #ifndef WIN32
+-  if ((where = fopen(DEBUG_LOG_FILE, "w")) == NULL) {
++  if ((fd = mkstemp(debuglog)) == -1 || (where = fdopen(fd, "w+")) == NULL)
++  {
++    if (fd != -1)
++    {
++      unlink(debuglog);
++      close(fd);
++    }
+     perror("netserver: debug file");
+     exit(1);
+   }
+@@ -761,10 +776,6 @@ struct sockaddr name;
+   }
+ #endif
+  
+-#ifndef WIN32 
+-  chmod(DEBUG_LOG_FILE,0644);
+-#endif
+-  
+ #if WIN32
+   if (child) {
+         server_sock = (SOCKET)GetStdHandle(STD_INPUT_HANDLE);
diff -r 26ac2df27f1a -r 6d28f8ba9ccd benchmarks/netperf/patches/patch-ak
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/benchmarks/netperf/patches/patch-ak       Tue May 13 12:35:13 2008 +0000
@@ -0,0 +1,12 @@
+$NetBSD: patch-ak,v 1.1.2.2 2008/05/13 12:35:13 rtr Exp $
+
+--- netlib.c.orig      2004-09-21 23:33:40.000000000 +0200
++++ netlib.c
+@@ -422,6 +422,7 @@ union   netperf_request_struct  netperf_
+ union   netperf_response_struct netperf_response;
+ 
+ FILE    *where;
++int   fd = -1;
+ 
+ char    libfmt = 'm';
+
Home | Main Index | Thread Index | Old Index