summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRicardo Ribalda Delgado <ricardo@ribalda.com>2019-08-07 09:17:44 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-08-08 10:19:56 +0100
commit5f1bfba262fdb8514c3c2b50c75ab68343a1361b (patch)
treed96129598c9fb3eb76af01e7c9d07dc7cf99ed14
parent54c7db01057343993e85058b47e696938fb3d613 (diff)
downloadpoky-5f1bfba262fdb8514c3c2b50c75ab68343a1361b.tar.gz
inetutils: Fix abort on invalid files
When the code is compiled with "-fstack-protector-strong -D_FORTIFY_SOURCE=2", everytime ftpfd is asked for a non existent file, it crashes with the following error: *** buffer overflow detected ***: Aborted This seems to be a bug/feature of gcc. A bug has been open on their bugzilla, and also inetutils have been posted with the proposed patch. Without this patch, pxelinux fails to boot because it keeps asking the server for the pxelinux.cfg/00-01-02-03-04 and never jumps to /default. (From OE-Core rev: 0c3a1251a8aec86f3e877130f926a928e5ca2030) Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch25
-rw-r--r--meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb1
2 files changed, 26 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch b/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch
new file mode 100644
index 0000000000..a91913cb51
--- /dev/null
+++ b/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch
@@ -0,0 +1,25 @@
1tftpd: Fix abort on error path
2
3When trying to fetch a non existent file, the app crashes with:
4
5*** buffer overflow detected ***:
6Aborted
7
8
9Upstream-Status: Submitted [https://www.mail-archive.com/bug-inetutils@gnu.org/msg03036.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91205]
10Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com>
11diff --git a/src/tftpd.c b/src/tftpd.c
12index 56002a0..144012f 100644
13--- a/src/tftpd.c
14+++ b/src/tftpd.c
15@@ -864,9 +864,8 @@ nak (int error)
16 pe->e_msg = strerror (error - 100);
17 tp->th_code = EUNDEF; /* set 'undef' errorcode */
18 }
19- strcpy (tp->th_msg, pe->e_msg);
20 length = strlen (pe->e_msg);
21- tp->th_msg[length] = '\0';
22+ memcpy(tp->th_msg, pe->e_msg, length + 1);
23 length += 5;
24 if (sendto (peer, buf, length, 0, (struct sockaddr *) &from, fromlen) != length)
25 syslog (LOG_ERR, "nak: %m\n");
diff --git a/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb b/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb
index ac2e017d8b..684fbe09e1 100644
--- a/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb
+++ b/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb
@@ -22,6 +22,7 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.gz \
22 file://inetutils-1.9-PATH_PROCNET_DEV.patch \ 22 file://inetutils-1.9-PATH_PROCNET_DEV.patch \
23 file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \ 23 file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \
24 file://0001-rcp-fix-to-work-with-large-files.patch \ 24 file://0001-rcp-fix-to-work-with-large-files.patch \
25 file://fix-buffer-fortify-tfpt.patch \
25" 26"
26 27
27SRC_URI[md5sum] = "04852c26c47cc8c6b825f2b74f191f52" 28SRC_URI[md5sum] = "04852c26c47cc8c6b825f2b74f191f52"