diff options
Diffstat (limited to 'meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch')
-rw-r--r-- | meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch | 254 |
1 files changed, 254 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch b/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch new file mode 100644 index 0000000000..4bc354d256 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch | |||
@@ -0,0 +1,254 @@ | |||
1 | From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Simon Josefsson <simon@josefsson.org> | ||
3 | Date: Mon, 31 Jul 2023 13:59:05 +0200 | ||
4 | Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit. | ||
5 | |||
6 | CVE: CVE-2023-40303 | ||
7 | Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d] | ||
8 | Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
9 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
10 | --- | ||
11 | src/rcp.c | 42 ++++++++++++++++++++++++------------------ | ||
12 | src/rlogin.c | 12 ++++++------ | ||
13 | src/rsh.c | 24 ++++++++++++------------ | ||
14 | src/rshd.c | 24 ++++++++++++------------ | ||
15 | src/uucpd.c | 16 ++++++++-------- | ||
16 | 5 files changed, 62 insertions(+), 56 deletions(-) | ||
17 | |||
18 | diff --git a/src/rcp.c b/src/rcp.c | ||
19 | index cdcf8500..652f22e6 100644 | ||
20 | --- a/src/rcp.c | ||
21 | +++ b/src/rcp.c | ||
22 | @@ -347,9 +347,10 @@ main (int argc, char *argv[]) | ||
23 | response (); | ||
24 | |||
25 | if (setuid (userid) == -1) | ||
26 | - { | ||
27 | - error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); | ||
28 | - } | ||
29 | + { | ||
30 | + error (EXIT_FAILURE, 0, | ||
31 | + "Could not drop privileges (setuid() failed)"); | ||
32 | + } | ||
33 | |||
34 | source (argc, argv); | ||
35 | exit (errs); | ||
36 | @@ -358,9 +359,10 @@ main (int argc, char *argv[]) | ||
37 | if (to_option) | ||
38 | { /* Receive data. */ | ||
39 | if (setuid (userid) == -1) | ||
40 | - { | ||
41 | - error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); | ||
42 | - } | ||
43 | + { | ||
44 | + error (EXIT_FAILURE, 0, | ||
45 | + "Could not drop privileges (setuid() failed)"); | ||
46 | + } | ||
47 | |||
48 | sink (argc, argv); | ||
49 | exit (errs); | ||
50 | @@ -548,9 +550,10 @@ toremote (char *targ, int argc, char *argv[]) | ||
51 | free (bp); | ||
52 | |||
53 | if (setuid (userid) == -1) | ||
54 | - { | ||
55 | - error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); | ||
56 | - } | ||
57 | + { | ||
58 | + error (EXIT_FAILURE, 0, | ||
59 | + "Could not drop privileges (setuid() failed)"); | ||
60 | + } | ||
61 | } | ||
62 | source (1, argv + i); | ||
63 | close (rem); | ||
64 | @@ -645,9 +648,10 @@ tolocal (int argc, char *argv[]) | ||
65 | } | ||
66 | |||
67 | if (seteuid (userid) == -1) | ||
68 | - { | ||
69 | - error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); | ||
70 | - } | ||
71 | + { | ||
72 | + error (EXIT_FAILURE, 0, | ||
73 | + "Could not drop privileges (seteuid() failed)"); | ||
74 | + } | ||
75 | |||
76 | #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT | ||
77 | sslen = sizeof (ss); | ||
78 | @@ -663,9 +667,10 @@ tolocal (int argc, char *argv[]) | ||
79 | sink (1, vect); | ||
80 | |||
81 | if (seteuid (effuid) == -1) | ||
82 | - { | ||
83 | - error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); | ||
84 | - } | ||
85 | + { | ||
86 | + error (EXIT_FAILURE, 0, | ||
87 | + "Could not drop privileges (seteuid() failed)"); | ||
88 | + } | ||
89 | |||
90 | close (rem); | ||
91 | rem = -1; | ||
92 | @@ -1465,9 +1470,10 @@ susystem (char *s, int userid) | ||
93 | |||
94 | case 0: | ||
95 | if (setuid (userid) == -1) | ||
96 | - { | ||
97 | - error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); | ||
98 | - } | ||
99 | + { | ||
100 | + error (EXIT_FAILURE, 0, | ||
101 | + "Could not drop privileges (setuid() failed)"); | ||
102 | + } | ||
103 | |||
104 | execl (PATH_BSHELL, "sh", "-c", s, NULL); | ||
105 | _exit (127); | ||
106 | diff --git a/src/rlogin.c b/src/rlogin.c | ||
107 | index c543de0c..4360202f 100644 | ||
108 | --- a/src/rlogin.c | ||
109 | +++ b/src/rlogin.c | ||
110 | @@ -648,14 +648,14 @@ try_connect: | ||
111 | to get the privileged port that rcmd () uses. We now want, however, | ||
112 | to run as the real user who invoked us. */ | ||
113 | if (seteuid (uid) == -1) | ||
114 | - { | ||
115 | - error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); | ||
116 | - } | ||
117 | + { | ||
118 | + error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); | ||
119 | + } | ||
120 | |||
121 | if (setuid (uid) == -1) | ||
122 | - { | ||
123 | - error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); | ||
124 | - } | ||
125 | + { | ||
126 | + error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); | ||
127 | + } | ||
128 | |||
129 | doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */ | ||
130 | |||
131 | diff --git a/src/rsh.c b/src/rsh.c | ||
132 | index 6f60667d..179b47cd 100644 | ||
133 | --- a/src/rsh.c | ||
134 | +++ b/src/rsh.c | ||
135 | @@ -278,14 +278,14 @@ main (int argc, char **argv) | ||
136 | *argv = (char *) "rlogin"; | ||
137 | |||
138 | if (seteuid (getuid ()) == -1) | ||
139 | - { | ||
140 | - error (EXIT_FAILURE, errno, "seteuid() failed"); | ||
141 | - } | ||
142 | + { | ||
143 | + error (EXIT_FAILURE, errno, "seteuid() failed"); | ||
144 | + } | ||
145 | |||
146 | if (setuid (getuid ()) == -1) | ||
147 | - { | ||
148 | - error (EXIT_FAILURE, errno, "setuid() failed"); | ||
149 | - } | ||
150 | + { | ||
151 | + error (EXIT_FAILURE, errno, "setuid() failed"); | ||
152 | + } | ||
153 | |||
154 | execv (PATH_RLOGIN, argv); | ||
155 | error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN); | ||
156 | @@ -551,14 +551,14 @@ try_connect: | ||
157 | } | ||
158 | |||
159 | if (seteuid (uid) == -1) | ||
160 | - { | ||
161 | - error (EXIT_FAILURE, errno, "seteuid() failed"); | ||
162 | - } | ||
163 | + { | ||
164 | + error (EXIT_FAILURE, errno, "seteuid() failed"); | ||
165 | + } | ||
166 | |||
167 | if (setuid (uid) == -1) | ||
168 | - { | ||
169 | - error (EXIT_FAILURE, errno, "setuid() failed"); | ||
170 | - } | ||
171 | + { | ||
172 | + error (EXIT_FAILURE, errno, "setuid() failed"); | ||
173 | + } | ||
174 | |||
175 | #ifdef HAVE_SIGACTION | ||
176 | sigemptyset (&sigs); | ||
177 | diff --git a/src/rshd.c b/src/rshd.c | ||
178 | index 707790e7..3a153a18 100644 | ||
179 | --- a/src/rshd.c | ||
180 | +++ b/src/rshd.c | ||
181 | @@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) | ||
182 | |||
183 | /* Set the gid, then uid to become the user specified by "locuser" */ | ||
184 | if (setegid ((gid_t) pwd->pw_gid) == -1) | ||
185 | - { | ||
186 | - rshd_error ("Cannot drop privileges (setegid() failed)\n"); | ||
187 | - exit (EXIT_FAILURE); | ||
188 | - } | ||
189 | + { | ||
190 | + rshd_error ("Cannot drop privileges (setegid() failed)\n"); | ||
191 | + exit (EXIT_FAILURE); | ||
192 | + } | ||
193 | |||
194 | if (setgid ((gid_t) pwd->pw_gid) == -1) | ||
195 | - { | ||
196 | - rshd_error ("Cannot drop privileges (setgid() failed)\n"); | ||
197 | - exit (EXIT_FAILURE); | ||
198 | - } | ||
199 | + { | ||
200 | + rshd_error ("Cannot drop privileges (setgid() failed)\n"); | ||
201 | + exit (EXIT_FAILURE); | ||
202 | + } | ||
203 | |||
204 | #ifdef HAVE_INITGROUPS | ||
205 | initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */ | ||
206 | @@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) | ||
207 | #endif /* WITH_PAM */ | ||
208 | |||
209 | if (setuid ((uid_t) pwd->pw_uid) == -1) | ||
210 | - { | ||
211 | - rshd_error ("Cannot drop privileges (setuid() failed)\n"); | ||
212 | - exit (EXIT_FAILURE); | ||
213 | - } | ||
214 | + { | ||
215 | + rshd_error ("Cannot drop privileges (setuid() failed)\n"); | ||
216 | + exit (EXIT_FAILURE); | ||
217 | + } | ||
218 | |||
219 | /* We'll execute the client's command in the home directory | ||
220 | * of locuser. Note, that the chdir must be executed after | ||
221 | diff --git a/src/uucpd.c b/src/uucpd.c | ||
222 | index 29cfce35..fde7b9c9 100644 | ||
223 | --- a/src/uucpd.c | ||
224 | +++ b/src/uucpd.c | ||
225 | @@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen) | ||
226 | dologin (pw, sap, salen); | ||
227 | |||
228 | if (setgid (pw->pw_gid) == -1) | ||
229 | - { | ||
230 | - fprintf (stderr, "setgid() failed"); | ||
231 | - return; | ||
232 | - } | ||
233 | + { | ||
234 | + fprintf (stderr, "setgid() failed"); | ||
235 | + return; | ||
236 | + } | ||
237 | #ifdef HAVE_INITGROUPS | ||
238 | initgroups (pw->pw_name, pw->pw_gid); | ||
239 | #endif | ||
240 | @@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen) | ||
241 | } | ||
242 | |||
243 | if (setuid (pw->pw_uid) == -1) | ||
244 | - { | ||
245 | - fprintf (stderr, "setuid() failed"); | ||
246 | - return; | ||
247 | - } | ||
248 | + { | ||
249 | + fprintf (stderr, "setuid() failed"); | ||
250 | + return; | ||
251 | + } | ||
252 | |||
253 | execl (uucico_location, "uucico", NULL); | ||
254 | perror ("uucico server: execl"); | ||