Date: Mon, 4 Oct 2021 04:30:29 GMT From: Philip Paeps <philip@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: 371d21badc1c - 2021Q4 - security/sshguard: Fix memset() off-by-one Message-ID: <202110040430.1944UTpo070492@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch 2021Q4 has been updated by philip: URL: https://cgit.FreeBSD.org/ports/commit/?id=371d21badc1c56e48e307eb2f0a0ccf376a03cdb commit 371d21badc1c56e48e307eb2f0a0ccf376a03cdb Author: Kevin Zheng <kevinz5000@gmail.com> AuthorDate: 2021-09-01 05:07:43 +0000 Commit: Philip Paeps <philip@FreeBSD.org> CommitDate: 2021-10-04 04:28:58 +0000 security/sshguard: Fix memset() off-by-one This bug causes a stack overflow (and crash due to failed stack check) when certain IPv6 addresses are whitelisted on i386. PR: 258179 Reported by: John Marshall <john@jmarshall.id.au> MFH: 2021Q4 (cherry picked from commit c3381bf4d961159f4903f573c7f01fae85ad5a18) --- security/sshguard/Makefile | 1 + .../sshguard/files/patch-src_blocker_sshguard__whitelist.c | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/security/sshguard/Makefile b/security/sshguard/Makefile index ba84072408b4..48621f158097 100644 --- a/security/sshguard/Makefile +++ b/security/sshguard/Makefile @@ -2,6 +2,7 @@ PORTNAME= sshguard PORTVERSION= 2.4.2 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= security MASTER_SITES= SF/sshguard/sshguard/${PORTVERSION} diff --git a/security/sshguard/files/patch-src_blocker_sshguard__whitelist.c b/security/sshguard/files/patch-src_blocker_sshguard__whitelist.c new file mode 100644 index 000000000000..6e468872f458 --- /dev/null +++ b/security/sshguard/files/patch-src_blocker_sshguard__whitelist.c @@ -0,0 +1,11 @@ +--- src/blocker/sshguard_whitelist.c.orig 2020-12-31 17:06:03 UTC ++++ src/blocker/sshguard_whitelist.c +@@ -275,7 +275,7 @@ int whitelist_add_block6(const char *restrict address, + bitlen = masklen % 8; + bitmask = 0xFF << (8 - bitlen); + ab.address.ip6.mask.s6_addr[bytelen] = bitmask; +- memset(& ab.address.ip6.mask.s6_addr[bytelen+1], 0x00, sizeof(ab.address.ip6.mask.s6_addr) - bytelen); ++ memset(& ab.address.ip6.mask.s6_addr[bytelen+1], 0x00, sizeof(ab.address.ip6.mask.s6_addr) - bytelen - 1); + + if (! list_contains(& whitelist, &ab)) { + list_append(& whitelist, &ab);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202110040430.1944UTpo070492>