Date: Tue, 28 Oct 2014 22:56:28 +0000 (UTC) From: Alonso Schaich <alonso@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r371656 - in head/x11/kde4-runtime: . files Message-ID: <201410282256.s9SMuSxR027487@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: alonso Date: Tue Oct 28 22:56:27 2014 New Revision: 371656 URL: https://svnweb.freebsd.org/changeset/ports/371656 QAT: https://qat.redports.org/buildarchive/r371656/ Log: Fix an OOB memory read in kio_sftp When passing timeout values to ssh_option_set of security/libssh, an int type pointer is used instead of a long int one required by the ssh_option_set documentation, which causes platform specific (or undefined) behaviour on architectures where sizeof (long int) is different to sizeof (int). Fix this by "promoting" the referenced locals to long integer type. This commit merges r10452 of area51 and is based on a report by Dwayne MacKinnon via kde@ mailing list. References: https://mail.kde.org/pipermail/kde-freebsd/2014-October/018330.html https://bugs.kde.org/show_bug.cgi?id=331674 Approved by: rakuco (mentor) Added: head/x11/kde4-runtime/files/patch-kioslave__sftp__kio_sftp.cpp (contents, props changed) Modified: head/x11/kde4-runtime/Makefile Modified: head/x11/kde4-runtime/Makefile ============================================================================== --- head/x11/kde4-runtime/Makefile Tue Oct 28 22:55:13 2014 (r371655) +++ head/x11/kde4-runtime/Makefile Tue Oct 28 22:56:27 2014 (r371656) @@ -2,6 +2,7 @@ PORTNAME= kde-runtime PORTVERSION= ${KDE4_VERSION} +PORTREVISION= 1 CATEGORIES= x11 kde MASTER_SITES= KDE/${KDE4_BRANCH}/${PORTVERSION}/src DIST_SUBDIR= KDE/${PORTVERSION} Added: head/x11/kde4-runtime/files/patch-kioslave__sftp__kio_sftp.cpp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/x11/kde4-runtime/files/patch-kioslave__sftp__kio_sftp.cpp Tue Oct 28 22:56:27 2014 (r371656) @@ -0,0 +1,11 @@ +--- kioslave/sftp/kio_sftp.cpp.orig 2014-10-27 22:00:05.195340477 +0100 ++++ kioslave/sftp/kio_sftp.cpp 2014-10-27 22:00:14.755340379 +0100 +@@ -528,7 +528,7 @@ + return false; + } + +- int timeout_sec = 30, timeout_usec = 0; ++ long int timeout_sec = 30, timeout_usec = 0; + + kDebug(KIO_SFTP_DB) << "Creating the SSH session and setting options"; +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410282256.s9SMuSxR027487>