Date: Wed, 13 Jun 2001 13:48:23 -0500 From: "default013 - subscriptions" <default013subscriptions@hotmail.com> To: <freebsd-security@freebsd.org> Subject: trouble with glob patch (ftp exploit) Message-ID: <OE178r6beUzmRf6Ci6n000106d3@hotmail.com>
next in thread | raw e-mail | index | archive | help
Hi, I was doing some security upgrades and attempted to install the glob ftp exploit patch... (ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:33/glob.4.x.patch) I do not believe it installed correctly as I received the following errors. If anyone can help me with this I would extremely appreciate it. (Here is when I applied the patch as directed on http://www.linuxsecurity.com/advisories/freebsd_advisory-1294.html) [/usr/src]# patch -p < /usr/home/default/patches/glob.4.x.patch Hmm... Looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: include/glob.h |=================================================================== |RCS file: /home/ncvs/src/include/glob.h,v |--- include/glob.h 1998/02/25 02:15:59 1.3 |+++ include/glob.h 2001/03/21 14:33:56 1.3.6.1 -------------------------- Patching file include/glob.h using Plan A... Hunk #1 succeeded at 77. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: lib/libc/gen/glob.c |=================================================================== |RCS file: /home/ncvs/src/lib/libc/gen/glob.c,v |--- lib/libc/gen/glob.c 1998/02/20 07:54:56 1.11 |+++ lib/libc/gen/glob.c 2001/04/07 21:00:20 -------------------------- Patching file lib/libc/gen/glob.c using Plan A... Hunk #1 succeeded at 129. Hunk #2 succeeded at 137. Hunk #3 succeeded at 158. Hunk #4 succeeded at 168. Hunk #5 succeeded at 197. Hunk #6 succeeded at 207. Hunk #7 succeeded at 233. Hunk #8 succeeded at 274. Hunk #9 succeeded at 321. Hunk #10 succeeded at 415. Hunk #11 succeeded at 480. Hunk #12 succeeded at 493. Hunk #13 succeeded at 508. Hunk #14 succeeded at 528. Hunk #15 succeeded at 552. Hunk #16 succeeded at 567. Hunk #17 succeeded at 606. Hunk #18 succeeded at 636. Hunk #19 succeeded at 674. Hunk #20 succeeded at 710. Hunk #21 succeeded at 791. Hunk #22 succeeded at 804. Hunk #23 succeeded at 823. Hunk #24 succeeded at 840. Hunk #25 succeeded at 860. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: libexec/ftpd/popen.c |=================================================================== |RCS file: /home/ncvs/src/libexec/ftpd/popen.c,v |--- libexec/ftpd/popen.c 2000/09/20 09:57:58 1.18.2.1 |+++ libexec/ftpd/popen.c 2001/04/07 21:08:09 -------------------------- Patching file libexec/ftpd/popen.c using Plan A... Hunk #1 succeeded at 107. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |=================================================================== |RCS file: /home/ncvs/src/libexec/ftpd/ftpd.c,v |--- libexec/ftpd/ftpd.c 2001/03/11 13:20:44 1.73 |+++ libexec/ftpd/ftpd.c 2001/03/19 19:11:00 -------------------------- Patching file libexec/ftpd/ftpd.c using Plan A... Hunk #1 succeeded at 186 (offset -3 lines). Hunk #2 succeeded at 2611 (offset -17 lines). Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |=================================================================== |RCS file: /home/ncvs/src/libexec/ftpd/ftpcmd.y,v |--- libexec/ftpd/ftpcmd.y 2001/04/16 22:20:26 1.23 |+++ libexec/ftpd/ftpcmd.y 2001/04/17 03:03:45 -------------------------- Patching file libexec/ftpd/ftpcmd.y using Plan A... Hunk #1 succeeded at 133 with fuzz 2 (offset -5 lines). Hunk #2 succeeded at 461 (offset -14 lines). Hunk #3 succeeded at 910 (offset -31 lines). Hunk #4 succeeded at 1008 (offset -33 lines). done (here is what happened when I did a make all install in /usr/src/lib/libc) cc -O -pipe -DLIBC_RCS -DSYSLIBC_RCS -I/usr/src/lib/libc/include -D__DBINTER FACE_PRIVATE -DINET6 -DPOSIX_MISTAKE -I/usr/src/lib/libc/../libc/locale -DBR OKEN_DES -DYP -c /usr/src/lib/libc/../libc/gen/glob.c -o glob.o /usr/src/lib/libc/../libc/gen/glob.c: In function `glob': /usr/src/lib/libc/../libc/gen/glob.c:171: `GLOB_MAXPATH' undeclared (first use in this function) /usr/src/lib/libc/../libc/gen/glob.c:171: (Each undeclared identifier is reported only once /usr/src/lib/libc/../libc/gen/glob.c:171: for each function it appears in.) /usr/src/lib/libc/../libc/gen/glob.c: In function `globextend': /usr/src/lib/libc/../libc/gen/glob.c:689: `GLOB_LIMIT' undeclared (first use in this function) *** Error code 1 (and finally, here is what happened when I did a make all install in /usr/src/libexec/ftpd) [/usr/src/libexec/ftpd]# make all install Warning: Object directory not changed from original /usr/src/libexec/ftpd cc -O -pipe -DSETPROCTITLE -DSKEY -DLOGIN_CAP -DVIRTUAL_HOSTING -Wall -I/us r/src/libexec/ftpd/../../contrib-crypto/telnet -DINET6 -Dmain=ls_main -I/usr /src/libexec/ftpd/../../bin/ls -c ftpd.c ftpd.c: In function `send_file_list': ftpd.c:2612: `GLOB_MAXPATH' undeclared (first use in this function) ftpd.c:2612: (Each undeclared identifier is reported only once ftpd.c:2612: for each function it appears in.) ftpd.c:2601: warning: variable `dout' might be clobbered by `longjmp' or `vfork' ftpd.c:2602: warning: variable `dirlist' might be clobbered by `longjmp' or `vfork' ftpd.c:2603: warning: variable `simple' might be clobbered by `longjmp' or `vfork' ftpd.c:2604: warning: variable `freeglob' might be clobbered by `longjmp' or `vfork' *** Error code 1 Stop in /usr/src/libexec/ftpd. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?OE178r6beUzmRf6Ci6n000106d3>