rpms/nss_compat_ossl/F-9 nss_compat_ossl-cipherlist.patch, NONE, 1.1 nss_compat_ossl.spec, 1.10, 1.11

Robert Crittenden rcritten at fedoraproject.org
Mon Dec 15 16:29:30 UTC 2008 

Author: rcritten

Update of /cvs/extras/rpms/nss_compat_ossl/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv5068

Modified Files:
	nss_compat_ossl.spec 
Added Files:
	nss_compat_ossl-cipherlist.patch 
Log Message:
Patch to fix segfault in parsing ciphers (#476519)


nss_compat_ossl-cipherlist.patch:

--- NEW FILE nss_compat_ossl-cipherlist.patch ---
--- nss_compat_ossl-0.9.4/src/ssl.c	(revision 67)
+++ nss_compat_ossl-0.9.4/src/ssl.c	(working copy)
@@ -161,10 +161,12 @@
  *    0: cipher disabled
  *    1: cipher enabled
  */
-int nss_parse_ciphers(char *ciphers, int cipher_list[ciphernum])
+int nss_parse_ciphers(const char *cipherstr, int cipher_list[ciphernum])
 {
     int i;
     char *cipher;
+    char *ciphers;
+    char *ciphertip;
     int action;
     int rv;
 
@@ -172,7 +174,8 @@
     for (i=0; i<ciphernum; i++)
         cipher_list[i] = 0;
 
-    cipher = ciphers;
+    ciphertip = strdup(cipherstr);
+    cipher = ciphers = ciphertip;
 
     while (ciphers && (strlen(ciphers)))
     {
@@ -313,6 +316,8 @@
             rv = 1;
     }
 
+    free(ciphertip);
+
     return rv;
 }
 
@@ -1875,7 +1880,7 @@
     int cipher_state[ciphernum];
     int rv, i;
 
-    rv = nss_parse_ciphers((char *)str, cipher_state);
+    rv = nss_parse_ciphers(str, cipher_state);
 
     if (rv) {
         /* First disable everything */


Index: nss_compat_ossl.spec
===================================================================
RCS file: /cvs/extras/rpms/nss_compat_ossl/F-9/nss_compat_ossl.spec,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- nss_compat_ossl.spec	1 Oct 2008 20:41:21 -0000	1.10
+++ nss_compat_ossl.spec	15 Dec 2008 16:28:59 -0000	1.11
@@ -1,6 +1,6 @@
 Name:           nss_compat_ossl
 Version:        0.9.4
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Source-level compatibility library for OpenSSL to NSS porting
 
 Group:          System Environment/Libraries
@@ -13,6 +13,8 @@
 BuildRequires:  nss-devel > 3.11.7-7
 BuildRequires:  nspr-devel
 
+Patch1: nss_compat_ossl-cipherlist.patch
+
 %description
 This library provides a source-level compatibility layer to aid porting
 programs that use OpenSSL to use the NSS instead.
@@ -27,6 +29,7 @@
 
 %prep
 %setup -q
+%patch1 -p1 -b .cipherlist
 
 %build
 
@@ -65,6 +68,9 @@
 %postun -p /sbin/ldconfig
 
 %changelog
+* Wed Dec 15 2008 Rob Crittenden <rcritten at redhat.com> - 0.9.4-2
+- Patch to fix segfault in parsing ciphers (#476519)
+
 * Wed Oct  1 2008 Rob Crittenden <rcritten at redhat.com> - 0.9.4-1
 - update to 0.9.4
 - change Source0 to use fedoraproject.org

More information about the fedora-extras-commits mailing list