rpms/chntpw/devel chntpw-080526-robustness.patch, NONE, 1.1 chntpw.spec, 1.7, 1.8
Richard W.M. Jones
rjones at fedoraproject.org
Mon Jul 20 16:07:48 UTC 2009
- Previous message (by thread): rpms/sos/F-10 .cvsignore,1.4,1.5 sources,1.7,1.8
- Next message (by thread): rpms/kaya/devel kaya-0.5.2-conf.patch, NONE, 1.1 kaya.spec, 1.6, 1.7 kaya-0.5.1-ghc.patch, 1.1, NONE kaya-0.5.1-tst.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rjones
Update of /cvs/pkgs/rpms/chntpw/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv14449
Modified Files:
chntpw.spec
Added Files:
chntpw-080526-robustness.patch
Log Message:
- Three patches from Jim Meyering aiming to improve the general
robustness of the code.
chntpw-080526-robustness.patch:
b/ntreg.c | 10 ++++++----
ntreg.c | 16 +++++++++++++---
2 files changed, 19 insertions(+), 7 deletions(-)
--- NEW FILE chntpw-080526-robustness.patch ---
>From jim at meyering.net Mon Jul 20 16:46:56 2009
Return-Path: jim at meyering.net
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on amd.home.annexia.org
X-Spam-Level:
X-Spam-Status: No, score=-2.2 required=5.0 tests=AWL,BAYES_00,
UNPARSEABLE_RELAY autolearn=ham version=3.2.5
Received: from mail.corp.redhat.com [10.5.5.51]
by amd.home.annexia.org with IMAP (fetchmail-6.3.8)
for <rjones at localhost> (single-drop); Mon, 20 Jul 2009 16:46:56 +0100 (BST)
Received: from zmta02.collab.prod.int.phx2.redhat.com (LHLO
zmta02.collab.prod.int.phx2.redhat.com) (10.5.5.32) by
mail06.corp.redhat.com with LMTP; Mon, 20 Jul 2009 11:31:43 -0400 (EDT)
Received: from localhost (localhost.localdomain [127.0.0.1])
by zmta02.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id 27CD09E195
for <rjones at redhat.com>; Mon, 20 Jul 2009 11:31:43 -0400 (EDT)
Received: from zmta02.collab.prod.int.phx2.redhat.com ([127.0.0.1])
by localhost (zmta02.collab.prod.int.phx2.redhat.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id TTbuqA5poqWA for <rjones at redhat.com>;
Mon, 20 Jul 2009 11:31:43 -0400 (EDT)
Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26])
by zmta02.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id 087319E193
for <rjones at mail.corp.redhat.com>; Mon, 20 Jul 2009 11:31:43 -0400 (EDT)
Received: from ns3.rdu.redhat.com (ns3.rdu.redhat.com [10.11.255.199])
by int-mx2.corp.redhat.com (8.13.1/8.13.1) with ESMTP id n6KFVfBF002494
for <rjones at int-mx2.corp.redhat.com>; Mon, 20 Jul 2009 11:31:42 -0400
Received: from mx.meyering.net (sebastian-int.corp.redhat.com [172.16.52.221])
by ns3.rdu.redhat.com (8.13.8/8.13.8) with ESMTP id n6KFVeiP013799
for <rjones at redhat.com>; Mon, 20 Jul 2009 11:31:41 -0400
Received: by rho.meyering.net (Acme Bit-Twister, from userid 1000)
id D157838154; Mon, 20 Jul 2009 17:31:40 +0200 (CEST)
From: Jim Meyering <jim at meyering.net>
To: "Richard W. M. Jones" <rjones at redhat.com>
Subject: chntpw patches
Date: Mon, 20 Jul 2009 17:31:40 +0200
Message-ID: <87my6z8j6r.fsf at meyering.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Scanned-By: MIMEDefang 2.58 on 172.16.27.26
Status: RO
Content-Length: 4197
Lines: 140
Hi Rich,
The first two were spotted via inspection.
The 3rd one was to address this:
$ : > j && valgrind ./reged -e j
~/w/co/chntpw:
==16084== Memcheck, a memory error detector.
==16084== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al.
==16084== Using LibVEX rev 1884, a library for dynamic binary translation.
==16084== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP.
==16084== Using valgrind-3.4.1, a dynamic binary instrumentation framework.
==16084== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al.
==16084== For more details, rerun with: -v
==16084==
reged version 0.1 080526, (c) Petter N Hagen
==16084== Invalid read of size 4
==16084== at 0x407D09: openHive (ntreg.c:2856)
==16084== by 0x4011E3: main (reged.c:103)
==16084== Address 0x4c230d8 is 0 bytes after a block of size 0 alloc'd
==16084== at 0x4A05414: calloc (vg_replace_malloc.c:397)
==16084== by 0x407C5C: openHive (ntreg.c:2840)
==16084== by 0x4011E3: main (reged.c:103)
openHive(j): File does not seem to be a registry hive!
Simple registry editor. ? for help.
==16084==
==16084== Invalid read of size 2
==16084== at 0x403C4D: get_abs_path (ntreg.c:1204)
==16084== by 0x408D57: regedit_interactive (edlib.c:379)
==16084== by 0x401277: main (reged.c:111)
==16084== Address 0x4c230dc is 4 bytes after a block of size 0 alloc'd
==16084== at 0x4A05414: calloc (vg_replace_malloc.c:397)
==16084== by 0x407C5C: openHive (ntreg.c:2840)
==16084== by 0x4011E3: main (reged.c:103)
get_abs_path: Not a 'nk' node!
>
>From 5c287bb158db10af96b1f1f67d4df49a47323b94 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering at redhat.com>
Date: Mon, 20 Jul 2009 09:57:13 -0400
Subject: [PATCH 1/3] improved robustness
* ntreg.c (fmyinput): Don't clobber ibuf[-1] upon NUL input.
---
ntreg.c | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/ntreg.c b/ntreg.c
index e27a5b9..1b84410 100644
--- a/ntreg.c
+++ b/ntreg.c
@@ -82,14 +82,16 @@ char *str_dup( const char *str )
int fmyinput(char *prmpt, char *ibuf, int maxlen)
{
-
+ int len;
printf("%s",prmpt);
fgets(ibuf,maxlen+1,stdin);
+ len = strlen(ibuf);
- ibuf[strlen(ibuf)-1] = 0;
+ if (len)
+ ibuf[len-1] = 0;
- return(strlen(ibuf));
+ return len;
}
/* Print len number of hexbytes */
--
1.6.2.5
>From b9bfb44aa1bff1f9b7badf65425f8190352966a0 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering at redhat.com>
Date: Mon, 20 Jul 2009 10:04:23 -0400
Subject: [PATCH 2/3] robustness: avoid low-memory segfault
* ntreg.c (convert_string): Don't segfault upon low memory.
---
ntreg.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/ntreg.c b/ntreg.c
index 1b84410..08f9124 100644
--- a/ntreg.c
+++ b/ntreg.c
@@ -2585,7 +2585,10 @@ char * convert_string(void *string, int len)
int i, k;
int reallen = len / 2;
char *cstring = (char *)malloc(reallen);
-
+ if (cstring == NULL) {
+ printf("FATAL! convert_string: malloc() failed! Out of memory?\n");
+ abort();
+ }
for(i = 0, k = 0; i < len; i += 2, k++)
{
cstring[k] = ((char *)string)[i];
--
1.6.2.5
>From 81ae3189a8dffcdb3db7229cbe992ed12b8d1327 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering at redhat.com>
Date: Mon, 20 Jul 2009 11:04:38 -0400
Subject: [PATCH 3/3] robustness: avoid malfunction for too-small hive file
* ntreg.c (openHive): Don't read uninitialized when file is too small.
---
ntreg.c | 8 ++++++++
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/ntreg.c b/ntreg.c
index 08f9124..be6b680 100644
--- a/ntreg.c
+++ b/ntreg.c
@@ -2847,6 +2847,14 @@ struct hive *openHive(char *filename, int mode)
return(NULL);
}
+ if (r < sizeof (*hdesc)) {
+ fprintf(stderr,
+ "file is too small; got %d bytes while expecting %d or more\n",
+ r, sizeof (*hdesc));
+ closeHive(hdesc);
+ return(NULL);
+ }
+
/* Now run through file, tallying all pages */
/* NOTE/KLUDGE: Assume first page starts at offset 0x1000 */
--
1.6.2.5
Index: chntpw.spec
===================================================================
RCS file: /cvs/pkgs/rpms/chntpw/devel/chntpw.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -p -r1.7 -r1.8
--- chntpw.spec 9 Jun 2009 11:55:18 -0000 1.7
+++ chntpw.spec 20 Jul 2009 16:07:18 -0000 1.8
@@ -1,7 +1,7 @@
Name: chntpw
# Version is taken from HISTORY.txt
Version: 0.99.6
-Release: 9%{?dist}
+Release: 10%{?dist}
Summary: Change passwords in Windows SAM files
Group: Applications/Engineering
License: GPLv2
@@ -22,6 +22,9 @@ Patch2: chntpw-080526-no-value.p
# Patch from Debian (RHBZ#504595).
Patch3: chntpw-080526-port-to-gcrypt-debian.patch
+# Patches from Jim Meyering to improve robustness of the code.
+Patch4: chntpw-080526-robustness.patch
+
%description
This is a utility to (re)set the password of any user that has a valid
@@ -45,6 +48,7 @@ mv WinReg.txt.eol WinReg.txt
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
%build
@@ -76,6 +80,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Mon Jul 20 2009 Richard W.M. Jones <rjones at redhat.com> - 0.99.6-10
+- Three patches from Jim Meyering aiming to improve the general
+ robustness of the code.
+
* Mon Jun 8 2009 Richard W.M. Jones <rjones at redhat.com> - 0.99.6-9
- Compile against libgcrypt instead of OpenSSL (RHBZ#504595).
- Compile as a 64 bit native binary on 64 bit platforms.
- Previous message (by thread): rpms/sos/F-10 .cvsignore,1.4,1.5 sources,1.7,1.8
- Next message (by thread): rpms/kaya/devel kaya-0.5.2-conf.patch, NONE, 1.1 kaya.spec, 1.6, 1.7 kaya-0.5.1-ghc.patch, 1.1, NONE kaya-0.5.1-tst.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list