add patch for krb5_aname_to_localname buffer overflow irt #52744

author: Jon Hood <squinky86@gentoo.org> 2004-06-15 21:38:28 +0000
committer: Jon Hood <squinky86@gentoo.org> 2004-06-15 21:38:28 +0000
commit: c919faa9a990a16c6d97ef41e4654b136426a8df (patch)
tree: 4ee303351e3f55b6ae2dfd9ce806dee19d43241a /app-crypt
parent: Version bump for a security vulnerability; please see bug #53915 for more det... (diff)
download: gentoo-2-c919faa9a990a16c6d97ef41e4654b136426a8df.tar.gz
gentoo-2-c919faa9a990a16c6d97ef41e4654b136426a8df.tar.bz2
gentoo-2-c919faa9a990a16c6d97ef41e4654b136426a8df.zip
5 files changed, 437 insertions, 10 deletions
diff --git a/app-crypt/mit-krb5/ChangeLog b/app-crypt/mit-krb5/ChangeLog
index 6d4e0cef33f5..b62a91251aa1 100644
--- a/app-crypt/mit-krb5/ChangeLog
+++ b/app-crypt/mit-krb5/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for app-crypt/mit-krb5
 # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/ChangeLog,v 1.23 2004/06/13 04:09:03 tgall Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/ChangeLog,v 1.24 2004/06/15 21:38:28 squinky86 Exp $
+
+*mit-krb5-1.3.3-r1 (15 Jun 2004)
+
+  15 Jun 2004; Jon Hood <squinky86@gentoo.org>
+  +files/mit-krb5-1.3.3-aname.patch, +mit-krb5-1.3.3-r1.ebuild:
+  fix krb5_aname_to_localname buffer overflow irt #52744
 
   12 Jun 2004; Tom Gall <tgall@gentoo.org> mit-krb5-1.3.3.ebuild:
   ppc64 stable, bug #53766
diff --git a/app-crypt/mit-krb5/Manifest b/app-crypt/mit-krb5/Manifest
index 91e793ebfcc7..74d0d2106052 100644
--- a/app-crypt/mit-krb5/Manifest
+++ b/app-crypt/mit-krb5/Manifest
@@ -1,16 +1,19 @@
-MD5 2ba5b2fa23b19c07f27dba721c181534 ChangeLog 5083
-MD5 e5573e25f19694fc8ccaaced2dd576f4 metadata.xml 353
 MD5 8c8e34ea34c6ec9691c020a1d345b780 mit-krb5-1.3.1-r1.ebuild 4211
 MD5 a761e69373abd72644ffe6acb1fb0a4d mit-krb5-1.3.1.ebuild 4185
 MD5 ef08d9f8323acf6ee63b61e661797a61 mit-krb5-1.3.3.ebuild 4228
-MD5 2c4ba0f8f9513fb2f285a9224f063ad8 files/digest-mit-krb5-1.3.1 63
-MD5 2c4ba0f8f9513fb2f285a9224f063ad8 files/digest-mit-krb5-1.3.1-r1 63
-MD5 596ab1238ca3a14926eb5fd3947ab4ce files/digest-mit-krb5-1.3.3 60
-MD5 186bd4cbeff944079f44105d4c962c80 files/kdc.conf 438
-MD5 fbb2a86038ab98ca0c7493ad9d55ace9 files/krb5.conf 541
+MD5 08d022d3cd84cc14fb9c7e8af7594359 mit-krb5-1.3.3-r1.ebuild 4268
+MD5 2ba5b2fa23b19c07f27dba721c181534 ChangeLog 5083
+MD5 e5573e25f19694fc8ccaaced2dd576f4 metadata.xml 353
 MD5 c451148d1b3e182a19a8f9084d0b55b8 files/krb5.confd 233
 MD5 d7dcbbab51ce1849c77c083b8d363c15 files/krb5.initd 1486
-MD5 1a722b032004738cd34e3ed16b8c75ca files/mit-krb5-1.3.1-res_search.patch 8486
+MD5 fbb2a86038ab98ca0c7493ad9d55ace9 files/krb5.conf 541
 MD5 1a722b032004738cd34e3ed16b8c75ca files/mit-krb5-1.3.3-res_search.patch 8486
-MD5 61a61d22565605924a06789f9da352bf files/mit-krb5kadmind.initd 687
+MD5 186bd4cbeff944079f44105d4c962c80 files/kdc.conf 438
+MD5 1a722b032004738cd34e3ed16b8c75ca files/mit-krb5-1.3.1-res_search.patch 8486
+MD5 2c4ba0f8f9513fb2f285a9224f063ad8 files/digest-mit-krb5-1.3.1-r1 63
+MD5 596ab1238ca3a14926eb5fd3947ab4ce files/digest-mit-krb5-1.3.3-r1 60
 MD5 c214030264300e2d84375d23d7c1f892 files/mit-krb5kdc.initd 656
+MD5 2c4ba0f8f9513fb2f285a9224f063ad8 files/digest-mit-krb5-1.3.1 63
+MD5 596ab1238ca3a14926eb5fd3947ab4ce files/digest-mit-krb5-1.3.3 60
+MD5 a76969580caa87329b1758711499ca61 files/mit-krb5-1.3.3-aname.patch 6329
+MD5 61a61d22565605924a06789f9da352bf files/mit-krb5kadmind.initd 687
diff --git a/app-crypt/mit-krb5/files/digest-mit-krb5-1.3.3-r1 b/app-crypt/mit-krb5/files/digest-mit-krb5-1.3.3-r1
new file mode 100644
index 000000000000..f75db9c04964
--- /dev/null
+++ b/app-crypt/mit-krb5/files/digest-mit-krb5-1.3.3-r1
@@ -0,0 +1 @@
+MD5 9c872750fce0f4ff64e0325e278ce882 krb5-1.3.3.tar 6359040
diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.3.3-aname.patch b/app-crypt/mit-krb5/files/mit-krb5-1.3.3-aname.patch
new file mode 100644
index 000000000000..8c79f76aff2a
--- /dev/null
+++ b/app-crypt/mit-krb5/files/mit-krb5-1.3.3-aname.patch
@@ -0,0 +1,252 @@
+diff -c -r5.39 an_to_ln.c
+*** an_to_ln.c	3 Sep 2002 19:29:34 -0000	5.39
+- --- an_to_ln.c	2 Jun 2004 22:04:21 -0000
+***************
+*** 270,278 ****
+   * If no regcomp() then just return the input string verbatim in the output
+   * string.
+   */
+! static void
+  do_replacement(char *regexp, char *repl, int doall, char *in, char *out)
+  {
+  #if	HAVE_REGCOMP
+      regex_t	match_exp;
+      regmatch_t	match_match;
+- --- 270,283 ----
+   * If no regcomp() then just return the input string verbatim in the output
+   * string.
+   */
+! #define use_bytes(x) \
+!     out_used += (x); \
+!     if (out_used > MAX_FORMAT_BUFFER) goto mem_err
+! 
+! static int
+  do_replacement(char *regexp, char *repl, int doall, char *in, char *out)
+  {
++     size_t out_used = 0;
+  #if	HAVE_REGCOMP
+      regex_t	match_exp;
+      regmatch_t	match_match;
+***************
+*** 287,303 ****
+  	do {
+  	    if (!regexec(&match_exp, cp, 1, &match_match, 0)) {
+  		if (match_match.rm_so) {
+  		    strncpy(op, cp, match_match.rm_so);
+  		    op += match_match.rm_so;
+  		}
+  		strncpy(op, repl, MAX_FORMAT_BUFFER - 1 - (op - out));
+  		op += strlen(op);
+  		cp += match_match.rm_eo;
+! 		if (!doall)
+  		    strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
+  		matched = 1;
+  	    }
+  	    else {
+  		strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
+  		matched = 0;
+  	    }
+- --- 292,313 ----
+  	do {
+  	    if (!regexec(&match_exp, cp, 1, &match_match, 0)) {
+  		if (match_match.rm_so) {
++ 		    use_bytes(match_match.rm_so);
+  		    strncpy(op, cp, match_match.rm_so);
+  		    op += match_match.rm_so;
+  		}
++ 		use_bytes(strlen(repl));
+  		strncpy(op, repl, MAX_FORMAT_BUFFER - 1 - (op - out));
+  		op += strlen(op);
+  		cp += match_match.rm_eo;
+! 		if (!doall) {
+! 		    use_bytes(strlen(cp));
+  		    strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
++ 		}
+  		matched = 1;
+  	    }
+  	    else {
++ 		use_bytes(strlen(cp));
+  		strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
+  		matched = 0;
+  	    }
+***************
+*** 322,338 ****
+  	    sdispl = (size_t) (loc1 - cp);
+  	    edispl = (size_t) (loc2 - cp);
+  	    if (sdispl) {
+  		strncpy(op, cp, sdispl);
+  		op += sdispl;
+  	    }
+  	    strncpy(op, repl, MAX_FORMAT_BUFFER - 1 - (op - out));
+  	    op += strlen(repl);
+  	    cp += edispl;
+! 	    if (!doall)
+  		strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
+  	    matched = 1;
+  	}
+  	else {
+  	    strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
+  	    matched = 0;
+  	}
+- --- 332,353 ----
+  	    sdispl = (size_t) (loc1 - cp);
+  	    edispl = (size_t) (loc2 - cp);
+  	    if (sdispl) {
++ 		use_bytes(sdispl);
+  		strncpy(op, cp, sdispl);
+  		op += sdispl;
+  	    }
++ 	    use_bytes(strlen(repl));
+  	    strncpy(op, repl, MAX_FORMAT_BUFFER - 1 - (op - out));
+  	    op += strlen(repl);
+  	    cp += edispl;
+! 	    if (!doall) {
+! 		use_bytes(strlen(cp));
+  		strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
++ 	    }
+  	    matched = 1;
+  	}
+  	else {
++ 	    use_bytes(strlen(cp));
+  	    strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
+  	    matched = 0;
+  	}
+***************
+*** 340,346 ****
+- --- 355,369 ----
+  #else	/* HAVE_REGEXP_H */
+      memcpy(out, in, MAX_FORMAT_BUFFER);
+  #endif	/* HAVE_REGCOMP */
++     return 1;
++  mem_err:
++ #ifdef HAVE_REGCMP
++     	regfree(&match_exp);
++ #endif
++ 	return 0;
++ 	
+  }
++ #undef use_bytes
+  
+  /*
+   * aname_replacer()	- Perform the specified substitutions on the input
+***************
+*** 412,418 ****
+  
+  		    /* Do the replacemenbt */
+  		    memset(out, '\0', MAX_FORMAT_BUFFER);
+! 		    do_replacement(rule, repl, doglobal, in, out);
+  		    free(rule);
+  		    free(repl);
+  
+- --- 435,446 ----
+  
+  		    /* Do the replacemenbt */
+  		    memset(out, '\0', MAX_FORMAT_BUFFER);
+! 		    if (!do_replacement(rule, repl, doglobal, in, out)) {
+! 			free(rule);
+! 		    free(repl);
+! 			kret = KRB5_LNAME_NOTRANS;
+! 			break;
+! 		    }
+  		    free(rule);
+  		    free(repl);
+  
+***************
+*** 459,464 ****
+- --- 487,493 ----
+      char		*fprincname;
+      char		*selstring = 0;
+      int			num_comps, compind;
++     size_t selstring_used;
+      char		*cout;
+      krb5_data		*datap;
+      char		*outstring;
+***************
+*** 479,484 ****
+- --- 508,514 ----
+  		     */
+  		    current = strchr(current, ':');
+  		    selstring = (char *) malloc(MAX_FORMAT_BUFFER);
++ 		    selstring_used = 0;
+  		    if (current && selstring) {
+  			current++;
+  			cout = selstring;
+***************
+*** 497,502 ****
+- --- 527,540 ----
+  								  aname,
+  								  compind-1))
+  				    ) {
++ 				    if ((datap->length < MAX_FORMAT_BUFFER)
++ 					&&  (selstring_used+datap->length
++ 					     < MAX_FORMAT_BUFFER)) {
++ 					selstring_used += datap->length;
++ 				    } else {
++ 					kret = ENOMEM;
++ 					goto errout;
++ 				    }
+  				    strncpy(cout,
+  					    datap->data,
+  					    (unsigned) datap->length);
+***************
+*** 527,533 ****
+  			else
+  			    kret = KRB5_CONFIG_BADFORMAT;
+  
+! 			if (kret)
+  			    free(selstring);
+  		    }
+  		}
+- --- 565,571 ----
+  			else
+  			    kret = KRB5_CONFIG_BADFORMAT;
+  
+! 			errout: if (kret)
+  			    free(selstring);
+  		    }
+  		}
+***************
+*** 643,649 ****
+      const char		*hierarchy[5];
+      char		**mapping_values;
+      int			i, nvalid;
+!     char		*cp;
+      char		*typep, *argp;
+      unsigned int        lnsize;
+  
+- --- 681,687 ----
+      const char		*hierarchy[5];
+      char		**mapping_values;
+      int			i, nvalid;
+!     char		*cp, *s;
+      char		*typep, *argp;
+      unsigned int        lnsize;
+  
+***************
+*** 677,687 ****
+  
+  		    /* Just use the last one. */
+  		    /* Trim the value. */
+! 		    cp = &mapping_values[nvalid-1]
+! 			[strlen(mapping_values[nvalid-1])];
+! 		    while (isspace((int) (*cp))) cp--;
+! 		    cp++;
+! 		    *cp = '\0';
+  
+  		    /* Copy out the value if there's enough room */
+  		    if (strlen(mapping_values[nvalid-1])+1 <= (size_t) lnsize)
+- --- 715,728 ----
+  
+  		    /* Just use the last one. */
+  		    /* Trim the value. */
+! 		    s = mapping_values[nvalid-1];
+! 		    cp = s + strlen(s);
+! 		    while (cp > s) {
+! 			cp--;
+! 			if (!isspace((int)(*cp)))
+! 			    break;
+! 			*cp = '\0';
+! 		    }
+  
+  		    /* Copy out the value if there's enough room */
+  		    if (strlen(mapping_values[nvalid-1])+1 <= (size_t) lnsize)
diff --git a/app-crypt/mit-krb5/mit-krb5-1.3.3-r1.ebuild b/app-crypt/mit-krb5/mit-krb5-1.3.3-r1.ebuild
new file mode 100644
index 000000000000..630f6d63668d
--- /dev/null
+++ b/app-crypt/mit-krb5/mit-krb5-1.3.3-r1.ebuild
@@ -0,0 +1,165 @@
+# Copyright 1999-2004 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.3.3-r1.ebuild,v 1.1 2004/06/15 21:38:28 squinky86 Exp $
+
+inherit eutils
+
+MY_P=${PN/mit-}-${PV}
+S=${WORKDIR}/${MY_P}/src
+DESCRIPTION="MIT Kerberos V"
+HOMEPAGE="http://web.mit.edu/kerberos/www/"
+SRC_URI="http://web.mit.edu/kerberos/dist/krb5/1.3/${MY_P}.tar"
+
+LICENSE="as-is"
+SLOT="0"
+KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64 ~ia64 ~s390 ~ppc64"
+IUSE="krb4 static"
+RESTRICT="nomirror"
+
+DEPEND="virtual/glibc
+	sys-devel/autoconf
+	!virtual/krb5"
+RDEPEND="virtual/glibc
+	!virtual/krb5"
+PROVIDE="virtual/krb5"
+
+src_unpack() {
+	unpack ${A}
+	tar -zxf ${MY_P}.tar.gz
+	cd ${S}
+	epatch ${FILESDIR}/${P}-res_search.patch
+	cd ${S}/lib/krb5/os
+	epatch ${FILESDIR}/${P}-aname.patch
+	cd ${S}
+}
+
+src_compile() {
+	ebegin "Updating configure"
+		autoconf
+		cd ${S}/util/et
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/util/ss
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/util/profile
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/util/pty
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/util/db2
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/include
+		WANT_AUTOCONF=2.5 autoconf -I ../
+		cd ${S}/lib/crypto
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/lib/krb5
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/lib/des425
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/lib/kdb
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/lib/gssapi
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/lib/rpc
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/lib/rpc/unit-test
+		WANT_AUTOCONF=2.5 autoconf -I ../../../
+		cd ${S}/lib/kadm5
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/kdc
+		WANT_AUTOCONF=2.5 autoconf -I ../
+		cd ${S}/kadmin
+		WANT_AUTOCONF=2.5 autoconf -I ../
+		cd ${S}/slave
+		WANT_AUTOCONF=2.5 autoconf -I ../
+		cd ${S}/clients
+		WANT_AUTOCONF=2.5 autoconf -I ../
+		cd ${S}/appl
+		WANT_AUTOCONF=2.5 autoconf -I ../
+		cd ${S}/appl/bsd
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/appl/gssftp
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/appl/telnet
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/appl/telnet/libtelnet
+		WANT_AUTOCONF=2.5 autoconf -I ../../../
+		cd ${S}/appl/telnet/telnet
+		WANT_AUTOCONF=2.5 autoconf -I ../../../
+		cd ${S}/appl/telnet/telnetd
+		WANT_AUTOCONF=2.5 autoconf -I ../../../
+		cd ${S}/tests
+		WANT_AUTOCONF=2.5 autoconf -I ../
+		cd ${S}/lib/krb4
+		WANT_AUTOCONF=2.5 autoconf -I ../../
+		cd ${S}/krb524
+		WANT_AUTOCONF=2.5 autoconf -I ../
+		cd ${S}
+	eend $?
+
+	local myconf
+
+	use krb4 && myconf="${myconf} --with-krb4 --enable-krb4" \
+		|| myconf="${myconf} --without-krb4 --disable-krb4"
+
+	use static && myconf="${myconf} --disable-shared --enable-static" \
+		|| myconf="${myconf} --enable-shared --disable-static"
+
+	CFLAGS=`echo ${CFLAGS} | xargs`
+	CXXFLAGS=`echo ${CXXFLAGS} | xargs`
+	LDFLAGS=`echo ${LDFLAGS} | xargs`
+
+	CFLAGS="${CFLAGS}" \
+	CXXFLAGS="${CXXFLAGS}" \
+	LDFLAGS="${LDFLAGS}" \
+	econf \
+		--mandir=/usr/share/man \
+		--localstatedir=/etc \
+		--host=${CHOST} \
+		--prefix=/usr \
+		--enable-dns \
+		${myconf} || die
+
+	if [ "${ARCH}" = "hppa" ]
+	then
+		einfo "Fixating Makefiles ..."
+		for i in `find ${S} -name Makefile`; \
+		do cp $i $i.old; sed -e 's/LDCOMBINE=ld -shared -h lib/LDCOMBINE=gcc -shared -h lib/' $i.old > $i; done
+	fi
+
+	make || die
+}
+
+src_install() {
+	make DESTDIR=${D} install || die
+
+	cd ..
+	dodoc README
+	dohtml doc/*.html
+
+	# Begin client rename and install
+	for i in {telnetd,ftpd}
+	do
+		mv ${D}/usr/share/man/man8/${i}.8 ${D}/usr/share/man/man8/k${i}.8
+		mv ${D}/usr/sbin/${i} ${D}/usr/sbin/k${i}
+	done
+	for i in {rcp,rsh,telnet,ftp,rlogin}
+	do
+		mv ${D}/usr/share/man/man1/${i}.1 ${D}/usr/share/man/man1/k${i}.1
+		mv ${D}/usr/bin/${i} ${D}/usr/bin/k${i}
+	done
+
+	insinto /etc
+		newins ${FILESDIR}/krb5.conf krb5.conf
+	insinto /etc/krb5kdc
+		newins ${FILESDIR}/kdc.conf kdc.conf
+	exeinto /etc/init.d
+		newexe ${FILESDIR}/mit-krb5kadmind.initd mit-krb5kadmind
+		newexe ${FILESDIR}/mit-krb5kdc.initd mit-krb5kdc
+}
+
+pkg_postinst() {
+	einfo "See /usr/share/doc/${PF}/html/admin.html for documentation."
+	echo ""
+	einfo "The client apps are installed with the k prefix"
+	einfo "(ie. kftp, kftpd, ktelnet, ktelnetd, etc...)"
+	echo ""
+}
author	Jon Hood <squinky86@gentoo.org>	2004-06-15 21:38:28 +0000
committer	Jon Hood <squinky86@gentoo.org>	2004-06-15 21:38:28 +0000
commit	c919faa9a990a16c6d97ef41e4654b136426a8df (patch)
tree	4ee303351e3f55b6ae2dfd9ce806dee19d43241a /app-crypt
parent	Version bump for a security vulnerability; please see bug #53915 for more det... (diff)
download	gentoo-2-c919faa9a990a16c6d97ef41e4654b136426a8df.tar.gz gentoo-2-c919faa9a990a16c6d97ef41e4654b136426a8df.tar.bz2 gentoo-2-c919faa9a990a16c6d97ef41e4654b136426a8df.zip