cvs commit: patches/inetutils inetutils-1.4.2-syslogd-1.patch inetutils-1.4.2-talk-1.patch inetutils-1.4.2-telnet-1.patch inetutils-1.4.2-telnetd-1.patch inetutils-1.4.2-typos-1.patch

jim at linuxfromscratch.org jim at linuxfromscratch.org
Sun Oct 5 14:52:58 PDT 2003


jim         03/10/05 15:52:58

  Added:       inetutils inetutils-1.4.2-syslogd-1.patch
                        inetutils-1.4.2-talk-1.patch
                        inetutils-1.4.2-telnet-1.patch
                        inetutils-1.4.2-telnetd-1.patch
                        inetutils-1.4.2-typos-1.patch
  Log:
  Added: Inetutils Patches - syslogd talk telnet telnetd typos
  
  Revision  Changes    Path
  1.1                  patches/inetutils/inetutils-1.4.2-syslogd-1.patch
  
  Index: inetutils-1.4.2-syslogd-1.patch
  ===================================================================
  Submitted By: Jim Gifford (patches at jg555 dot com)
  Date: 2003-09-10
  Initial Package Version: 1.4.2
  Origin: inetutils CVS
  Description: Fixes Long Line Support
  
  diff -Naur inetutils-1.4.2.orig/syslogd/syslogd.c inetutils-1.4.2/syslogd/syslogd.c
  --- inetutils-1.4.2.orig/syslogd/syslogd.c	2002-12-11 12:38:00.000000000 +0000
  +++ inetutils-1.4.2/syslogd/syslogd.c	2003-09-10 16:35:22.000000000 +0000
  @@ -1621,6 +1621,7 @@
     size_t line_max = LINE_MAX;
     char *cbuf;
     char *cline;
  +  int cont_line = 0;
     struct servent *sp;
   
     (void) signo;  /* Ignored.  */
  @@ -1680,7 +1681,7 @@
     cbuf = malloc (line_max);
     if (cbuf == NULL)
       {
  -      /* There is no gracefull recovery here.  */
  +      /* There is no graceful recovery here.  */
         dbg_printf ("cannot allocate space for configuration\n");
         return;
       }
  @@ -1697,9 +1698,24 @@
       {
         size_t len = strlen (cline);
   
  -      /* No newline ? then line is too big for the buffer readjust.  */
  -      if (memchr (cline, '\n', len) == NULL)
  +      /* If this is a continuation line, skip leading whitespace for
  +	 compatibility with sysklogd.  Note that this requires
  +	 whitespace before the backslash in the previous line if you
  +	 want to separate the selector from the action.  */
  +      if (cont_line)
  +	{
  +	  char *start = cline;
  +	  while (*start == ' ' || *start == '\t')
  +	    start++;
  +	  len = len - (start - cline);
  +	  memmove (cline, start, len + 1);
  +	  cont_line = 0;
  +	}
  +
  +      /* No newline, so the line is too big for the buffer.  Readjust.  */
  +      if (strchr (cline, '\n') == NULL)
   	{
  +	  size_t offset = cline - cbuf;
   	  char *tmp;
   	  tmp = realloc (cbuf, line_max * 2);
   	  if (tmp == NULL)
  @@ -1712,8 +1728,7 @@
   	  else
   	    cbuf = tmp;
   	  line_max *= 2;
  -	  strcpy (cbuf, cline);
  -	  cline += len;
  +	  cline = cbuf + offset + len - 1;
   	  continue;
   	}
         else
  @@ -1738,6 +1753,7 @@
   	{
   	  *p = '\0';
   	  cline = p;
  +	  cont_line = 1;
   	  continue;
   	}
   
  
  
  
  1.1                  patches/inetutils/inetutils-1.4.2-talk-1.patch
  
  Index: inetutils-1.4.2-talk-1.patch
  ===================================================================
  Submitted By: Jim Gifford (patches at jg555 dot com)
  Date: 2003-09-10
  Initial Package Version: 1.4.2
  Origin: inetutils CVS
  Description: Allows use of 8 bit ascii
  
  diff -Naur inetutils-1.4.2.orig/talk/display.c inetutils-1.4.2/talk/display.c
  --- inetutils-1.4.2.orig/talk/display.c	2001-06-02 15:27:15.000000000 +0000
  +++ inetutils-1.4.2/talk/display.c	2003-09-10 16:38:15.000000000 +0000
  @@ -56,8 +56,7 @@
   int
   max(int a, int b)
   {
  -
  -	return (a > b ? a : b);
  +  return a > b ? a : b;
   }
   
   /*
  @@ -65,25 +64,29 @@
    * characters while we are at it.
    */
   int
  -display(register xwin_t *win, register char *text, int size)
  +display (register xwin_t * win, register unsigned char *text, int size)
   {
   	register int i;
  -	char cch;
  +  unsigned char cch;
   
  -	for (i = 0; i < size; i++) {
  -		if (*text == '\n') {
  +  for (i = 0; i < size; i++)
  +    {
  +      if (*text == '\n')
  +	{
   			xscroll(win, 0);
   			text++;
   			continue;
   		}
  -		if (*text == '\a') {
  +      if (*text == '\a')
  +	{
   			beep();
   			wrefresh(curscr);
   			text++;
   			continue;
   		}
   		/* erase character */
  -		if (*text == win->cerase) {
  +      if (*text == win->cerase)
  +	{
   			wmove(win->x_win, win->x_line, max(--win->x_col, 0));
   			getyx(win->x_win, win->x_line, win->x_col);
   			waddch(win->x_win, ' ');
  @@ -97,18 +100,21 @@
   		 * the beginning of a word or the beginning of
   		 * the line.
   		 */
  -		if (*text == win->werase) {
  +      if (*text == win->werase)
  +	{
   			int endcol, xcol, i, c;
   
   			endcol = win->x_col;
   			xcol = endcol - 1;
  -			while (xcol >= 0) {
  +	  while (xcol >= 0)
  +	    {
   				c = readwin(win->x_win, win->x_line, xcol);
   				if (c != ' ')
   					break;
   				xcol--;
   			}
  -			while (xcol >= 0) {
  +	  while (xcol >= 0)
  +	    {
   				c = readwin(win->x_win, win->x_line, xcol);
   				if (c == ' ')
   					break;
  @@ -123,31 +129,36 @@
   			continue;
   		}
   		/* line kill */
  -		if (*text == win->kill) {
  +      if (*text == win->kill)
  +	{
   			wmove(win->x_win, win->x_line, 0);
   			wclrtoeol(win->x_win);
   			getyx(win->x_win, win->x_line, win->x_col);
   			text++;
   			continue;
   		}
  -		if (*text == '\f') {
  +      if (*text == '\f')
  +	{
   			if (win == &my_win)
   				wrefresh(curscr);
   			text++;
   			continue;
   		}
  -		if (win->x_col == COLS-1) {
  +      if (win->x_col == COLS - 1)
  +	{
   			/* check for wraparound */
   			xscroll(win, 0);
   		}
  -		if (*text < ' ' && *text != '\t') {
  +      if (*text < ' ' && *text != '\t')
  +	{
   			waddch(win->x_win, '^');
   			getyx(win->x_win, win->x_line, win->x_col);
   			if (win->x_col == COLS-1) /* check for wraparound */
   				xscroll(win, 0);
   			cch = (*text & 63) + 64;
   			waddch(win->x_win, cch);
  -		} else
  +	}
  +      else
   			waddch(win->x_win, *text);
   		getyx(win->x_win, win->x_line, win->x_col);
   		text++;
  @@ -178,8 +189,8 @@
   int
   xscroll(register xwin_t *win, int flag)
   {
  -
  -	if (flag == -1) {
  +  if (flag == -1)
  +    {
   		wmove(win->x_win, 0, 0);
   		win->x_line = 0;
   		win->x_col = 0;
  
  
  
  1.1                  patches/inetutils/inetutils-1.4.2-telnet-1.patch
  
  Index: inetutils-1.4.2-telnet-1.patch
  ===================================================================
  Submitted By: Jim Gifford (patches at jg555 dot com)
  Date: 09-10-2003
  Initial Package Version: 1.4.2
  Origin: inetutils CVS
  Description: Don't set hostname to DNS canonicalized value.
  	     Attackers may control DNS and fool the Kerberos
  	     authentication code to use the wrong realm for
  	     the server, and consequently the wrong KDC for
  	     the server, which the attackers could also control.
  	     Ultimately the attacker can fool the server
  	     authentication check in the client.
  
  diff -Naur inetutils-1.4.2.orig/telnet/commands.c inetutils-1.4.2/telnet/commands.c
  --- inetutils-1.4.2.orig/telnet/commands.c	2002-06-26 03:15:06.000000000 +0000
  +++ inetutils-1.4.2/telnet/commands.c	2003-09-10 16:41:29.000000000 +0000
  @@ -2296,17 +2296,6 @@
   	    sin.sin_addr.s_addr = temp;
   	    sin.sin_family = AF_INET;
   
  -	    if (_hostname)
  -		free (_hostname);
  -	    _hostname = malloc (strlen (hostp) + 1);
  -	    if (_hostname) {
  -		strcpy (_hostname, hostp);
  -		hostname = _hostname;
  -	    } else {
  -		printf ("Can't allocate memory to copy hostname\n");
  -		setuid(getuid());
  -		return 0;
  -	    }
   	} else {
   	    host = gethostbyname(hostp);
   	    if (host) {
  @@ -2318,23 +2307,19 @@
   		memmove((caddr_t)&sin.sin_addr, host->h_addr, host->h_length);
   #endif	/* defined(h_addr) */
   
  -		if (_hostname)
  -		    free (_hostname);
  -		_hostname = malloc (strlen (host->h_name) + 1);
  -		if (_hostname) {
  -		    strcpy (_hostname, host->h_name);
  -		    hostname = _hostname;
  -		} else {
  -		    printf ("Can't allocate memory to copy hostname\n");
  -		    setuid(getuid());
  -		    return 0;
  -		}
  -	    } else {
  -		herror(hostp);
  -	        setuid(getuid());
  -		return 0;
   	    }
   	}
  +        if (_hostname)
  +		free (_hostname);
  +        _hostname = malloc (strlen (hostp) + 1);
  +        if (_hostname) {
  +		strcpy (_hostname, hostp);
  +		hostname = _hostname;
  +    	} else {
  +		printf ("Can't allocate memory to copy hostname\n");
  +		setuid(getuid());
  +		return 0;
  +    	}
   #if	defined(IP_OPTIONS) && defined(IPPROTO_IP)
       }
   #endif
  
  
  
  1.1                  patches/inetutils/inetutils-1.4.2-telnetd-1.patch
  
  Index: inetutils-1.4.2-telnetd-1.patch
  ===================================================================
  Submitted By: Jim Gifford (patches at jg555 dot com)
  Date: 09-10-2003
  Initial Package Version: 1.4.2
  Origin: inetutils-1.4.2
  Description: Change int to socklen since it's a socket call
  
  diff -Naur inetutils-1.4.2.orig/telnetd/telnetd.c inetutils-1.4.2/telnetd/telnetd.c
  --- inetutils-1.4.2.orig/telnetd/telnetd.c	2002-06-26 03:15:07.000000000 +0000
  +++ inetutils-1.4.2/telnetd/telnetd.c	2003-09-10 16:46:15.000000000 +0000
  @@ -270,12 +270,14 @@
   
   typedef unsigned int ip_addr_t; /*FIXME*/
   
  +extern char *localhost __P ((void));
  +
   void
   telnetd_setup (int fd)
   {
     struct sockaddr_in saddr;
     int true = 1;
  -  int len;
  +  socklen_t len;
     struct hostent *hp;
     char uname[256]; /*FIXME*/
     int level;
  
  
  
  1.1                  patches/inetutils/inetutils-1.4.2-typos-1.patch
  
  Index: inetutils-1.4.2-typos-1.patch
  ===================================================================
  Submitted By: Jim Gifford (patches at jg555 dot com)
  Date: 09-10-2003
  Initial Package Version: 1.4.2
  Origin: inetutils CVS
  Description: Fixes Typos dest_realm_buf should be used instead
  	     of dst_realm_buf
  
  diff -Naur inetutils-1.4.2.orig/rcp/rcp.c inetutils-1.4.2/rcp/rcp.c
  --- inetutils-1.4.2.orig/rcp/rcp.c	2002-09-02 14:14:39.000000000 +0000
  +++ inetutils-1.4.2/rcp/rcp.c	2003-09-10 16:24:35.000000000 +0000
  @@ -90,7 +90,7 @@
   # include <kerberosIV/des.h>
   # include <kerberosIV/krb.h>
   
  -char	dst_realm_buf[REALM_SZ];
  +char	dest_realm_buf[REALM_SZ];
   char	*dest_realm = NULL;
   int	use_kerberos = 1;
   CREDENTIALS 	cred;
  @@ -181,8 +181,8 @@
   
   #ifdef	KERBEROS
         case 'k':
  -	dest_realm = dst_realm_buf;
  -	strncpy(dst_realm_buf, optarg, REALM_SZ);
  +	dest_realm = dest_realm_buf;
  +	strncpy(dest_realm_buf, optarg, REALM_SZ);
   	break;
   
   #ifdef CRYPT
  diff -Naur inetutils-1.4.2.orig/rlogin/rlogin.c inetutils-1.4.2/rlogin/rlogin.c
  --- inetutils-1.4.2.orig/rlogin/rlogin.c	2002-06-26 03:15:06.000000000 +0000
  +++ inetutils-1.4.2/rlogin/rlogin.c	2003-09-10 16:27:06.000000000 +0000
  @@ -103,7 +103,7 @@
   CREDENTIALS cred;
   Key_schedule schedule;
   int use_kerberos = 1, doencrypt;
  -char dst_realm_buf[REALM_SZ], *dest_realm = NULL;
  +char dest_realm_buf[REALM_SZ], *dest_realm = NULL;
   #endif
   
   /*
  @@ -282,7 +282,7 @@
   	  strncpy (dest_realm_buf, optarg, sizeof dest_realm_buf);
   	  /* Make sure it's null termintated.  */
   	  dest_realm_buf[sizeof (dest_realm_buf) - 1] = '\0';
  -	  dest_realm = dst_realm_buf;
  +	  dest_realm = dest_realm_buf;
   	  break;
   #endif
   
  diff -Naur inetutils-1.4.2.orig/rsh/rsh.c inetutils-1.4.2/rsh/rsh.c
  --- inetutils-1.4.2.orig/rsh/rsh.c	2002-06-26 03:15:06.000000000 +0000
  +++ inetutils-1.4.2/rsh/rsh.c	2003-09-10 16:29:45.000000000 +0000
  @@ -71,13 +71,13 @@
   #endif
   
   #ifdef KERBEROS
  -# include <kerberosIV/des.h>
  -# include <kerberosIV/krb.h>
  +#include <kerberosIV/des.h>
  +#include <kerberosIV/krb.h>
   
   CREDENTIALS cred;
   Key_schedule schedule;
   int use_kerberos = 1, doencrypt;
  -char dst_realm_buf[REALM_SZ], *dest_realm;
  +char dest_realm_buf[REALM_SZ], *dest_realm;
   extern char *krb_realmofhost();
   #endif
   
  @@ -259,7 +259,7 @@
   	case 'k':
   	  strncpy (dest_realm_buf, optarg, sizeof dest_realm_buf);
   	  dest_realm_buf [REALM_SZ - 1] = '\0';
  -	  dest_realm = dst_realm_buf;
  +	  dest_realm = dest_realm_buf;
   	  break;
   
   # ifdef ENCRYPTION
  
  
  



More information about the patches mailing list