Date: Tuesday, January 9, 2018 @ 20:16:44
Author: jelle
Revision: 314302
FS#56979
Fix segfault in http_MakeMessage
Added:
libupnp/trunk/segfault_http_makemessage.patch
Modified:
libupnp/trunk/PKGBUILD
---------------------------------+
PKGBUILD | 13 ++++++++--
segfault_http_makemessage.patch | 45 ++++++++++++++++++++++++++++++++++++++
2 files changed, 55 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2018-01-09 18:32:26 UTC (rev 314301)
+++ PKGBUILD 2018-01-09 20:16:44 UTC (rev 314302)
@@ -4,7 +4,7 @@
pkgname=libupnp
pkgver=1.6.24
-pkgrel=1
+pkgrel=2
pkgdesc="Portable Open Source UPnP Development Kit"
arch=('x86_64')
url="http://pupnp.sourceforge.net/";
@@ -11,9 +11,16 @@
license=('BSD')
depends=('glibc')
makedepends=('pkgconfig')
-source=("http://downloads.sourceforge.net/sourceforge/pupnp/${pkgname}-${pkgver}.tar.bz2";)
-md5sums=('c5f4a3b674741d85ef29258841ccd540')
+source=("http://downloads.sourceforge.net/sourceforge/pupnp/${pkgname}-${pkgver}.tar.bz2";
+ "segfault_http_makemessage.patch")
+md5sums=('c5f4a3b674741d85ef29258841ccd540'
+ 'b5ab030107cadfb307dc1b809b7a5fe3')
+prepare() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -Np1 -i $srcdir/segfault_http_makemessage.patch
+}
+
build() {
cd "${srcdir}/${pkgname}-${pkgver}"
Added: segfault_http_makemessage.patch
===================================================================
--- segfault_http_makemessage.patch (rev 0)
+++ segfault_http_makemessage.patch 2018-01-09 20:16:44 UTC (rev 314302)
@@ -0,0 +1,45 @@
+From 70e3d626378e12ea50d76dfda50311c8bb4a2a78 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=B6rg=20Krause?= <joerg.krause@embedded.rocks>
+Date: Tue, 5 Dec 2017 11:29:44 +0100
+Subject: [PATCH] Fix segmentation fault in http_MakeMessage
+
+When upmpdcli is linked with libupnp 1.6.24 it fails with an
+segmentation fault, but linking with libupnp worked just fine.
+
+git bisect shows that commit 9c2e8ec8a0291ebe81959009e2f78edbdb47ced5 is
+the bad one as the variable `extras` is not properly checked before
+attempting to used it as a pointer.
+
+Asure `extras` is not Null before using it.
+---
+ upnp/src/genlib/net/http/httpreadwrite.c | 16 +++++++++-------
+ 1 file changed, 9 insertions(+), 7 deletions(-)
+
+diff --git a/upnp/src/genlib/net/http/httpreadwrite.c
b/upnp/src/genlib/net/http/httpreadwrite.c
+index 68cd4baa..57ab8051 100644
+--- a/upnp/src/genlib/net/http/httpreadwrite.c
++++ b/upnp/src/genlib/net/http/httpreadwrite.c
+@@ -1662,14 +1662,16 @@ int http_MakeMessage(membuffer *buf, int
http_major_version,
+ struct Extra_Headers *extras;
+ /* array of extra headers */
+ extras = (struct Extra_Headers *) va_arg(argp, struct
Extra_Headers *);
+- while (extras->name) {
+- if (extras->resp) {
+- if (membuffer_append(buf, extras->resp,
strlen(extras->resp)))
+- goto error_handler;
+- if (membuffer_append(buf, "\r\n",
(size_t)2))
+- goto error_handler;
++ if (extras) {
++ while (extras->name) {
++ if (extras->resp) {
++ if (membuffer_append(buf,
extras->resp, strlen(extras->resp)))
++ goto error_handler;
++ if (membuffer_append(buf,
"\r\n", (size_t)2))
++ goto error_handler;
++ }
++ extras++;
+ }
+- extras++;
+ }
+ }
+ if (c == 's') {
