Your message dated Wed, 06 Jan 2016 15:57:40 +0000 with message-id <[email protected]> and subject line Bug#808803: fixed in vsftpd 3.0.3-2 has caused the Debian Bug report #808803, regarding vsftpd: Filename pattern filter as used by deny_file can only match existing files to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 808803: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808803 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Source: vsftpd Severity: normal Tags: patch Dear Maintainer, unlike the shell command realpath(1), the library call realpath(3) is not specified to canonize not yet existing paths. It will rather return an ENOENT error code if a filename does not exist. The library call realpath(3) is used by the original implemenation of the function vsf_filename_passes_filter[ls.c:258]. This function backs the access checkers implemented in access.c. As a non-existing file cannot be matched in the original implementation, the deny_file option becomes ineffective for uploading fresh files. For instance: even though deny_file=*.doc, an example.doc may initially be uploaded. On the other hand, it may not be updated once the file actually exists. The appended patch implements a more intuitive behavior. It provides a custom wrapper for the realpath(3) library call, which also tries to canonize the isolated directory part of a non-existing path. If this step is successful, a canonized path with the original basename is constructed. Otherwise, the match, indeed, fails. The provided patch: - implements the custom wrapper for realpath(3), and -> sysutil.h, sysutil.c - uses this wrapper in vsf_filename_passes_filter. -> ls.c Note that the implemented vsf_sysutil_realpath() wrapper function allows to turn off the directory-based canonization by deasserting the parameter may_be_fresh. Ultimately, this feature may be used for an optimized handling of calls from access checkers as vsf_access_check_file_visible(), which would never create a fresh file anyhow. ------------------------------------------------------------------------------- Description: realpath wrapper to match not yet existing files in deny_file and others Author: Thomas B. Preußer <[email protected]> Last-Update: 2015-12-23 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ =================================================================== Index: ls.c sysutil.h sysutil.c --- vsftpd.orig/ls.c +++ vsftpd/ls.c @@ -255,7 +255,7 @@ /* normalize filepath */ path = str_strdup(p_filename_str); - normname = realpath(path, NULL); + normname = vsf_sysutil_realpath(path, 1); if (normname == NULL) goto out; str_alloc_text(&normalize_filename_str, normname); --- vsftpd.orig/sysutil.c +++ vsftpd/sysutil.c @@ -988,6 +988,51 @@ return rename(p_from, p_to); } +char* +vsf_sysutil_realpath(char const *path, int may_be_fresh) +{ + { /* existing paths must resolve right away */ + char *const resolved = realpath(path, NULL); + if ((resolved != NULL) || (errno != ENOENT) || !may_be_fresh) + { + return resolved; + } + } + + { /* try to resolve directory part */ + char const *filename = strrchr(path, '/'); + char const *resolved_dir; + if(filename == NULL) + { + filename = path; + resolved_dir = realpath(".", NULL); + } + else + { + char const *original_dir; + filename++; + original_dir = strndup(path, filename-path); + resolved_dir = realpath(original_dir, NULL); + free((void*)original_dir); + } + if(resolved_dir == NULL) return NULL; + + /* compose path from resolved directory and filename */ + size_t dir_len = strlen(resolved_dir); + char *resolved; + + /* empty root as slash is added anyways */ + if (dir_len == 1) dir_len == 0; + + resolved = (char*)malloc(dir_len+strlen(filename)+2); + strcpy(resolved, resolved_dir); + free((void*)resolved_dir); + resolved[dir_len] = '/'; + strcpy(resolved+dir_len+1, filename); + return resolved; + } +} + struct vsf_sysutil_dir* vsf_sysutil_opendir(const char* p_dirname) { --- vsftpd.orig/sysutil.h +++ vsftpd/sysutil.h @@ -66,6 +66,7 @@ int vsf_sysutil_rmdir(const char* p_dirname); int vsf_sysutil_chdir(const char* p_dirname); int vsf_sysutil_rename(const char* p_from, const char* p_to); +char* vsf_sysutil_realpath(char const *path, int may_be_fresh); struct vsf_sysutil_dir; struct vsf_sysutil_dir* vsf_sysutil_opendir(const char* p_dirname);
--- End Message ---
--- Begin Message ---Source: vsftpd Source-Version: 3.0.3-2 We believe that the bug you reported is fixed in the latest version of vsftpd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jörg Frings-Fürst <[email protected]> (supplier of updated vsftpd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 25 Dec 2015 19:11:50 +0100 Source: vsftpd Binary: vsftpd vsftpd-dbg Architecture: source amd64 Version: 3.0.3-2 Distribution: unstable Urgency: medium Maintainer: John Paul Adrian Glaubitz <[email protected]> Changed-By: Jörg Frings-Fürst <[email protected]> Description: vsftpd - lightweight, efficient FTP server written for security vsftpd-dbg - lightweight, efficient FTP server written for security (debug) Closes: 804777 808595 808803 Changes: vsftpd (3.0.3-2) unstable; urgency=medium . * Improve UTF-8 support: - Merge debian/patches/0025-unconditional_utf8_report.patch into debian/patches/0007-utf8.patch. - debian/patches/0007-utf8.patch: + Add comment to utf8_filesystem option in vsftpd.conf (Closes: #804777). - Refresh debian/patches/0014-ssl-cert.patch. * New debian/patches/0065-upload_download_filename_pattern.patch: - Restrict upload and download of files with certain name patterns (Closes: #808595). Thanks to Thomas B. Preußer <[email protected]>. * New debian/patches/0070-realpath_wrapper.patch: - Filename pattern filter as used by deny_file can only match existing files (Closes: #808803). Thanks to Thomas B. Preußer <[email protected]>. * Add ftp to Depends in debian/tests/control to fix autopkgtest errors. Checksums-Sha1: 4355e72e682d7981ec71e17c6bc11f9d9722bee9 1953 vsftpd_3.0.3-2.dsc e78ed7c4e42df91d5aaa965708912558043aad65 34448 vsftpd_3.0.3-2.debian.tar.xz 44db9074de752ce39773a588e56024a3bc673a74 221668 vsftpd-dbg_3.0.3-2_amd64.deb 4e963c75e7ffcc79d13397e1dd61623ae21acf37 151542 vsftpd_3.0.3-2_amd64.deb Checksums-Sha256: 0e815925ad56ead4191edf4dd35c5758c2855b8efafc8438bba0b195d5336fea 1953 vsftpd_3.0.3-2.dsc d75241c76da01890de3d38b8f7e63b5dfcc226180ca4520e1d5f72c1c206c2c6 34448 vsftpd_3.0.3-2.debian.tar.xz 37841a045270bae0a8527f5a00440f6b3977d6e47a6fb58501fc82c26a198456 221668 vsftpd-dbg_3.0.3-2_amd64.deb 009494cecd2033282bc2e21ec76f7e9b8789cd874a0a6643628a96f4cffeaa44 151542 vsftpd_3.0.3-2_amd64.deb Files: 2e7892929034f2e4f61681edf5d204b9 1953 net extra vsftpd_3.0.3-2.dsc 536722db60d35131d696c13d82cb8f11 34448 net extra vsftpd_3.0.3-2.debian.tar.xz b0a13a6e4230598598de164de7790763 221668 debug extra vsftpd-dbg_3.0.3-2_amd64.deb 42443ca0471b27c18516c6a7bf2be789 151542 net extra vsftpd_3.0.3-2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWjRutAAoJEHQmOzf1tfkTOuwQALDn6WqLXfu+hH+3hfIxA7e6 8dw1Qaij7q8TlP10/DEFtUEeoNt0f1KM3mCG3176JZv77z9C4dzioR8N5zGVtpvx NmpkRJD2jEglS0ON4H3ypmNmQIoiGsziNym9R472DiL5yvkI8OjVtuboVgzIla5Z WG4UHpXQMHZBqfNLWnoxJwbzBx4AMAzLZodm3vEZL/bvPZEJZWxoRxkI9VBAEjx8 1KsFVBEKw/Vyo7QhMFIAh3ipOE8a1Aln7O/AOmKxVWouU2eKALp2c6vwOScNAvLD 5Dr9ntw122u5EmK0ox3WBnOhKhPdCAmLmekl2GcSo5axakt9i0gOzEtENlrQUrMK CHj17tLczf8vAxrLuLcwYLNnINTP5t0Y7wuON+SkMiCVbHPP3huow8CeLsYW6TWr F9FLjmXo7bElWbEjudSfsvtIeyzMBYPkku8bv0LScgGBaDUjgsqDH9+b4acmlZNj wyntIrVEC0RuptqIRQesttE+F7oe4aIU3k/PGEVsIza2m1eV89CarEcD5HQ21Ix+ QeiO6ASOR1RKmKs6p9DcoigRN7Ci0VAEFLzW9DyZW5yHIlPOYlQwTnm1iVwGkEv5 tz8WHEF92Ods5X+WhesVqoaoxXoUvaCkSgRJECmEIsQ16YOUdUBLQeG+jntd3l9y WFzxLo225mTjJJK/oohK =Nsqo -----END PGP SIGNATURE-----
--- End Message ---
