Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Hi release-team, please unblock package nfs-utils. I've NMUed the package to fix #895381: [ Micha Lenk ] * [abaa2ab] handle_gssd_upcall: Fix failure to find uid in upcall string 'mech=krb5' by adding the suggested upstream commits as debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch and debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch. rpc.gssd: WARNING: handle_gssd_upcall: failed to find uid in upcall string 'mech=krb5' (Closes: #895381) Diff is attached. unblock nfs-utils/1:1.3.4-2.5 Thanks, Bernd -- Bernd Zeimetz Debian GNU/Linux Developer http://bzed.de http://www.debian.org GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F
diff --git a/debian/changelog b/debian/changelog index bd57693..f341ef5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +nfs-utils (1:1.3.4-2.5) unstable; urgency=medium + + * Non-maintainer upload. + + [ Micha Lenk ] + * [abaa2ab] handle_gssd_upcall: Fix failure to find uid in upcall string 'mech=krb5' + by adding the suggested upstream commits as + debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch and + debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch. + rpc.gssd: WARNING: handle_gssd_upcall: failed to find uid in upcall string 'mech=krb5' + (Closes: #895381) + + -- Bernd Zeimetz <b...@debian.org> Sat, 06 Apr 2019 18:30:39 +0200 + nfs-utils (1:1.3.4-2.4) unstable; urgency=medium [ Laurent Bigonville ] diff --git a/debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch b/debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch new file mode 100644 index 0000000..ee0c376 --- /dev/null +++ b/debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch @@ -0,0 +1,41 @@ +From: Frank Sorenson <soren...@redhat.com> +Date: Wed, 15 Feb 2017 10:36:47 -0500 +Subject: gssd: replace non-thread-safe strtok with strsep + +gssd uses the non-thread-safe strtok() function, which +can lead to incorrect program behavior. + +Replace strtok() with the thread-safe strsep(). + +Signed-off-by: Frank Sorenson <soren...@redhat.com> +Signed-off-by: Steve Dickson <ste...@redhat.com> + +Origin: upstream, http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=5ae8be8 +Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1419280 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895381 +Last-Update: 2019-04-05 + +--- + utils/gssd/gssd_proc.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c +index d74d3724..30c6aceb 100644 +--- a/utils/gssd/gssd_proc.c ++++ b/utils/gssd/gssd_proc.c +@@ -729,10 +729,11 @@ handle_gssd_upcall(struct clnt_upcall_info *info) + char *target = NULL; + char *service = NULL; + char *enctypes = NULL; ++ char *pbuf = info->lbuf; + + printerr(2, "\n%s: '%s' (%s)\n", __func__, info->lbuf, clp->relpath); + +- for (p = strtok(info->lbuf, " "); p; p = strtok(NULL, " ")) { ++ while ((p = strsep(&pbuf, " "))) { + if (!strncmp(p, "mech=", strlen("mech="))) + mech = p + strlen("mech="); + else if (!strncmp(p, "uid=", strlen("uid="))) +-- +2.20.1 + diff --git a/debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch b/debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch new file mode 100644 index 0000000..fa42430 --- /dev/null +++ b/debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch @@ -0,0 +1,92 @@ +From: Frank Sorenson <soren...@redhat.com> +Date: Wed, 15 Feb 2017 10:38:53 -0500 +Subject: gssd: Duplicate the upcall string for error messages + +strsep() modifies the input string, so error messages +may output only part of the upcall string. + +Make a copy of the upcall string, and use that in any +error messages. + +Signed-off-by: Frank Sorenson <soren...@redhat.com> +Signed-off-by: Steve Dickson <ste...@redhat.com> + +Origin: upstream, http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=0a4f5e4 +Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1419280 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895381 +Last-Update: 2019-04-05 + +--- + utils/gssd/gssd_proc.c | 17 +++++++++++++---- + 1 file changed, 13 insertions(+), 4 deletions(-) + +diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c +index 30c6aceb..4fc81c30 100644 +--- a/utils/gssd/gssd_proc.c ++++ b/utils/gssd/gssd_proc.c +@@ -729,10 +729,17 @@ handle_gssd_upcall(struct clnt_upcall_info *info) + char *target = NULL; + char *service = NULL; + char *enctypes = NULL; ++ char *upcall_str; + char *pbuf = info->lbuf; + + printerr(2, "\n%s: '%s' (%s)\n", __func__, info->lbuf, clp->relpath); + ++ upcall_str = strdup(info->lbuf); ++ if (upcall_str == NULL) { ++ printerr(0, "ERROR: malloc failure\n"); ++ goto out_nomem; ++ } ++ + while ((p = strsep(&pbuf, " "))) { + if (!strncmp(p, "mech=", strlen("mech="))) + mech = p + strlen("mech="); +@@ -749,7 +756,7 @@ handle_gssd_upcall(struct clnt_upcall_info *info) + if (!mech || strlen(mech) < 1) { + printerr(0, "WARNING: handle_gssd_upcall: " + "failed to find gss mechanism name " +- "in upcall string '%s'\n", info->lbuf); ++ "in upcall string '%s'\n", upcall_str); + goto out; + } + +@@ -762,7 +769,7 @@ handle_gssd_upcall(struct clnt_upcall_info *info) + if (!uidstr) { + printerr(0, "WARNING: handle_gssd_upcall: " + "failed to find uid " +- "in upcall string '%s'\n", info->lbuf); ++ "in upcall string '%s'\n", upcall_str); + goto out; + } + +@@ -775,7 +782,7 @@ handle_gssd_upcall(struct clnt_upcall_info *info) + if (target && strlen(target) < 1) { + printerr(0, "WARNING: handle_gssd_upcall: " + "failed to parse target name " +- "in upcall string '%s'\n", info->lbuf); ++ "in upcall string '%s'\n", upcall_str); + goto out; + } + +@@ -790,7 +797,7 @@ handle_gssd_upcall(struct clnt_upcall_info *info) + if (service && strlen(service) < 1) { + printerr(0, "WARNING: handle_gssd_upcall: " + "failed to parse service type " +- "in upcall string '%s'\n", info->lbuf); ++ "in upcall string '%s'\n", upcall_str); + goto out; + } + +@@ -803,6 +810,8 @@ handle_gssd_upcall(struct clnt_upcall_info *info) + do_error_downcall(clp->gssd_fd, uid, -EACCES); + } + out: ++ free(upcall_str); ++out_nomem: + free(info); + return; + } +-- +2.20.1 + diff --git a/debian/patches/series b/debian/patches/series index b1be644..4dbffa9 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -13,3 +13,5 @@ unbreak-gssd-rpc_pipefs-run.patch 0001-rpc.c-added-include-file-so-UINT16_MAX-is-defined.patch 30-remove-whitespace-service.patch fix-glibc2.28-ftbfs.patch +0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch +0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch