Bug#970066: atftp: diff for NMU version 0.7.git20120829-3.2

Sun, 27 Dec 2020 12:39:15 -0800 

Control: tags 970066 + patch
Control: tags 970066 + pending


Dear maintainer,

I've prepared an NMU for atftp (versioned as 0.7.git20120829-3.2) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Regards,
Salvatore

diff -u atftp-0.7.git20120829/debian/changelog atftp-0.7.git20120829/debian/changelog
--- atftp-0.7.git20120829/debian/changelog
+++ atftp-0.7.git20120829/debian/changelog
@@ -1,3 +1,10 @@
+atftp (0.7.git20120829-3.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix for DoS issue CVE-2020-6097 (Closes: #970066)
+
+ -- Salvatore Bonaccorso <car...@debian.org>  Sun, 27 Dec 2020 21:28:40 +0100
+
 atftp (0.7.git20120829-3.1) unstable; urgency=high
 
   * Non-maintainer upload.
diff -u atftp-0.7.git20120829/tftp_def.c atftp-0.7.git20120829/tftp_def.c
--- atftp-0.7.git20120829/tftp_def.c
+++ atftp-0.7.git20120829/tftp_def.c
@@ -180,6 +180,15 @@
      return OK;
 }
 
+int
+sockaddr_family_supported(const struct sockaddr_storage *ss)
+{
+     if (ss->ss_family == AF_INET || ss->ss_family == AF_INET6)
+          return 1;
+     else
+          return 0;
+}
+
 char *
 sockaddr_print_addr(const struct sockaddr_storage *ss, char *buf, size_t len)
 {
@@ -189,7 +198,7 @@
      else if (ss->ss_family == AF_INET6)
           addr = &((const struct sockaddr_in6 *)ss)->sin6_addr;
      else
-          assert(!"sockaddr_print: unsupported address family");
+          return "sockaddr_print: unsupported address family";
      return (char *)inet_ntop(ss->ss_family, addr, buf, len);
 }
 
diff -u atftp-0.7.git20120829/tftp_def.h atftp-0.7.git20120829/tftp_def.h
--- atftp-0.7.git20120829/tftp_def.h
+++ atftp-0.7.git20120829/tftp_def.h
@@ -54,6 +54,7 @@
 inline char *Strncpy(char *to, const char *from, size_t size);
 int Gethostbyname(char *addr, struct hostent *host);
 
+int sockaddr_family_supported(const struct sockaddr_storage *ss);
 char *sockaddr_print_addr(const struct sockaddr_storage *, char *, size_t);
 #define SOCKADDR_PRINT_ADDR_LEN INET6_ADDRSTRLEN
 uint16_t sockaddr_get_port(const struct sockaddr_storage *);
diff -u atftp-0.7.git20120829/tftpd.c atftp-0.7.git20120829/tftpd.c
--- atftp-0.7.git20120829/tftpd.c
+++ atftp-0.7.git20120829/tftpd.c
@@ -644,6 +644,11 @@
      }
 
 #ifdef HAVE_WRAP
+     if (!abort && !sockaddr_family_supported(&data->client_info->client))
+     {
+          logger(LOG_ERR, "Connection from unsupported network address family refused");
+          abort = 1;
+     }
      if (!abort)
      {
           /* Verify the client has access. We don't look for the name but
diff -u atftp-0.7.git20120829/tftpd_mtftp.c atftp-0.7.git20120829/tftpd_mtftp.c
--- atftp-0.7.git20120829/tftpd_mtftp.c
+++ atftp-0.7.git20120829/tftpd_mtftp.c
@@ -393,6 +393,11 @@
                                         &data_size, data->data_buffer);
 
 #ifdef HAVE_WRAP
+               if (!sockaddr_family_supported(&sa))
+               {
+                    logger(LOG_ERR, "mtftp: Connection from unsupported network address family refused");
+                    continue;
+               }
                /* Verify the client has access. We don't look for the name but
                   rely only on the IP address for that. */
                sockaddr_print_addr(&sa, addr_str, sizeof(addr_str));

Reply via email to