Control: tags 970066 + patch Control: tags 970066 + pending
Dear maintainer, I've prepared an NMU for atftp (versioned as 0.7.git20120829-3.2) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer. Regards, Salvatore
diff -u atftp-0.7.git20120829/debian/changelog atftp-0.7.git20120829/debian/changelog --- atftp-0.7.git20120829/debian/changelog +++ atftp-0.7.git20120829/debian/changelog @@ -1,3 +1,10 @@ +atftp (0.7.git20120829-3.2) unstable; urgency=medium + + * Non-maintainer upload. + * Fix for DoS issue CVE-2020-6097 (Closes: #970066) + + -- Salvatore Bonaccorso <car...@debian.org> Sun, 27 Dec 2020 21:28:40 +0100 + atftp (0.7.git20120829-3.1) unstable; urgency=high * Non-maintainer upload. diff -u atftp-0.7.git20120829/tftp_def.c atftp-0.7.git20120829/tftp_def.c --- atftp-0.7.git20120829/tftp_def.c +++ atftp-0.7.git20120829/tftp_def.c @@ -180,6 +180,15 @@ return OK; } +int +sockaddr_family_supported(const struct sockaddr_storage *ss) +{ + if (ss->ss_family == AF_INET || ss->ss_family == AF_INET6) + return 1; + else + return 0; +} + char * sockaddr_print_addr(const struct sockaddr_storage *ss, char *buf, size_t len) { @@ -189,7 +198,7 @@ else if (ss->ss_family == AF_INET6) addr = &((const struct sockaddr_in6 *)ss)->sin6_addr; else - assert(!"sockaddr_print: unsupported address family"); + return "sockaddr_print: unsupported address family"; return (char *)inet_ntop(ss->ss_family, addr, buf, len); } diff -u atftp-0.7.git20120829/tftp_def.h atftp-0.7.git20120829/tftp_def.h --- atftp-0.7.git20120829/tftp_def.h +++ atftp-0.7.git20120829/tftp_def.h @@ -54,6 +54,7 @@ inline char *Strncpy(char *to, const char *from, size_t size); int Gethostbyname(char *addr, struct hostent *host); +int sockaddr_family_supported(const struct sockaddr_storage *ss); char *sockaddr_print_addr(const struct sockaddr_storage *, char *, size_t); #define SOCKADDR_PRINT_ADDR_LEN INET6_ADDRSTRLEN uint16_t sockaddr_get_port(const struct sockaddr_storage *); diff -u atftp-0.7.git20120829/tftpd.c atftp-0.7.git20120829/tftpd.c --- atftp-0.7.git20120829/tftpd.c +++ atftp-0.7.git20120829/tftpd.c @@ -644,6 +644,11 @@ } #ifdef HAVE_WRAP + if (!abort && !sockaddr_family_supported(&data->client_info->client)) + { + logger(LOG_ERR, "Connection from unsupported network address family refused"); + abort = 1; + } if (!abort) { /* Verify the client has access. We don't look for the name but diff -u atftp-0.7.git20120829/tftpd_mtftp.c atftp-0.7.git20120829/tftpd_mtftp.c --- atftp-0.7.git20120829/tftpd_mtftp.c +++ atftp-0.7.git20120829/tftpd_mtftp.c @@ -393,6 +393,11 @@ &data_size, data->data_buffer); #ifdef HAVE_WRAP + if (!sockaddr_family_supported(&sa)) + { + logger(LOG_ERR, "mtftp: Connection from unsupported network address family refused"); + continue; + } /* Verify the client has access. We don't look for the name but rely only on the IP address for that. */ sockaddr_print_addr(&sa, addr_str, sizeof(addr_str));