Package: netkit-base Version: 10.0-10.1 Followup-For: Bug #285825 Hi,
the attached patch fixes the amd64 DOS vulnerability (inetd segfaults on daytime). It also cleans up most warnings from gcc, the deprecated dh_testversion and overrides 2 lintian warnings. Attached to this bug as the segfault is the most serious bug. MfG Goswin -- System Information: Debian Release: 3.1 Architecture: amd64 (x86_64) Kernel: Linux 2.6.8-frosties-1 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
diff -Nurd netkit-base-0.10-10.1/debian/changelog netkit-base-0.10-10.2/debian/changelog --- netkit-base-0.10-10.1/debian/changelog 2005-04-29 11:48:29.690682501 +0200 +++ netkit-base-0.10-10.2/debian/changelog 2005-04-29 11:48:45.364062351 +0200 @@ -1,3 +1,15 @@ +netkit-base (0.10-10.2) unstable; urgency=low + + * Non-maintainer upload + * fixed variable types to proper typedefed names + * added cast to rlim_t format strings + * added missing header file for time() (Closes: #298601) + * removed deprecated dh_testversion + * remove dh_make boilerplate from copyright + * added lintian overrides + + -- Goswin von Brederlow <[EMAIL PROTECTED]> Fri, 29 Apr 2005 10:23:14 +0200 + netkit-base (0.10-10.1) unstable; urgency=low * Non-maintainer upload diff -Nurd netkit-base-0.10-10.1/debian/copyright netkit-base-0.10-10.2/debian/copyright --- netkit-base-0.10-10.1/debian/copyright 2005-04-29 11:48:29.693682000 +0200 +++ netkit-base-0.10-10.2/debian/copyright 2005-04-29 11:48:45.367061850 +0200 @@ -3,7 +3,7 @@ It was downloaded from ftp://ftp.uk.linux.org/pub/linux/Networking/base/ -Upstream Author(s): David A. Holland +Upstream Author: David A. Holland Copyright: diff -Nurd netkit-base-0.10-10.1/debian/dirs netkit-base-0.10-10.2/debian/dirs --- netkit-base-0.10-10.1/debian/dirs 2005-04-29 11:48:29.693682000 +0200 +++ netkit-base-0.10-10.2/debian/dirs 2005-04-29 11:48:45.364062351 +0200 @@ -5,3 +5,4 @@ usr/share/man/man1 usr/share/man/man5 usr/share/man/man8 +usr/share/lintian/overrides diff -Nurd netkit-base-0.10-10.1/debian/netkit-inetd.lintian netkit-base-0.10-10.2/debian/netkit-inetd.lintian --- netkit-base-0.10-10.1/debian/netkit-inetd.lintian 1970-01-01 01:00:00.000000000 +0100 +++ netkit-base-0.10-10.2/debian/netkit-inetd.lintian 2005-04-29 11:48:45.368061683 +0200 @@ -0,0 +1 @@ +netkit-inetd: missing-debconf-dependency diff -Nurd netkit-base-0.10-10.1/debian/netkit-ping.files netkit-base-0.10-10.2/debian/netkit-ping.files --- netkit-base-0.10-10.1/debian/netkit-ping.files 2005-04-29 11:48:29.693682000 +0200 +++ netkit-base-0.10-10.2/debian/netkit-ping.files 2005-04-29 11:48:45.367061850 +0200 @@ -1,2 +1,3 @@ bin/ping usr/share/man/man8/ping.8 +usr/share/lintian/overrides/netkit-ping diff -Nurd netkit-base-0.10-10.1/debian/netkit-ping.lintian netkit-base-0.10-10.2/debian/netkit-ping.lintian --- netkit-base-0.10-10.1/debian/netkit-ping.lintian 1970-01-01 01:00:00.000000000 +0100 +++ netkit-base-0.10-10.2/debian/netkit-ping.lintian 2005-04-29 11:48:45.368061683 +0200 @@ -0,0 +1 @@ +netkit-ping: setuid-binary bin/ping 4755 root/root diff -Nurd netkit-base-0.10-10.1/debian/rules netkit-base-0.10-10.2/debian/rules --- netkit-base-0.10-10.1/debian/rules 2005-04-29 11:48:29.693682000 +0200 +++ netkit-base-0.10-10.2/debian/rules 2005-04-29 11:48:45.368061683 +0200 @@ -52,6 +52,8 @@ rm debian/tmp/usr/share/man/man1/rpcgen.1 install -o root -g root -m 644 debian/inetd.conf.5 debian/tmp/usr/share/man/man5/inetd.conf.5 install -o root -g root -m 755 debian/inetd.init.d debian/tmp/etc/init.d/inetd + install -o root -g root -m 0644 debian/netkit-ping.lintian debian/tmp/usr/share/lintian/overrides/netkit-ping + install -o root -g root -m 0644 debian/netkit-inetd.lintian debian/tmp/usr/share/lintian/overrides/netkit-inetd dh_movefiles rmdir --ignore-fail-on-non-empty `find debian/tmp/ -type d` @@ -59,8 +61,6 @@ # Pass -i to all debhelper commands in this target to reduce clutter. binary-indep: DH_OPTIONS=-i binary-indep: build install - # Need this version of debhelper for DH_OPTIONS to work. - dh_testversion 1.1.17 dh_testdir dh_testroot # dh_installdebconf @@ -89,8 +89,6 @@ # Pass -a to all debhelper commands in this target to reduce clutter. binary-arch: DH_OPTIONS=-a binary-arch: build install - # Need this version of debhelper for DH_OPTIONS to work. - dh_testversion 1.1.17 dh_testdir dh_testroot dh_installdebconf diff -Nurd netkit-base-0.10-10.1/inetd/inetd.c netkit-base-0.10-10.2/inetd/inetd.c --- netkit-base-0.10-10.1/inetd/inetd.c 2005-04-29 11:48:29.689682668 +0200 +++ netkit-base-0.10-10.2/inetd/inetd.c 2005-04-29 11:48:45.362062686 +0200 @@ -121,6 +121,7 @@ #include <sys/wait.h> #include <sys/time.h> #include <sys/resource.h> +#include <time.h> #ifndef __linux__ #ifndef RLIMIT_NOFILE @@ -203,7 +204,7 @@ /* Reserve some descriptors, 3 stdio + at least: 1 log, 1 conf. file */ #define FD_MARGIN (8) -int rlim_ofile_cur = OPEN_MAX; +rlim_t rlim_ofile_cur = OPEN_MAX; #ifdef RLIMIT_NOFILE struct rlimit rlim_ofile; @@ -934,7 +935,7 @@ nsock++; if (sep->se_fd > maxsock) { maxsock = sep->se_fd; - if (maxsock > rlim_ofile_cur - FD_MARGIN) + if ((rlim_t)maxsock > rlim_ofile_cur - FD_MARGIN) bump_nofile(); } } @@ -943,7 +944,7 @@ register_rpc(struct servtab *sep) { #ifdef RPC - size_t m; + socklen_t m; int i; struct sockaddr_in sn; struct protoent *pp; @@ -1288,7 +1289,7 @@ static void setproctitle(char *a, int s) { - size_t size; + socklen_t size; register char *cp; struct sockaddr_in sn; char buf[80]; @@ -1332,8 +1333,8 @@ rl.rlim_cur = MIN(rl.rlim_max, rl.rlim_cur + FD_CHUNK); if (rl.rlim_cur <= rlim_ofile_cur) { syslog(LOG_ERR, - "bump_nofile: cannot extend file limit, max = %d", - rl.rlim_cur); + "bump_nofile: cannot extend file limit, max = %llu", + (unsigned long long int)rl.rlim_cur); return -1; } @@ -1378,7 +1379,7 @@ { char buffer[BUFSIZE]; int i; - size_t size; + socklen_t size; struct sockaddr sa; (void)sep; @@ -1470,7 +1471,8 @@ { struct sockaddr sa; static char *rs; - size_t len, size; + socklen_t size; + size_t len; char text[LINESIZ+2]; (void)sep; @@ -1532,7 +1534,7 @@ { long result; struct sockaddr sa; - size_t size; + socklen_t size; (void)sep; size = sizeof(sa); @@ -1563,7 +1565,7 @@ char buffer[256]; time_t clocc; struct sockaddr sa; - size_t size; + socklen_t size; (void)sep; diff -Nurd netkit-base-0.10-10.1/ping/ping.c netkit-base-0.10-10.2/ping/ping.c --- netkit-base-0.10-10.1/ping/ping.c 2005-04-29 11:48:29.690682501 +0200 +++ netkit-base-0.10-10.2/ping/ping.c 2005-04-29 11:48:45.362062686 +0200 @@ -501,7 +501,7 @@ for (;;) { struct sockaddr_in from; register int cc; - size_t fromlen; + socklen_t fromlen; if (options & F_FLOOD) { if ( floodok ) { diff -Nurd netkit-base-0.10-10.1/rpcgen/rpc_cout.c netkit-base-0.10-10.2/rpcgen/rpc_cout.c --- netkit-base-0.10-10.1/rpcgen/rpc_cout.c 1997-03-08 13:34:16.000000000 +0100 +++ netkit-base-0.10-10.2/rpcgen/rpc_cout.c 2005-04-29 11:48:45.363062518 +0200 @@ -102,7 +102,8 @@ emit_typedef(def); break; default: - /* can't happen */ + fprintf(stderr, "%s:%d: can't happen\n", __FILE__, __LINE__); + exit(1); } print_trailer(); } @@ -505,7 +506,7 @@ } else{ - if(i > 0 ) + if(i > 0 ) { if(sizestr == NULL && size < inlineflag){ /* don't expand into inline code if size < inlineflag */ while(cur != dl){ @@ -549,12 +550,13 @@ f_print(fout,"\t }\n"); } + } size=0;i=0;sizestr=NULL; print_stat(1,&dl->decl); } } - if(i > 0 ) + if(i > 0 ) { if(sizestr == NULL && size < inlineflag){ /* don't expand into inline code if size < inlineflag */ while(cur != dl){ @@ -596,6 +598,7 @@ f_print(fout,"\t }\n"); } + } flag=GET; } f_print(fout,"\t return(TRUE);\n\t}\n\n"); @@ -657,7 +660,7 @@ f_print(fout,"\t\t }\n\t\t };\n"); default: - /* ?... do nothing I guess */ + { /* ?... do nothing I guess */ } } } diff -Nurd netkit-base-0.10-10.1/rpcgen/rpc_hout.c netkit-base-0.10-10.2/rpcgen/rpc_hout.c --- netkit-base-0.10-10.1/rpcgen/rpc_hout.c 1996-12-29 22:24:54.000000000 +0100 +++ netkit-base-0.10-10.2/rpcgen/rpc_hout.c 2005-04-29 11:48:45.363062518 +0200 @@ -107,7 +107,7 @@ pprogramdef(def); break; default: - /* ?... shouldn't happen I guess */ + fprintf(stderr, "%s:%d: ?... shouldn't happen I guess\n", __FILE__, __LINE__); } } diff -Nurd netkit-base-0.10-10.1/rpcgen/rpc_main.c netkit-base-0.10-10.2/rpcgen/rpc_main.c --- netkit-base-0.10-10.1/rpcgen/rpc_main.c 2000-03-23 09:51:59.000000000 +0100 +++ netkit-base-0.10-10.2/rpcgen/rpc_main.c 2005-04-29 11:48:45.363062518 +0200 @@ -135,7 +135,7 @@ #define ARGLISTLEN 20 #define FIXEDARGS 2 -static const char *arglist[ARGLISTLEN]; +static const char * arglist[ARGLISTLEN]; static int argcount = FIXEDARGS; diff -Nurd netkit-base-0.10-10.1/rpcinfo/rpcinfo.c netkit-base-0.10-10.2/rpcinfo/rpcinfo.c --- netkit-base-0.10-10.1/rpcinfo/rpcinfo.c 1996-11-25 19:42:55.000000000 +0100 +++ netkit-base-0.10-10.2/rpcinfo/rpcinfo.c 2005-04-29 11:48:45.364062351 +0200 @@ -504,7 +504,7 @@ if (clnt_call(client, PMAPPROC_DUMP, (xdrproc_t) xdr_void, NULL, (xdrproc_t) xdr_pmaplist, - &head, minutetimeout) != RPC_SUCCESS) + (char*)&head, minutetimeout) != RPC_SUCCESS) { fprintf(stderr, "rpcinfo: can't contact portmapper: "); clnt_perror(client, "rpcinfo");