Bug#700098: Propose to NMU cfingerd

Salvatore Bonaccorso Sat, 09 Feb 2013 10:59:35 -0800

Hi Martin

Do you want to upload cfingerd? Otherwise I can prepare a NMU for this
issue with Marc's submitted patch. In any case I would upload it to a
delayed.


Regards,
Salvatore

diff -u cfingerd-1.4.3/debian/changelog cfingerd-1.4.3/debian/changelog
--- cfingerd-1.4.3/debian/changelog
+++ cfingerd-1.4.3/debian/changelog
@@ -1,3 +1,12 @@
+cfingerd (1.4.3-3.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * [SECURITY] CVE-2013-1049: fix buffer overflow in rfc1413 (ident) client.
+    Thanks to Malcolm Scott <debian...@malc.org.uk> and Marc Deslauriers
+    <marc.deslauri...@ubuntu.com> (Closes: #700098) (LP: #1104425)
+
+ -- Salvatore Bonaccorso <car...@debian.org>  Sat, 09 Feb 2013 18:38:28 +0100
+
 cfingerd (1.4.3-3) unstable; urgency=low
 
   * Approve NMU
diff -u cfingerd-1.4.3/src/rfc1413.c cfingerd-1.4.3/src/rfc1413.c
--- cfingerd-1.4.3/src/rfc1413.c
+++ cfingerd-1.4.3/src/rfc1413.c
@@ -25,7 +25,9 @@
  * the implementation.  Completely rewritten by yours truly to be self-
  * contained in a single program.  Simple, easy to use.
  */
-#define BUFLEN	(2 * INET6_ADDRSTRLEN)
+#define UNAMELEN   64
+#define BUFLEN     UNAMELEN + INET6_ADDRSTRLEN + 2
+#define INPUTLEN   256
 char *get_rfc1413_data(struct sockaddr_storage * local_addr,
 			struct sockaddr_storage * peer_addr )
 {
@@ -34,7 +36,7 @@
     struct sockaddr_storage sin;
     struct sockaddr_in *sa4 = (struct sockaddr_in *) &sin;
     struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &sin;
-    char buffer[1024], buf[BUFLEN], uname[64], *bleah;
+    char buffer[1024], buf[INPUTLEN], uname[UNAMELEN], *bleah;
     char *cp, *xp;
     struct servent *serv;

Bug#700098: Propose to NMU cfingerd

Reply via email to