Attaching debdiff for suggested NMU.
Cheers,
Adrian
--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer - glaub...@debian.org
`. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
diff -Nru olsrd-0.6.2/debian/changelog olsrd-0.6.2/debian/changelog
--- olsrd-0.6.2/debian/changelog 2012-02-19 16:18:18.000000000 +0100
+++ olsrd-0.6.2/debian/changelog 2013-03-28 04:31:12.000000000 +0100
@@ -1,3 +1,11 @@
+olsrd (0.6.2-2.1) testing-proposed-updates; urgency=low
+
+ * Non-maintainer upload.
+ * Include upstream patch to fix stack corruption in
+ net output (Closes: #704025).
+
+ -- John Paul Adrian Glaubitz <glaub...@physik.fu-berlin.de> Thu, 28 Mar 2013 04:29:10 +0100
+
olsrd (0.6.2-2) unstable; urgency=low
* debian/control: Build-Depends: debhelper (>= 9) (Closes: #658330)
diff -Nru olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch
--- olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch 1970-01-01 01:00:00.000000000 +0100
+++ olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch 2013-03-28 04:27:03.000000000 +0100
@@ -0,0 +1,57 @@
+From f4d250ad4fad5fcfe5b5feaac3f3e121adef3fba Mon Sep 17 00:00:00 2001
+From: Jo-Philipp Wich <j...@openwrt.org>
+Date: Fri, 22 Jun 2012 03:17:59 +0200
+Subject: [PATCH] olsrd: fix stack corruption in net_output()
+
+The net_output() function indirectly uses the stack variables dst and dst6
+outside of the scope they're declared in, this might leads to olsr_sendto()
+being called with a corrupted destination sockaddr_in.
+
+This failure condition can be observed in the log, olsrd will continuosly
+print "sendto(v4): Invalid Argument" or a similar message. On ARM it has been
+reported to result in "Unsupported Address Family".
+
+This bug became apparant on a custon OpenWrt x86_64 uClibc target using the
+Linaro GCC 4.7-2012.04 compiler, it has been reported for an unspecified ARM
+target as well.
+
+The offending code seems to be unchanged since 2008 and it does not cause
+issues on 32bit systems and/or with older (Linaro) GCC versions, but the
+compiler used in our tests seems to perform more aggressive optimizations
+leading to a stack corruption.
+---
+ src/net_olsr.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/net_olsr.c b/src/net_olsr.c
+index 7d85f4f..66e103d 100644
+--- a/src/net_olsr.c
++++ b/src/net_olsr.c
+@@ -336,6 +336,8 @@ net_output(struct interface *ifp)
+ {
+ struct sockaddr_in *sin = NULL;
+ struct sockaddr_in6 *sin6 = NULL;
++ struct sockaddr_in dst;
++ struct sockaddr_in6 dst6;
+ struct ptf *tmp_ptf_list;
+ union olsr_packet *outmsg;
+ int retval;
+@@ -354,7 +356,6 @@ net_output(struct interface *ifp)
+ outmsg->v4.olsr_packlen = htons(ifp->netbuf.pending);
+
+ if (olsr_cnf->ip_version == AF_INET) {
+- struct sockaddr_in dst;
+ /* IP version 4 */
+ sin = (struct sockaddr_in *)&ifp->int_broadaddr;
+
+@@ -365,7 +366,6 @@ net_output(struct interface *ifp)
+ if (sin->sin_port == 0)
+ sin->sin_port = htons(olsr_cnf->olsrport);
+ } else {
+- struct sockaddr_in6 dst6;
+ /* IP version 6 */
+ sin6 = (struct sockaddr_in6 *)&ifp->int6_multaddr;
+ /* Copy sin */
+--
+1.7.9.5
+
diff -Nru olsrd-0.6.2/debian/patches/series olsrd-0.6.2/debian/patches/series
--- olsrd-0.6.2/debian/patches/series 2012-02-19 16:07:42.000000000 +0100
+++ olsrd-0.6.2/debian/patches/series 2013-03-28 04:27:57.000000000 +0100
@@ -6,3 +6,4 @@
270-gui-linux-gtk-align-olsr_ip_addr-to-olsr-definition-of-it.patch
280-fix-linux-gtk-build.patch
290-hardcode-etc-olsrd-olsrd-conf.patch
+300-fix-stack-corruption-in-net-output.patch
