Bug#759936: marked as done (proftpd-mod-vroot: Module is broken because of erroneous function vroot_lookup_path)

Sat, 24 Dec 2016 11:39:34 -0800 

Your message dated Sat, 24 Dec 2016 19:34:19 +0000
with message-id <e1cks5d-000ijw...@fasolo.debian.org>
and subject line Bug#759936: fixed in proftpd-mod-vroot 0.9.4-1
has caused the Debian Bug report #759936,
regarding proftpd-mod-vroot: Module is broken because of erroneous function 
vroot_lookup_path
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
759936: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759936
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: proftpd-mod-vroot
Version: 0.9.2-2+b2
Severity: grave
 
The proftpd module mod_vroot is broken, because the alias string
processing is erroneous. The result of the function vroot_lookup_path
may look like this without the attached patch:
static int vroot_lstat(pr_fs_t *fs, const char *orig_path, struct stat
*st) {
...
  if (vroot_lookup_path(NULL, vpath, sizeof(vpath)-1, path, 0, NULL) < 0) {
    destroy_pool(tmp_pool);
    return -1;
  }
(void) pr_log_writefile(vroot_logfd, MOD_VROOT_VERSION, "(lstat) ==>
path '%s'", path);
(void) pr_log_writefile(vroot_logfd, MOD_VROOT_VERSION, "(lstat) ==>
vpath '%s'", vpath);
  if ((vroot_opts & VROOT_OPT_ALLOW_SYMLINKS) ||
      vroot_is_alias(path) == 0) {
...
)
Aug 22 21:06:18 mod_vroot/0.9.2[8919]: (lstat) ==> path '/folder1/test.sh'
Aug 22 21:06:18 mod_vroot/0.9.2[8919]: (lstat) ==> vpath
'/media/b464f0f6-0ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/ebc-426f-b5cf-4f4324ccf906/folder1/eb
Using the following patch makes the module working. The code changes has
been taken from the original GIT
repositoryhttps://github.com/Castaglia/proftpd-mod_vroot
<https://3c.gmx.net/mail/client/dereferrer?redirectUrl=https%3A%2F%2Fgithub.com%2FCastaglia%2Fproftpd-mod_vroot>.
--- proftpd-mod-vroot-0.9.2.orig/mod_vroot.c
+++ proftpd-mod-vroot-0.9.2/mod_vroot.c
@@ -225,7 +225,7 @@ loop:
 
   } else if (*bufp != '\0') {
     size_t buflen, tmplen;
-    char *ptr;
+    char *ptr = NULL;
 
     ptr = strstr(bufp, "..");
     if (ptr != NULL) {
@@ -280,9 +280,14 @@ loop:
     if (vroot_aliastab != NULL) {
       char *start_ptr = NULL, *end_ptr = NULL, *src_path = NULL;
 
+      /* buf is used here for storing the "suffix", to be appended
later when
+       * aliases are found.
+       */
+      bufp = buf;
+
       start_ptr = path;
       while (start_ptr != NULL) {
-        char *ptr;
+        char *ptr = NULL;
 
         pr_signals_handle();
 
@@ -312,8 +317,8 @@ loop:
           sstrncpy(path, src_path, pathlen);
 
           if (end_ptr != NULL) {
-            sstrcat(path, "/", pathlen);
-            sstrcat(path, end_ptr + 1, pathlen);
+            /* Now tack on our suffix from the scratchpad. */
+            sstrcat(path, bufp, pathlen);
           }
 
           break;
@@ -334,6 +339,8 @@ loop:
           break;
         }
 
+        /* Store the suffix in the buf scratchpad. */
+        sstrncpy(buf, ptr, sizeof(buf));
         end_ptr = ptr;
         *end_ptr = '\0';
       }

Regards
Volker

--- End Message ---
--- Begin Message --- 
Source: proftpd-mod-vroot
Source-Version: 0.9.4-1

We believe that the bug you reported is fixed in the latest version of
proftpd-mod-vroot, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 759...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Francesco Paolo Lovergine <fran...@debian.org> (supplier of updated 
proftpd-mod-vroot package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 24 Dec 2016 19:42:04 +0100
Source: proftpd-mod-vroot
Binary: proftpd-mod-vroot
Architecture: source amd64
Version: 0.9.4-1
Distribution: unstable
Urgency: medium
Maintainer: ProFTPD Maintainance Team 
<pkg-proftpd-maintain...@lists.alioth.debian.org>
Changed-By: Francesco Paolo Lovergine <fran...@debian.org>
Description:
 proftpd-mod-vroot - ProFTPD module mod_vroot
Closes: 715569 732660 759936
Changes:
 proftpd-mod-vroot (0.9.4-1) unstable; urgency=medium
 .
   [ Mahyuddin Susanto ]
   * Team upload.
   * New Upstream release 0.9.3.
     -> It has a fix for erroneous function vroot_lookup_path (Closes: #759936)
   * Bump Standard Version to 3.9.5.
   * d/changelog: fix previous release pocket, already uploaded but
     still unreleased.
   * d/watch: upstream moved to github (Closes: #732660)
   * Rebuild against latest proftpd (Closes: #715569)
 .
   [Hilmar Preuße]
   * d/control: Remove "DM-Upload-Allowed" field
   * d/rules: add --without python-support to dh call
   * d/rules: overhaul clean target to make it work
 .
   [ Francesco Paolo Lovergine ]
   * New upstream release.
   * Policy bumped to 3.9.8.
Checksums-Sha1:
 3f8966443bea06146a116c00cfd10d74651114f7 2112 proftpd-mod-vroot_0.9.4-1.dsc
 f70bee26c6f2b307bcec92583d08c48de5632750 28838 
proftpd-mod-vroot_0.9.4.orig.tar.gz
 f2d086b76eda5859849e1dc4d19333a1d4252974 3724 
proftpd-mod-vroot_0.9.4-1.debian.tar.xz
 984e73cd0012cc5b2f75d80aa5303244cf599b8c 5200 
proftpd-mod-vroot_0.9.4-1_amd64.buildinfo
 6e20d525a83375236767bde613e95800ddb27b23 16048 
proftpd-mod-vroot_0.9.4-1_amd64.deb
Checksums-Sha256:
 149ff114456399371ae21ba058d05e58c05c0fc37c46861edda75c77147fea22 2112 
proftpd-mod-vroot_0.9.4-1.dsc
 17acb0a1b2fe9adc4716a931235a747b2fc8b2e5aedb7da0ff7c028a1cbf7877 28838 
proftpd-mod-vroot_0.9.4.orig.tar.gz
 7a3068703350c46287c66c9a52e83973f179c3f4069fbd3805e445429fc6346b 3724 
proftpd-mod-vroot_0.9.4-1.debian.tar.xz
 6c7f74c09aec289f9ae7f12c46679e22bcbb47dcd1b7a5d7a8e8560a91084261 5200 
proftpd-mod-vroot_0.9.4-1_amd64.buildinfo
 6d271f9aefb244a8a03e73b81d4a833c73177d8dffdc71bd2713c6e20bc47283 16048 
proftpd-mod-vroot_0.9.4-1_amd64.deb
Files:
 36ae57c684ea29eef014fc6d043bcad7 2112 net optional 
proftpd-mod-vroot_0.9.4-1.dsc
 a790eb2ab4ff7549b2b24e8154353887 28838 net optional 
proftpd-mod-vroot_0.9.4.orig.tar.gz
 10c9a9207d8ed9b9621cba0622274007 3724 net optional 
proftpd-mod-vroot_0.9.4-1.debian.tar.xz
 5635c16231ab2c3dcde2d0b07c878aca 5200 net optional 
proftpd-mod-vroot_0.9.4-1_amd64.buildinfo
 63a25da7e1b71f2c56219d0f9e86496e 16048 net optional 
proftpd-mod-vroot_0.9.4-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJYXsh/AAoJEA8CpeEWNoakyywQAJh+twrNwkQUf8lKMk8PCJMz
zwqHSs758rZ5LVITXU79d8dHy72Vej7wbd+ymAqVMemQcCzJVTh0dBKqV3ksXBdr
zvtgBJhrv9wzlFFEkKve+vBs+w8MAapnBWIlSof4jtrm/dNWpv45pMAbKVzXkAhn
yoHKXn/6xaQWxJ3QNMTnOWcjwqs+78abJ09s4wobhSQXByDxIDiuLvE/ZDUKc1nZ
PUQVxoCM/JFz+HFK5YEQTM3X+j/nO1uKbAQJlM7mM9FqfW0fmECCJamlJ5H4CCE4
HIQhuS1sHHgHb8gay/AeoAK+ubaDMhKvq8jqoPU4EDqrI559BsCzO6SPAUxrujd8
QfGCo4Sy4ORoHlMivV65yD0nBJoQwC81bsiXwLxnbg2EMexT0uYNYK401kvAIOhU
kW1+qO2fQQQ5UIf1ViPAnQVik+1I7It6aPUiJHwy6vxI7vxylRhL4SHTrIF4asmZ
ydGyfLQ92XafVDX03lj3+SQoo0T6//5XuBP9r32UGey6sWp5TRbG+Si+5+tj383e
wQChLTlD1wEbYdoU0b+582f4TDYF4NAvKu7h0P3WhkDdJRckzdTl1m7k1rwTveB7
pxR8mJ+WbYMQgS3hnePGJ+J4XUKIWLwXKw7p2ktpRZ35w8vjNpM9nq7ehX4/7338
Nsans1csQP98J2pCgMiy
=Ioha
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to