diff options
Diffstat (limited to 'meta-security/recipes-security/libgssglue/files')
5 files changed, 172 insertions, 0 deletions
diff --git a/meta-security/recipes-security/libgssglue/files/libgssglue-canon-name.patch b/meta-security/recipes-security/libgssglue/files/libgssglue-canon-name.patch new file mode 100644 index 000000000..cb7c47b3f --- /dev/null +++ b/meta-security/recipes-security/libgssglue/files/libgssglue-canon-name.patch @@ -0,0 +1,60 @@ +fix the bug: +g_canon_name.c:125:5: warning: passing argument 2 of '__gss_copy_namebuf' from incompatible pointer type [enabled by default] + +the 2nd argument of __gss_copy_namebuf should be address of *gss_buffer_t, \ +but a *gss_buffer_t is assigned. + +what __gss_copy_namebuf does is to alloc memory for a gss_buffer_desc and \ +copy from src and return its address. + +if following code failed, gss_release_name will free \ +union_canon_name->external_name.value if it is not NULL. + +OM_uint32 __gss_copy_namebuf(src, dest) + gss_buffer_t src; + gss_buffer_t *dest; + +typedef struct gss_union_name_t { + gss_mechanism gss_mech; + gss_OID name_type; + gss_buffer_desc external_name; + /* + * These last two fields are only filled in for mechanism + * names. + */ + gss_OID mech_type; + gss_name_t mech_name; +} gss_union_name_desc, *gss_union_name_t; + +typedef struct gss_buffer_desc_struct { + size_t length; + void FAR *value; +} gss_buffer_desc, FAR *gss_buffer_t; + +Upstream-Status: Pending +Signed-off-by: Yao Zhao <yao.zhao@windriver.com> + +--- a/src/g_canon_name.c ++++ b/src/g_canon_name.c +@@ -121,11 +121,17 @@ gss_canonicalize_name (OM_uint32 *minor_ + + union_canon_name->mech_name = mech_name; + +- status = __gss_copy_namebuf(&union_input_name->external_name, +- &union_canon_name->external_name); +- if (status != GSS_S_COMPLETE) +- goto failure; ++ union_canon_name->external_name.value = (void*) malloc( ++ union_input_name->external_name.length + 1); ++ if (!union_canon_name->external_name.value) ++ goto failure; + ++ memcpy(union_canon_name->external_name.value, ++ union_input_name->external_name.value, ++ union_input_name->external_name.length); ++ union_canon_name->external_name.length = ++ union_input_name->external_name.length; ++ + if (union_input_name->name_type != GSS_C_NO_OID) { + status = generic_gss_copy_oid(minor_status, + union_input_name->name_type, diff --git a/meta-security/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch b/meta-security/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch new file mode 100644 index 000000000..6aa1a657a --- /dev/null +++ b/meta-security/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch @@ -0,0 +1,43 @@ +Use secure_getenv instead of getenv for setuid programs + +(bnc#694598 CVE-2011-2709 bnc#831805) + +import from: +https://build.opensuse.org/package/view_file/openSUSE:Factory/libgssglue/secure-getenv.patch + +Upstream-Status: Pending + +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> + +diff --git a/src/g_initialize.c b/src/g_initialize.c +index 200f173..935a9fa 100644 +--- a/src/g_initialize.c ++++ b/src/g_initialize.c +@@ -26,6 +26,7 @@ + * This function will initialize the gssapi mechglue library + */ + ++#define _GNU_SOURCE + #include "mglueP.h" + #include <stdlib.h> + +@@ -197,8 +198,7 @@ static void solaris_initialize () + void *dl; + gss_mechanism (*sym)(void), mech; + +- if ((getuid() != geteuid()) || +- ((filename = getenv("GSSAPI_MECH_CONF")) == NULL)) ++ if ((filename = secure_getenv("GSSAPI_MECH_CONF")) == NULL) + filename = MECH_CONF; + + if ((conffile = fopen(filename, "r")) == NULL) { +@@ -274,8 +274,7 @@ static void linux_initialize () + void *dl; + gss_mechanism (*sym)(void), mech; + +- if ((getuid() != geteuid()) || +- ((filename = getenv("GSSAPI_MECH_CONF")) == NULL)) ++ if ((filename = secure_getenv("GSSAPI_MECH_CONF")) == NULL) + filename = MECH_CONF; + + if ((conffile = fopen(filename, "r")) == NULL) { diff --git a/meta-security/recipes-security/libgssglue/files/libgssglue-g-initialize.patch b/meta-security/recipes-security/libgssglue/files/libgssglue-g-initialize.patch new file mode 100644 index 000000000..4a9ba3322 --- /dev/null +++ b/meta-security/recipes-security/libgssglue/files/libgssglue-g-initialize.patch @@ -0,0 +1,21 @@ +Fix the warning for getuid, geteuid +g_initialize.c: In function 'linux_initialize': +g_initialize.c:275:5: warning: implicit declaration of function 'getuid' [-Wimplicit-function-declaration] +g_initialize.c:275:5: warning: implicit declaration of function 'geteuid' [-Wimplicit-function-declaration] + +Upstream-Status: Pending +Signed-off-by: Yao Zhao <yao.zhao@windriver.com> + +diff --git a/src/g_initialize.c b/src1/g_initialize.c +index 82fcce1..200f173 100644 +--- a/src/g_initialize.c ++++ b/src/g_initialize.c +@@ -29,6 +29,8 @@ + #include "mglueP.h" + #include <stdlib.h> + ++#include <unistd.h> /*getuid, geteuid */ ++#include <sys/types.h> + #include <stdio.h> + #include <string.h> + #include <ctype.h> diff --git a/meta-security/recipes-security/libgssglue/files/libgssglue-gss-inq-cred.patch b/meta-security/recipes-security/libgssglue/files/libgssglue-gss-inq-cred.patch new file mode 100644 index 000000000..6dce3e737 --- /dev/null +++ b/meta-security/recipes-security/libgssglue/files/libgssglue-gss-inq-cred.patch @@ -0,0 +1,27 @@ +1) add free if malloc failed for (*mechanisms)->elements +2) g_inq_cred.c: In function 'gss_inquire_cred': +g_inq_cred.c:161:8: warning: passing argument 3 of 'generic_gss_copy_oid' from incompatible pointer type [enabled by default] + +Upstream-Status: Pending +Signed-off-by: Yao Zhao <yao.zhao@windriver.com> + +--- a/src/g_inq_cred.c ++++ b/src/g_inq_cred.c +@@ -152,13 +152,15 @@ gss_OID_set * mechanisms; + union_cred->count); + if ((*mechanisms)->elements == NULL) { + *minor_status = ENOMEM; ++ free(*mechanisms); ++ *mechanisms = GSS_C_NO_OID_SET; + return (GSS_S_FAILURE); + } + + for (i=0; i < union_cred->count; i++) { +- status = generic_gss_copy_oid(minor_status, ++ status = generic_gss_add_oid_set_member(minor_status, + &union_cred->mechs_array[i], +- &((*mechanisms)->elements[i])); ++ mechanisms); + if (status != GSS_S_COMPLETE) + break; + } diff --git a/meta-security/recipes-security/libgssglue/files/libgssglue-mglueP.patch b/meta-security/recipes-security/libgssglue/files/libgssglue-mglueP.patch new file mode 100644 index 000000000..6c9ebf05c --- /dev/null +++ b/meta-security/recipes-security/libgssglue/files/libgssglue-mglueP.patch @@ -0,0 +1,21 @@ +fix the warning: +warning: implicit declaration of function 'generic_gss_copy_oid_set' [-Wimplicit-function-declaration] + +Upstream-Status: Pending +Signed-off-by: Yao Zhao <yao.zhao@windriver.com> + +--- a/src/mglueP.h ++++ b/src/mglueP.h +@@ -447,6 +447,12 @@ OM_uint32 generic_gss_copy_oid + gss_OID * /* new_oid */ + ); + ++OM_uint32 generic_gss_copy_oid_set ++ (OM_uint32 *minor_status, /* minor_status */ ++ const gss_OID_set_desc * const oidset, /* oid */ ++ gss_OID_set *new_oidset /* new_oid */ ++ ); ++ + OM_uint32 generic_gss_create_empty_oid_set + (OM_uint32 *, /* minor_status */ + gss_OID_set * /* oid_set */ |