From 18de9e945d90dc40bf3af267277577949dd3b75b Mon Sep 17 00:00:00 2001 From: johannes Date: Thu, 22 Feb 2018 16:21:40 +0100 Subject: [PATCH] opensmtpd: add patch to avoid segfault on password check --- .../opensmtpd/patches/crypt_checkpass.patch | 37 +++++++++++++++++++ srcpkgs/opensmtpd/template | 2 +- 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 srcpkgs/opensmtpd/patches/crypt_checkpass.patch diff --git a/srcpkgs/opensmtpd/patches/crypt_checkpass.patch b/srcpkgs/opensmtpd/patches/crypt_checkpass.patch new file mode 100644 index 00000000000..379ec9888ec --- /dev/null +++ b/srcpkgs/opensmtpd/patches/crypt_checkpass.patch @@ -0,0 +1,37 @@ +https://github.com/OpenSMTPD/OpenSMTPD/pull/835 + +avoid null pointer deref if crypt(3) fails and returns null + +include "includes.h" so HAVE_CRYPT_H is defined and crypt.h gets included + +--- openbsd-compat/crypt_checkpass.c ++++ openbsd-compat/crypt_checkpass.c +@@ -1,5 +1,6 @@ + /* OPENBSD ORIGINAL: lib/libc/crypt/cryptutil.c */ + ++#include "includes.h" + #include + #ifdef HAVE_CRYPT_H + #include +@@ -10,6 +11,8 @@ + int + crypt_checkpass(const char *pass, const char *goodhash) + { ++ char *c; ++ + if (goodhash == NULL) + goto fail; + +@@ -17,7 +20,11 @@ crypt_checkpass(const char *pass, const char *goodhash) + if (strlen(goodhash) == 0 && strlen(pass) == 0) + return 0; + +- if (strcmp(crypt(pass, goodhash), goodhash) == 0) ++ c = crypt(pass, goodhash); ++ if (c == NULL) ++ goto fail; ++ ++ if (strcmp(c, goodhash) == 0) + return 0; + + fail: diff --git a/srcpkgs/opensmtpd/template b/srcpkgs/opensmtpd/template index bd1c3d5820c..017658f4036 100644 --- a/srcpkgs/opensmtpd/template +++ b/srcpkgs/opensmtpd/template @@ -1,7 +1,7 @@ # Template file for 'opensmtpd' pkgname=opensmtpd version=6.0.3p1 -revision=5 +revision=6 build_style=gnu-configure configure_args="--sysconfdir=/etc/smtpd --sbindir=/usr/bin --with-path-socket=/run --with-mantype=doc --with-pie --with-table-db