--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: ax25-tools: beacon crashes if the length of the destination exceeds 20
- From: Kamal Mostafa <kamal@whence.com>
- Date: Wed, 03 Feb 2010 09:06:59 -0800
- Message-id: <20100203170659.6931.14036.reportbug@fourier>
Package: ax25-tools
Version: 0.0.8-13.1
Severity: normal
Tags: patch
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu karmic ubuntu-patch
In Ubuntu, we've applied the attached patch to achieve the following:
* Fix beacon -d <longstring> crash (LP: #353219):
- Cherry-pick fix from upstream ax25_tools_0_0_10_rc1 (www.linux-ax25.org):
ax25/beacon.c (CVS rev 1.2): important security fix:
char addr[20] was static and strcpy(addr,.argv[n]) of variable length.
We thought you might be interested in doing the same.
--- ax25-tools-0.0.8.orig/ax25/beacon.c
+++ ax25-tools-0.0.8/ax25/beacon.c
@@ -43,7 +43,7 @@
struct full_sockaddr_ax25 dest;
struct full_sockaddr_ax25 src;
int s, n, dlen, len, interval = 30;
- char addr[20], *port, *message, *portcall;
+ char *addr, *port, *message, *portcall;
char *srccall = NULL, *destcall = NULL;
while ((n = getopt(argc, argv, "c:d:lmst:v")) != -1) {
@@ -100,27 +100,36 @@
return 1;
}
+ addr = NULL;
if (mail)
- strcpy(addr, "MAIL");
+ addr = strdup("MAIL");
else if (destcall != NULL)
- strcpy(addr, destcall);
+ addr = strdup(destcall);
else
- strcpy(addr, "IDENT");
+ addr = strdup("IDENT");
+ if (addr == NULL)
+ return 1;
if ((dlen = ax25_aton(addr, &dest)) == -1) {
fprintf(stderr, "beacon: unable to convert callsign '%s'\n", addr);
return 1;
}
+ if (addr != NULL) free(addr); addr = NULL;
- if (srccall != NULL && strcmp(srccall, portcall) != 0)
+ if (srccall != NULL && strcmp(srccall, portcall) != 0) {
+ if ((addr = (char *) malloc(strlen(srccall) + 1 + strlen(portcall) + 1)) == NULL)
+ return 1;
sprintf(addr, "%s %s", srccall, portcall);
- else
- strcpy(addr, portcall);
+ } else {
+ if ((addr = strdup(portcall)) == NULL)
+ return 1;
+ }
if ((len = ax25_aton(addr, &src)) == -1) {
fprintf(stderr, "beacon: unable to convert callsign '%s'\n", addr);
return 1;
}
+ if (addr != NULL) free(addr); addr = NULL;
if (!single) {
if (!daemon_start(FALSE)) {
--- End Message ---
--- Begin Message ---
- To: 568290-close@bugs.debian.org
- Subject: Bug#568290: fixed in ax25-tools 0.0.10-rc2+cvs20120204-2
- From: Patrick Ouellette <pouelle@debian.org>
- Date: Mon, 27 Feb 2012 03:17:28 +0000
- Message-id: <E1S1r5c-0001nO-EB@franck.debian.org>
Source: ax25-tools
Source-Version: 0.0.10-rc2+cvs20120204-2
We believe that the bug you reported is fixed in the latest version of
ax25-tools, which is due to be installed in the Debian FTP archive:
ax25-tools_0.0.10-rc2+cvs20120204-2.diff.gz
to main/a/ax25-tools/ax25-tools_0.0.10-rc2+cvs20120204-2.diff.gz
ax25-tools_0.0.10-rc2+cvs20120204-2.dsc
to main/a/ax25-tools/ax25-tools_0.0.10-rc2+cvs20120204-2.dsc
ax25-tools_0.0.10-rc2+cvs20120204-2_amd64.deb
to main/a/ax25-tools/ax25-tools_0.0.10-rc2+cvs20120204-2_amd64.deb
ax25-xtools_0.0.10-rc2+cvs20120204-2_amd64.deb
to main/a/ax25-tools/ax25-xtools_0.0.10-rc2+cvs20120204-2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 568290@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Patrick Ouellette <pouelle@debian.org> (supplier of updated ax25-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 26 Feb 2012 20:53:44 -0500
Source: ax25-tools
Binary: ax25-tools ax25-xtools
Architecture: source amd64
Version: 0.0.10-rc2+cvs20120204-2
Distribution: unstable
Urgency: low
Maintainer: Debian Hamradio Maintainers <debian-hams@lists.debian.org>
Changed-By: Patrick Ouellette <pouelle@debian.org>
Description:
ax25-tools - tools for AX.25 interface configuration
ax25-xtools - tools for AX.25 interface configuration -- X11-based
Closes: 568290 603169
Changes:
ax25-tools (0.0.10-rc2+cvs20120204-2) unstable; urgency=low
.
* Fix "kissnetd broken with PTYs" fixed in the new upstream (Closes: #603169)
* Fix "beacon crashes if the length of the destination exceeds 20"
fixed in the new upstream (Closes: #568290)
* Fix FTBFS by adding chmod +x configure to debian/rules
Checksums-Sha1:
58c2a13ea44232c2934ddb1636c80d1a0fc1311e 1482 ax25-tools_0.0.10-rc2+cvs20120204-2.dsc
e13f4aa3790f72b013a7ff2316d52b4b9bdf115a 119519 ax25-tools_0.0.10-rc2+cvs20120204-2.diff.gz
c97daed16198dc5d4075f55fc1d8c0ed3586d52c 230650 ax25-tools_0.0.10-rc2+cvs20120204-2_amd64.deb
70730b6fefc9d09be4abc219b4c23302d035edea 43530 ax25-xtools_0.0.10-rc2+cvs20120204-2_amd64.deb
Checksums-Sha256:
f304266883f286a870dd067121323f0c80bc5bbfa3c65e6d916ec389bbdbf470 1482 ax25-tools_0.0.10-rc2+cvs20120204-2.dsc
45cbb1e4d7ed07c00f35389d09165cc90a5ca3e06747182c10567ab1803b853b 119519 ax25-tools_0.0.10-rc2+cvs20120204-2.diff.gz
fa792df0173b6b6c4401a7bab38f8e87ebfa2cb8f0c969683ed3785b8959dd43 230650 ax25-tools_0.0.10-rc2+cvs20120204-2_amd64.deb
aba7e0f1f3b0500e1a73294d19e9fe7c6e0488a05e0f6d90f7a4c10b6df9ca2c 43530 ax25-xtools_0.0.10-rc2+cvs20120204-2_amd64.deb
Files:
bdcd16224f71aec38b161e737be52144 1482 hamradio extra ax25-tools_0.0.10-rc2+cvs20120204-2.dsc
ac1a8dd36565ea3ce0e1c684348024f5 119519 hamradio extra ax25-tools_0.0.10-rc2+cvs20120204-2.diff.gz
d8126e272e65845d15805084423b3f6f 230650 hamradio extra ax25-tools_0.0.10-rc2+cvs20120204-2_amd64.deb
2943a45e7543daa42d3a8d471b6eb0d8 43530 hamradio extra ax25-xtools_0.0.10-rc2+cvs20120204-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk9K7dkACgkQz9qdgganN25CLACfdOa+W7EdqJk0TFEZd1S8TmWC
HNkAoKUfBLOWGacy74SfvgkQt/LAEkRM
=j2uc
-----END PGP SIGNATURE-----
--- End Message ---