Re: squeeze update of screen?
On Wed, Sep 2, 2015 at 3:33 PM, Axel Beckert <abe@debian.org> wrote:
> Santiago Ruano Rincón wrote:
>> the Debian LTS team would like to fix the security issues which are
>> currently open in the Squeeze version of screen:
>> https://security-tracker.debian.org/tracker/source-package/screen
>>
>> Would you like to take care of this yourself?
>
> Let's phrase it this way: I don't mind if someone else does it.
OK, the proposed patch is attached. Only build tested - it compiles
fine in a clean Squeeze chroot.
> I'll work on the updates for Jessie and Wheezy first, though.
Feel free to drop my patch entirely if you want.
Regards,
Laszlo/GCS
diff -u screen-4.0.3/debian/changelog screen-4.0.3/debian/changelog
--- screen-4.0.3/debian/changelog
+++ screen-4.0.3/debian/changelog
@@ -1,3 +1,9 @@
+screen (4.0.3-14+deb6u1) squeeze-security; urgency=high
+
+ * Fix stack overflow due to too deep recursion.
+
+ -- Laszlo Boszormenyi (GCS) <gcs@debian.org> Wed, 02 Sep 2015 18:53:14 +0200
+
screen (4.0.3-14) unstable; urgency=low
* Cherry-pick a few upstream commits:
diff -u screen-4.0.3/debian/patches/00list screen-4.0.3/debian/patches/00list
--- screen-4.0.3/debian/patches/00list
+++ screen-4.0.3/debian/patches/00list
@@ -44,0 +45 @@
+61denial-of-service-stack-overflow-fix
only in patch2:
unchanged:
--- screen-4.0.3.orig/debian/patches/61denial-of-service-stack-overflow-fix.dpatch
+++ screen-4.0.3/debian/patches/61denial-of-service-stack-overflow-fix.dpatch
@@ -0,0 +1,44 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 61denial-of-service-stack-overflow-fix.dpatch by Kuang-che Wu <kcwu@csie.org>
+##
+## DP: Fix stack overflow due to too deep recursion
+
+@DPATCH@
+--- a/ansi.c
++++ b/ansi.c
+@@ -2425,13 +2425,13 @@ int n, ys, ye, bce;
+ return;
+ if (n > 0)
+ {
++ if (ye - ys + 1 < n)
++ n = ye - ys + 1;
+ if (n > 256)
+ {
+ MScrollV(p, n - 256, ys, ye, bce);
+ n = 256;
+ }
+- if (ye - ys + 1 < n)
+- n = ye - ys + 1;
+ #ifdef COPY_PASTE
+ if (compacthist)
+ {
+@@ -2482,14 +2482,14 @@ int n, ys, ye, bce;
+ }
+ else
+ {
+- if (n < -256)
+- {
+- MScrollV(p, n + 256, ys, ye, bce);
+- n = -256;
+- }
+ n = -n;
+ if (ye - ys + 1 < n)
+ n = ye - ys + 1;
++ if (n > 256)
++ {
++ MScrollV(p, - (n - 256), ys, ye, bce);
++ n = 256;
++ }
+
+ ml = p->w_mlines + ye;
+ /* Clear lines */
Reply to: