Bug#701996: marked as done (unblock: openconnect/3.20-4)

To: Niels Thykier <niels@thykier.net>
Subject: Bug#701996: marked as done (unblock: openconnect/3.20-4)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 02 Mar 2013 08:15:06 +0000
Message-id: <[🔎] handler.701996.D701996.136221198311549.ackdone@bugs.debian.org>
References: <5131B43D.6040702@thykier.net> <[🔎] 20130301135233.GA26460@xps14z.home.local>

Your message dated Sat, 02 Mar 2013 09:11:41 +0100
with message-id <5131B43D.6040702@thykier.net>
and subject line Re: Bug#701996: unblock: openconnect/3.20-4
has caused the Debian Bug report #701996,
regarding unblock: openconnect/3.20-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
701996: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701996
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: openconnect/3.20-4
From: Mike Miller <mtmiller@ieee.org>
Date: Fri, 1 Mar 2013 08:52:33 -0500
Message-id: <[🔎] 20130301135233.GA26460@xps14z.home.local>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Dear Release Team,

Please unblock package openconnect, version 3.20-4 already in unstable.
This version fixes bug #700805, possible memory leak introduced by
previous version. This fix was requested for wheezy [1]. The debdiff is
included below. Thank you.

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700806#22


diffstat for openconnect-3.20 openconnect-3.20

 changelog                             |    7 ++
 patches/03_fix-abuse-of-realloc.patch |   97 ++++++++++++++++++++++++++++++++++
 patches/series                        |    1 
 3 files changed, 105 insertions(+)

diff -Nru openconnect-3.20/debian/changelog openconnect-3.20/debian/changelog
--- openconnect-3.20/debian/changelog	2013-02-17 12:25:52.000000000 -0500
+++ openconnect-3.20/debian/changelog	2013-02-28 23:42:35.000000000 -0500
@@ -1,3 +1,10 @@
+openconnect (3.20-4) unstable; urgency=low
+
+  * debian/patches/03_fix-abuse-of-realloc.patch: Backport patch from upstream
+    to fix possible memory leaks on realloc. (Closes: #700805)
+
+ -- Mike Miller <mtmiller@ieee.org>  Thu, 28 Feb 2013 23:42:31 -0500
+
 openconnect (3.20-3) unstable; urgency=low
 
   * debian/patches/02_CVE-2012-6128.patch: Backport patch from upstream to fix
diff -Nru openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch
--- openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch	1969-12-31 19:00:00.000000000 -0500
+++ openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch	2013-02-28 19:28:20.000000000 -0500
@@ -0,0 +1,97 @@
+Origin: upstream, http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/8dad4f3ad009e45bbd1ba21f1bd03d3f7639deab
+From: David Woodhouse <David.Woodhouse@intel.com>
+Subject: Fix abuse of realloc() causing memory leaks
+
+Implement a helper which actually *does* free the original pointer on
+allocation failure, as I evidently always expected it to.
+
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700805
+
+Reported by: Niels Thykier <niels@thykier.net>
+Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
+---
+ auth.c                 |    4 ++--
+ compat.c               |    2 +-
+ http.c                 |    8 ++++----
+ openconnect-internal.h |    8 ++++++++
+ 4 files changed, 15 insertions(+), 7 deletions(-)
+
+--- a/auth.c
++++ b/auth.c
+@@ -140,8 +140,8 @@ static int parse_auth_choice(struct open
+ 			continue;
+ 
+ 		opt->nr_choices++;
+-		opt = realloc(opt, sizeof(*opt) +
+-				   opt->nr_choices * sizeof(*choice));
++		realloc_inplace(opt, sizeof(*opt) +
++				opt->nr_choices * sizeof(*choice));
+ 		if (!opt)
+ 			return -ENOMEM;
+ 
+--- a/compat.c
++++ b/compat.c
+@@ -131,7 +131,7 @@ ssize_t openconnect__getline(char **line
+ 			break;
+ 
+ 		*n *= 2;
+-		*lineptr = realloc(*lineptr, *n);
++		realloc_inplace(*lineptr, *n);
+ 		if (!*lineptr)
+ 			return -1;
+ 	}
+--- a/http.c
++++ b/http.c
+@@ -97,7 +97,7 @@ static void buf_append(struct oc_text_bu
+ 				break;
+ 			}
+ 
+-			buf->data = realloc(buf->data, new_buf_len);
++			realloc_inplace(buf->data, new_buf_len);
+ 			if (!buf->data) {
+ 				buf->error = -ENOMEM;
+ 				break;
+@@ -354,7 +354,7 @@ static int process_http_response(struct
+ 				lastchunk = 1;
+ 				goto skip;
+ 			}
+-			body = realloc(body, done + chunklen + 1);
++			realloc_inplace(body, done + chunklen + 1);
+ 			if (!body)
+ 				return -ENOMEM;
+ 			while (chunklen) {
+@@ -394,7 +394,7 @@ static int process_http_response(struct
+ 
+ 		/* HTTP 1.0 response. Just eat all we can in 16KiB chunks */
+ 		while (1) {
+-			body = realloc(body, done + 16384);
++			realloc_inplace(body, done + 16384);
+ 			if (!body)
+ 				return -ENOMEM;
+ 			i = openconnect_SSL_read(vpninfo, body + done, 16384);
+@@ -407,7 +407,7 @@ static int process_http_response(struct
+ 				return i;
+ 			} else {
+ 				/* Connection closed. Reduce allocation to just what we need */
+-				body = realloc(body, done + 1);
++				realloc_inplace(body, done + 1);
+ 				if (!body)
+ 					return -ENOMEM;
+ 				break;
+--- a/openconnect-internal.h
++++ b/openconnect-internal.h
+@@ -256,6 +256,14 @@ int openconnect__asprintf(char **strp, c
+ ssize_t openconnect__getline(char **lineptr, size_t *n, FILE *stream);
+ #endif
+ 
++/* I always coded as if it worked like this. Now it does. */
++#define realloc_inplace(p, size) do {			\
++	void *__realloc_old = p;			\
++	p = realloc(p, size);				\
++	if (size && !p)					\
++		free(__realloc_old);			\
++    } while (0)
++
+ /****************************************************************************/
+ 
+ /* tun.c */
diff -Nru openconnect-3.20/debian/patches/series openconnect-3.20/debian/patches/series
--- openconnect-3.20/debian/patches/series	2013-02-17 12:25:52.000000000 -0500
+++ openconnect-3.20/debian/patches/series	2013-02-28 19:27:05.000000000 -0500
@@ -1,2 +1,3 @@
 01_man-vpnc-script-path.patch
 02_CVE-2012-6128.patch
+03_fix-abuse-of-realloc.patch

-- 
mike

--- End Message ---

--- Begin Message ---

To: Mike Miller <mtmiller@ieee.org>, 701996-done@bugs.debian.org

Subject: Re: Bug#701996: unblock: openconnect/3.20-4

From: Niels Thykier <niels@thykier.net>

Date: Sat, 02 Mar 2013 09:11:41 +0100

Message-id: <5131B43D.6040702@thykier.net>

In-reply-to: <[🔎] 20130301135233.GA26460@xps14z.home.local>

References: <[🔎] 20130301135233.GA26460@xps14z.home.local>
On 2013-03-01 14:52, Mike Miller wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Dear Release Team,
> 
> Please unblock package openconnect, version 3.20-4 already in unstable.
> This version fixes bug #700805, possible memory leak introduced by
> previous version. This fix was requested for wheezy [1]. The debdiff is
> included below. Thank you.
> 
> [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700806#22
> 
> 
> [...]

Unblocked, thanks.

~Niels
--- End Message ---

Reply to:

References:
- Bug#701996: unblock: openconnect/3.20-4
  - From: Mike Miller <mtmiller@ieee.org>

Prev by Date: Bug#702043: unblock: ntop/3:4.99.3+ndpi5517+dfsg3-1
Next by Date: Bug#702053: unblock: nautilus-image-manipulator/1.1-2
Previous by thread: Bug#701996: unblock: openconnect/3.20-4
Next by thread: Bug#701997: unblock: iptables/1.4.14-3.1 (tpu)
Index(es):
- Date
- Thread