[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#704143: marked as done (unblock: olsrd/0.6.2-2.1)

Your message dated Fri, 29 Mar 2013 13:07:32 +0000
with message-id <8dfd10cb04831c72b61f1f8e199f9947@mail.adsl.funky-badger.org>
and subject line Re: Bug#704143: unblock: olsrd/0.6.2-2.1
has caused the Debian Bug report #704143,
regarding unblock: olsrd/0.6.2-2.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
704143: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704143
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: patch
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi,

both olsrd 0.6.2-2 (testing) and 0.6.3-5 (unstable) suffer from
corrupted data on amd64 platforms [1].

I have performed NMUs both for testing-proposed-updates and unstable
and would like to have the version for t-p-u unblocked.

Attaching debdiff.

Adrian

unblock olsrd/0.6.2-2.1

> [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704025

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru olsrd-0.6.2/debian/changelog olsrd-0.6.2/debian/changelog
--- olsrd-0.6.2/debian/changelog	2012-02-19 16:18:18.000000000 +0100
+++ olsrd-0.6.2/debian/changelog	2013-03-28 04:31:12.000000000 +0100
@@ -1,3 +1,11 @@
+olsrd (0.6.2-2.1) testing-proposed-updates; urgency=low
+
+  * Non-maintainer upload.
+  * Include upstream patch to fix stack corruption in
+    net output (Closes: #704025).
+
+ -- John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>  Thu, 28 Mar 2013 04:29:10 +0100
+
 olsrd (0.6.2-2) unstable; urgency=low
 
   * debian/control: Build-Depends: debhelper (>= 9) (Closes: #658330)
diff -Nru olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch
--- olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch	1970-01-01 01:00:00.000000000 +0100
+++ olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch	2013-03-28 04:27:03.000000000 +0100
@@ -0,0 +1,57 @@
+From f4d250ad4fad5fcfe5b5feaac3f3e121adef3fba Mon Sep 17 00:00:00 2001
+From: Jo-Philipp Wich <jow@openwrt.org>
+Date: Fri, 22 Jun 2012 03:17:59 +0200
+Subject: [PATCH] olsrd: fix stack corruption in net_output()
+
+The net_output() function indirectly uses the stack variables dst and dst6
+outside of the scope they're declared in, this might leads to olsr_sendto()
+being called with a corrupted destination sockaddr_in.
+
+This failure condition can be observed in the log, olsrd will continuosly
+print "sendto(v4): Invalid Argument" or a similar message. On ARM it has been
+reported to result in "Unsupported Address Family".
+
+This bug became apparant on a custon OpenWrt x86_64 uClibc target using the
+Linaro GCC 4.7-2012.04 compiler, it has been reported for an unspecified ARM
+target as well.
+
+The offending code seems to be unchanged since 2008 and it does not cause
+issues on 32bit systems and/or with older (Linaro) GCC versions, but the
+compiler used in our tests seems to perform more aggressive optimizations
+leading to a stack corruption.
+---
+ src/net_olsr.c |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/net_olsr.c b/src/net_olsr.c
+index 7d85f4f..66e103d 100644
+--- a/src/net_olsr.c
++++ b/src/net_olsr.c
+@@ -336,6 +336,8 @@ net_output(struct interface *ifp)
+ {
+   struct sockaddr_in *sin = NULL;
+   struct sockaddr_in6 *sin6 = NULL;
++  struct sockaddr_in dst;
++  struct sockaddr_in6 dst6;
+   struct ptf *tmp_ptf_list;
+   union olsr_packet *outmsg;
+   int retval;
+@@ -354,7 +356,6 @@ net_output(struct interface *ifp)
+   outmsg->v4.olsr_packlen = htons(ifp->netbuf.pending);
+ 
+   if (olsr_cnf->ip_version == AF_INET) {
+-    struct sockaddr_in dst;
+     /* IP version 4 */
+     sin = (struct sockaddr_in *)&ifp->int_broadaddr;
+ 
+@@ -365,7 +366,6 @@ net_output(struct interface *ifp)
+     if (sin->sin_port == 0)
+       sin->sin_port = htons(olsr_cnf->olsrport);
+   } else {
+-    struct sockaddr_in6 dst6;
+     /* IP version 6 */
+     sin6 = (struct sockaddr_in6 *)&ifp->int6_multaddr;
+     /* Copy sin */
+-- 
+1.7.9.5
+
diff -Nru olsrd-0.6.2/debian/patches/series olsrd-0.6.2/debian/patches/series
--- olsrd-0.6.2/debian/patches/series	2012-02-19 16:07:42.000000000 +0100
+++ olsrd-0.6.2/debian/patches/series	2013-03-28 04:27:57.000000000 +0100
@@ -6,3 +6,4 @@
 270-gui-linux-gtk-align-olsr_ip_addr-to-olsr-definition-of-it.patch
 280-fix-linux-gtk-build.patch
 290-hardcode-etc-olsrd-olsrd-conf.patch
+300-fix-stack-corruption-in-net-output.patch

--- End Message ---
--- Begin Message --- 
On 28.03.2013 15:03, John Paul Adrian Glaubitz wrote:

both olsrd 0.6.2-2 (testing) and 0.6.3-5 (unstable) suffer from
corrupted data on amd64 platforms [1].

I have performed NMUs both for testing-proposed-updates and unstable
and would like to have the version for t-p-u unblocked.


Done; thanks.

Regards,

Adam

--- End Message ---
Reply to: