Bug#926548: unblock: nfs-utils/1:1.3.4-2.5

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#926548: unblock: nfs-utils/1:1.3.4-2.5
From: Bernd Zeimetz <bzed@debian.org>
Date: Sat, 06 Apr 2019 21:19:54 +0200
Message-id: <[🔎] 155457839498.15503.17297634624604652227.reportbug@think.wals.bzed.at>
Reply-to: Bernd Zeimetz <bzed@debian.org>, 926548@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi release-team,

please unblock package nfs-utils.

I've NMUed the package to fix #895381:

  [ Micha Lenk ]
  * [abaa2ab] handle_gssd_upcall: Fix failure to find uid in upcall string 'mech=krb5'
    by adding the suggested upstream commits as
    debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch and
    debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch.
    rpc.gssd: WARNING: handle_gssd_upcall: failed to find uid in upcall string 'mech=krb5'
    (Closes: #895381)

Diff is attached.


unblock nfs-utils/1:1.3.4-2.5

Thanks,

Bernd


-- 
 Bernd Zeimetz                            Debian GNU/Linux Developer
 http://bzed.de                                http://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F

diff --git a/debian/changelog b/debian/changelog
index bd57693..f341ef5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+nfs-utils (1:1.3.4-2.5) unstable; urgency=medium
+
+  * Non-maintainer upload.
+
+  [ Micha Lenk ]
+  * [abaa2ab] handle_gssd_upcall: Fix failure to find uid in upcall string 'mech=krb5'
+    by adding the suggested upstream commits as
+    debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch and
+    debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch.
+    rpc.gssd: WARNING: handle_gssd_upcall: failed to find uid in upcall string 'mech=krb5'
+    (Closes: #895381)
+
+ -- Bernd Zeimetz <bzed@debian.org>  Sat, 06 Apr 2019 18:30:39 +0200
+
 nfs-utils (1:1.3.4-2.4) unstable; urgency=medium
 
   [ Laurent Bigonville ]
diff --git a/debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch b/debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch
new file mode 100644
index 0000000..ee0c376
--- /dev/null
+++ b/debian/patches/0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch
@@ -0,0 +1,41 @@
+From: Frank Sorenson <sorenson@redhat.com>
+Date: Wed, 15 Feb 2017 10:36:47 -0500
+Subject: gssd: replace non-thread-safe strtok with strsep
+
+gssd uses the non-thread-safe strtok() function, which
+can lead to incorrect program behavior.
+
+Replace strtok() with the thread-safe strsep().
+
+Signed-off-by: Frank Sorenson <sorenson@redhat.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+
+Origin: upstream, http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=5ae8be8
+Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1419280
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895381
+Last-Update: 2019-04-05
+
+---
+ utils/gssd/gssd_proc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
+index d74d3724..30c6aceb 100644
+--- a/utils/gssd/gssd_proc.c
++++ b/utils/gssd/gssd_proc.c
+@@ -729,10 +729,11 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
+ 	char			*target = NULL;
+ 	char			*service = NULL;
+ 	char			*enctypes = NULL;
++	char			*pbuf = info->lbuf;
+ 
+ 	printerr(2, "\n%s: '%s' (%s)\n", __func__, info->lbuf, clp->relpath);
+ 
+-	for (p = strtok(info->lbuf, " "); p; p = strtok(NULL, " ")) {
++	while ((p = strsep(&pbuf, " "))) {
+ 		if (!strncmp(p, "mech=", strlen("mech=")))
+ 			mech = p + strlen("mech=");
+ 		else if (!strncmp(p, "uid=", strlen("uid=")))
+-- 
+2.20.1
+
diff --git a/debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch b/debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch
new file mode 100644
index 0000000..fa42430
--- /dev/null
+++ b/debian/patches/0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch
@@ -0,0 +1,92 @@
+From: Frank Sorenson <sorenson@redhat.com>
+Date: Wed, 15 Feb 2017 10:38:53 -0500
+Subject: gssd:  Duplicate the upcall string for error messages
+
+strsep() modifies the input string, so error messages
+may output only part of the upcall string.
+
+Make a copy of the upcall string, and use that in any
+error messages.
+
+Signed-off-by: Frank Sorenson <sorenson@redhat.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+
+Origin: upstream, http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=0a4f5e4
+Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1419280
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895381
+Last-Update: 2019-04-05
+
+---
+ utils/gssd/gssd_proc.c | 17 +++++++++++++----
+ 1 file changed, 13 insertions(+), 4 deletions(-)
+
+diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
+index 30c6aceb..4fc81c30 100644
+--- a/utils/gssd/gssd_proc.c
++++ b/utils/gssd/gssd_proc.c
+@@ -729,10 +729,17 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
+ 	char			*target = NULL;
+ 	char			*service = NULL;
+ 	char			*enctypes = NULL;
++	char			*upcall_str;
+ 	char			*pbuf = info->lbuf;
+ 
+ 	printerr(2, "\n%s: '%s' (%s)\n", __func__, info->lbuf, clp->relpath);
+ 
++	upcall_str = strdup(info->lbuf);
++	if (upcall_str == NULL) {
++		printerr(0, "ERROR: malloc failure\n");
++		goto out_nomem;
++	}
++
+ 	while ((p = strsep(&pbuf, " "))) {
+ 		if (!strncmp(p, "mech=", strlen("mech=")))
+ 			mech = p + strlen("mech=");
+@@ -749,7 +756,7 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
+ 	if (!mech || strlen(mech) < 1) {
+ 		printerr(0, "WARNING: handle_gssd_upcall: "
+ 			    "failed to find gss mechanism name "
+-			    "in upcall string '%s'\n", info->lbuf);
++			    "in upcall string '%s'\n", upcall_str);
+ 		goto out;
+ 	}
+ 
+@@ -762,7 +769,7 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
+ 	if (!uidstr) {
+ 		printerr(0, "WARNING: handle_gssd_upcall: "
+ 			    "failed to find uid "
+-			    "in upcall string '%s'\n", info->lbuf);
++			    "in upcall string '%s'\n", upcall_str);
+ 		goto out;
+ 	}
+ 
+@@ -775,7 +782,7 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
+ 	if (target && strlen(target) < 1) {
+ 		printerr(0, "WARNING: handle_gssd_upcall: "
+ 			 "failed to parse target name "
+-			 "in upcall string '%s'\n", info->lbuf);
++			 "in upcall string '%s'\n", upcall_str);
+ 		goto out;
+ 	}
+ 
+@@ -790,7 +797,7 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
+ 	if (service && strlen(service) < 1) {
+ 		printerr(0, "WARNING: handle_gssd_upcall: "
+ 			 "failed to parse service type "
+-			 "in upcall string '%s'\n", info->lbuf);
++			 "in upcall string '%s'\n", upcall_str);
+ 		goto out;
+ 	}
+ 
+@@ -803,6 +810,8 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
+ 		do_error_downcall(clp->gssd_fd, uid, -EACCES);
+ 	}
+ out:
++	free(upcall_str);
++out_nomem:
+ 	free(info);
+ 	return;
+ }
+-- 
+2.20.1
+
diff --git a/debian/patches/series b/debian/patches/series
index b1be644..4dbffa9 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -13,3 +13,5 @@ unbreak-gssd-rpc_pipefs-run.patch
 0001-rpc.c-added-include-file-so-UINT16_MAX-is-defined.patch
 30-remove-whitespace-service.patch
 fix-glibc2.28-ftbfs.patch
+0010-gssd-replace-non-thread-safe-strtok-with-strsep.patch
+0011-gssd-Duplicate-the-upcall-string-for-error-messages.patch

Reply to:

Follow-Ups:
- Bug#926548: marked as done (unblock: nfs-utils/1:1.3.4-2.5)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#926540: unblock: xorg-server/2:1.20.4-1
Next by Date: Bug#925350: unblock: ubuntu-keyring/2018.09.18.1-5
Previous by thread: Bug#926540: unblock: xorg-server/2:1.20.4-1
Next by thread: Bug#926548: marked as done (unblock: nfs-utils/1:1.3.4-2.5)
Index(es):
- Date
- Thread