Bug#1054455: bullseye-pu: package weborf/0.17-3

To: 1054455@bugs.debian.org, Sebastian Ramacher <sramacher@debian.org>
Subject: Bug#1054455: bullseye-pu: package weborf/0.17-3
From: Salvo Tomaselli <tiposchi@tiscali.it>
Date: Tue, 24 Oct 2023 09:58:30 +0200
Message-id: <[🔎] 2845528.mvXUDI8C0e@galatea>
Reply-to: Salvo Tomaselli <tiposchi@tiscali.it>, 1054455@bugs.debian.org
In-reply-to: <[🔎] ZTdnKNm32SgPmZPJ@ramacher.at>
References: <[🔎] 169809618790.145770.7600347241350281846.reportbug@galatea> <[🔎] ZTdnKNm32SgPmZPJ@ramacher.at> <[🔎] 169809618790.145770.7600347241350281846.reportbug@galatea>

> This version was already used:
> https://snapshot.debian.org/package/weborf/0.17-4/

Sorry!

Attaching a new debdiff file with the correct version
-- 
Salvo Tomaselli

"Io non mi sento obbligato a credere che lo stesso Dio che ci ha dotato di
senso, ragione ed intelletto intendesse che noi ne facessimo a meno."
                -- Galileo Galilei

https://ltworf.codeberg.page/

diff -Nru weborf-0.17/debian/changelog weborf-0.17/debian/changelog
--- weborf-0.17/debian/changelog	2020-12-31 15:13:19.000000000 +0100
+++ weborf-0.17/debian/changelog	2023-10-24 09:54:15.000000000 +0200
@@ -1,3 +1,9 @@
+weborf (0.17-3+deb12u1) bookworm; urgency=medium
+
+  * Backport patch from upstream to fix denial of service (Closes: 1054417)
+
+ -- Salvo 'LtWorf' Tomaselli <tiposchi@tiscali.it>  Tue, 24 Oct 2023 09:54:15 +0200
+
 weborf (0.17-3) unstable; urgency=medium
 
   * Disable most of the test suite (flaky on debian builders)
diff -Nru weborf-0.17/debian/patches/cgi_buffer_fix.patch weborf-0.17/debian/patches/cgi_buffer_fix.patch
--- weborf-0.17/debian/patches/cgi_buffer_fix.patch	1970-01-01 01:00:00.000000000 +0100
+++ weborf-0.17/debian/patches/cgi_buffer_fix.patch	2023-10-23 18:40:54.000000000 +0200
@@ -0,0 +1,25 @@
+Description: Fix incorrect memory operation
+ The original code failed to take into account the space needed for the
+ null terminator.
+ .
+ The patch just avoids the copy altogether, because it was not needed.
+Author: Salvo "LtWorf" Tomaselli <tiposchi@tiscali.it>
+Origin: upstream
+Bug: <upstream-bugtracker-url>
+Bug-Debian: https://bugs.debian.org/1054417
+Forwarded: not-needed
+Applied-Upstream: 1.0
+Last-Update: 2023-10-23
+
+--- weborf-0.19.orig/cgi.c
++++ weborf-0.19/cgi.c
+@@ -228,8 +228,7 @@ static inline void cgi_execute_child(con
+     environ = NULL; //Clear env vars
+ 
+     if (strlen(executor) == 0) {
+-        executor = malloc(connection_prop->strfile_len + 1);
+-        strncpy(executor, connection_prop->strfile, connection_prop->strfile_len);
++        executor = connection_prop->strfile;
+     }
+ 
+     cgi_set_http_env_vars(connection_prop->http_param);
diff -Nru weborf-0.17/debian/patches/series weborf-0.17/debian/patches/series
--- weborf-0.17/debian/patches/series	2020-12-31 15:13:19.000000000 +0100
+++ weborf-0.17/debian/patches/series	2023-10-23 18:41:02.000000000 +0200
@@ -1,2 +1,3 @@
 0001-sleep_in_http
 002-disable_tests
+cgi_buffer_fix.patch

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

References:
- Bug#1054455: bullseye-pu: package weborf/0.17-3
  - From: "Salvo \"LtWorf\" Tomaselli" <tiposchi@tiscali.it>
- Bug#1054455: bullseye-pu: package weborf/0.17-3
  - From: Sebastian Ramacher <sramacher@debian.org>

Prev by Date: Bug#1054455: bullseye-pu: package weborf/0.17-3
Next by Date: Bug#1054466: bookworm-pu: package localslackirc/1.17-1.1
Previous by thread: Bug#1054455: bullseye-pu: package weborf/0.17-3
Next by thread: Bug#1054466: bookworm-pu: package localslackirc/1.17-1.1
Index(es):
- Date
- Thread