0a54216b4e
This isn't latest release, but diffrence from current package is minimal supported release. Since changes are too huge to write here, please refer each release notes: http://www.samba.org/samba/history/ And this pacakge already contain fix for CVE-2009-3297.
53 lines
1.3 KiB
Text
53 lines
1.3 KiB
Text
$NetBSD: patch-ax,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
|
|
|
|
Fix for CVE-2009-3297.
|
|
|
|
--- client/mount.cifs.c.orig 2010-01-14 10:12:10.000000000 +0000
|
|
+++ client/mount.cifs.c
|
|
@@ -1044,6 +1044,35 @@ static void print_cifs_mount_version(voi
|
|
MOUNT_CIFS_VENDOR_SUFFIX);
|
|
}
|
|
|
|
+/*
|
|
+ * This function borrowed from fuse-utils...
|
|
+ *
|
|
+ * glibc's addmntent (at least as of 2.10 or so) doesn't properly encode
|
|
+ * newlines embedded within the text fields. To make sure no one corrupts
|
|
+ * the mtab, fail the mount if there are embedded newlines.
|
|
+ */
|
|
+static int check_newline(const char *progname, const char *name)
|
|
+{
|
|
+ char *s;
|
|
+ for (s = "\n"; *s; s++) {
|
|
+ if (strchr(name, *s)) {
|
|
+ fprintf(stderr, "%s: illegal character 0x%02x in mount entry\n",
|
|
+ progname, *s);
|
|
+ return EX_USAGE;
|
|
+ }
|
|
+ }
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+static int check_mtab(const char *progname, const char *devname,
|
|
+ const char *dir)
|
|
+{
|
|
+ if (check_newline(progname, devname) == -1 ||
|
|
+ check_newline(progname, dir) == -1)
|
|
+ return EX_USAGE;
|
|
+ return 0;
|
|
+}
|
|
+
|
|
int main(int argc, char ** argv)
|
|
{
|
|
int c;
|
|
@@ -1464,6 +1493,10 @@ mount_retry:
|
|
if (verboseflag)
|
|
fprintf(stderr, "\n");
|
|
|
|
+ rc = check_mtab(thisprogram, dev_name, mountpoint);
|
|
+ if (rc)
|
|
+ goto mount_exit;
|
|
+
|
|
if (!fakemnt && mount(dev_name, mountpoint, "cifs", flags, options)) {
|
|
switch (errno) {
|
|
case ECONNREFUSED:
|