← Back to branch summary

~ubuntu-branches/ubuntu/dapper/cyrus-sasl2/dapper-proposed

« back to all changes in this revision

Viewing changes to debian/patches/27_upstream_cvs_digest-md5-crash.diff

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt
  • Date: 2006-04-24 11:58:30 UTC
  • Revision ID: james.westby@ubuntu.com-20060424115830-yisaords2tg9dxxf
Tags: 2.1.19.dfsg1-0.1ubuntu2
* SECURITY UPDATE: Remote DoS with crafted realms during DIGEST-MD5
  negotiation.
* Add debian/patches/27_upstream_cvs_digest-md5-crash.diff:
  - plugins/digestmd5.c: Check that the provided realm is valid to avoid
    crash.
  - Patch taken from upstream CVS, fixed upstream in 2.1.21:
    https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/
    plugins/digestmd5.c.diff?r1=1.173&r2=1.175&f=u
* CVE-2006-1721

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/27_upstream_cvs_digest-md5-crash.diff
 
1
diff -ruN cyrus-sasl-2.1.19.dfsg1-old/plugins/digestmd5.c cyrus-sasl-2.1.19.dfsg1/plugins/digestmd5.c
 
2
--- cyrus-sasl-2.1.19.dfsg1-old/plugins/digestmd5.c     2006-04-24 11:56:11.000000000 +0200
 
3
+++ cyrus-sasl-2.1.19.dfsg1/plugins/digestmd5.c 2006-04-24 11:57:04.000000000 +0200
 
4
@@ -2242,7 +2242,8 @@
 
5
     }
 
6
 
 
7
     /* Sanity check the parameters */
 
8
-    if (strcmp(realm, text->realm) != 0) {
 
9
+    if (((realm != NULL) && (strcmp(realm, text->realm) != 0)) &&
 
10
+       (text->realm[0] != 0)) {
 
11
        SETERROR(sparams->utils,
 
12
                 "realm changed: authentication aborted");
 
13
        result = SASL_BADAUTH;