← Back to branch summary

~ubuntu-branches/ubuntu/intrepid/samba/intrepid-proposed

« back to all changes in this revision

Viewing changes to debian/patches/security-CVE-2009-0022.patch

  • Committer: Bazaar Package Importer
  • Author(s): Chuck Short
  • Date: 2009-01-12 13:40:17 UTC
  • mfrom: (56.1.2 intrepid-security)
  • Revision ID: james.westby@ubuntu.com-20090112134017-2jig6l99ut2cp7qz
Tags: 2:3.2.3-1ubuntu3.5
https://launchpad.net/bugs/286119
https://launchpad.net/bugs/264943
* debian/patches/fix-libnss-sigabrt.patch: Fix sigabort when using
  wins client. Taken from upstream. (LP: #286119)
* debian/patches/ Fix sigsev when using old NAS devices. Taken 
  from upstream. Thanks to Thierry Carrez for tracking this down.
  (LP: #264943)

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/security-CVE-2009-0022.patch
 
1
#
 
2
# Description: Fix potential access to the root filesystem when using an
 
3
#              empty string share name.
 
4
# Patch: http://us3.samba.org/samba/ftp/patches/security/samba-3.2.6-CVE-2009-0022.patch
 
5
#
 
6
Index: samba-3.2.3/source/smbd/service.c
 
7
===================================================================
 
8
--- samba-3.2.3.orig/source/smbd/service.c      2009-01-05 08:07:08.000000000 -0500
 
9
+++ samba-3.2.3/source/smbd/service.c   2009-01-05 08:08:06.000000000 -0500
 
10
@@ -235,6 +235,10 @@
 
11
                return -1;
 
12
        }
 
13
 
 
14
+       if ((servicename == NULL) || (*servicename == '\0')) {
 
15
+               return -1;
 
16
+       }
 
17
+
 
18
        if (strequal(servicename, GLOBAL_NAME)) {
 
19
                return -2;
 
20
        }