packages/cifs-utils
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:a85441d2bae86dda8ee16046cb70d18766efc06e
Branches Tags
packages:main
..
compare: packages:42455b331a3116ff768f2cc48d49b2509f5052ce
Branches Tags
packages:main

10 Commits
a85441d2ba ... 42455b331a

Author SHA1 Message Date
openeuler-ci-bot
42455b331a
!55 [sync] PR-54: cifs-utils: Make automake treat /sbin as exec, not data 
From: @openeuler-sync-bot 
Reviewed-by: @swf504 
Signed-off-by: @swf504
 2024-06-22 07:52:40 +00:00
liuh
c11b0f5289 cifs-utils: Make automake treat /sbin as exec, not data 
(cherry picked from commit 57dd75d12f9c4eb329d7c2268e28d86e9e44daec)
 2024-06-22 14:59:27 +08:00
openeuler-ci-bot
a058496567
!51 cifs.upcall: fix UAF in get_cachename_from_process_env() 
From: @liuh0329 
Reviewed-by: @swf504 
Signed-off-by: @swf504
 2024-05-08 01:07:43 +00:00
liuh
be4a54ba33 cifs.upcall: fix UAF in get_cachename_from_process_env() 2024-04-09 17:44:02 +08:00
openeuler-ci-bot
1deaa53eab
!41 upgrade to version 7.0 
From: @swf504 
Reviewed-by: @liuzhiqiang26 
Signed-off-by: @liuzhiqiang26
 2023-02-11 14:32:28 +00:00
Weifeng Su
5da816179d upgrade to version 7.0 
Signed-off-by: Weifeng Su <suweifeng1@huawei.com>
 2023-02-11 11:35:20 +08:00
openeuler-ci-bot
3da7597fc0
!40 update cifs-utils version to 6.15 
From: @hifi521 
Reviewed-by: @liuzhiqiang26 
Signed-off-by: @liuzhiqiang26
 2022-07-28 01:09:27 +00:00
zhanchengbin
979b73f4fd update cifs-utils version to 6.15 
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
 2022-07-15 04:35:35 +08:00
openeuler-ci-bot
ee36518f29
!35 [sync] PR-34: Fix CVE-2022-27239 and CVE-2022-29869 
From: @openeuler-sync-bot 
Reviewed-by: @liuzhiqiang26 
Signed-off-by: @liuzhiqiang26
 2022-05-05 12:38:02 +00:00
markeryang
b921941cff Fix CVE-2022-27239 and CVE-2022-29869 
(cherry picked from commit 027714241ed38d830ec9abb09a527a473faa2c65)
 2022-05-05 20:29:21 +08:00
5 changed files with 103 additions and 2 deletions
Show Stats Expand all files Collapse all files

46
0001-cifs.upcall-fix-UAF-in-get_cachename_from_process_en.patch Normal file
View File

@ -0,0 +1,46 @@
From 73146385da0945c78af0fbdc08d2bf260db709d5 Mon Sep 17 00:00:00 2001
From: Paulo Alcantara <pc@manguebit.com>
Date: Fri, 8 Mar 2024 12:06:15 -0300
Subject: [PATCH] cifs.upcall: fix UAF in get_cachename_from_process_env()
Whether lseek(2) fails or @bufsize * 2 > ENV_BUF_MAX, then @buf would
end up being freed twice. For instance:
cifs-utils-7.0/cifs.upcall.c:501: freed_arg: "free" frees "buf".
cifs-utils-7.0/cifs.upcall.c:524: double_free: Calling "free" frees
pointer "buf" which has already been freed.
522| }
523| out_close:
524|-> free(buf);
525| close(fd);
526| return cachename;
Fix this by setting @buf to NULL after freeing it to prevent UAF.
Fixes: ed97e4ecab4e ("cifs.upcall: allow scraping of KRB5CCNAME out of initiating task's /proc/<pid>/environ file")
Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.com>
---
cifs.upcall.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/cifs.upcall.c b/cifs.upcall.c
index 52c0328..ff6f2bd 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -498,10 +498,11 @@ retry:
/* We read to the end of the buffer. Double and try again */
syslog(LOG_DEBUG, "%s: read to end of buffer (%zu bytes)\n",
__func__, bufsize);
- free(buf);
- bufsize *= 2;
if (lseek(fd, 0, SEEK_SET) < 0)
goto out_close;
+ free(buf);
+ buf = NULL;
+ bufsize *= 2;
goto retry;
}
--
2.34.1

37
0002-cifs-utils-Make-automake-treat-sbin-as-exec-not-data.patch Normal file
View File

@ -0,0 +1,37 @@
From 25d6552c7d8b9fe2ca9dbf85c74c9330e4dd7770 Mon Sep 17 00:00:00 2001
From: Daniel Parks <danielrparks@ti.com>
Date: Fri, 3 Jun 2022 15:34:59 -0500
Subject: [PATCH] cifs-utils: Make automake treat /sbin as exec, not data
Otherwise, $(DESTDIR)/sbin doesn't get created until install-data on a
-j1 build and install-exec-hook can fail because it might not exist.
Steps to reproduce this bug:
$ autoreconf -i
$ ./configure
$ mkdir image
$ make DESTDIR=image install -j1
Signed-off-by: Daniel Parks <danielrparks@ti.com>
---
Makefile.am | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index a15392d..1a22266 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,8 +1,8 @@
AM_CFLAGS = -Wall -Wextra -D_FORTIFY_SOURCE=2 $(PIE_CFLAGS) $(RELRO_CFLAGS)
ACLOCAL_AMFLAGS = -I aclocal
-root_sbindir = $(ROOTSBINDIR)
-root_sbin_PROGRAMS = mount.cifs
+root_exec_sbindir = $(ROOTSBINDIR)
+root_exec_sbin_PROGRAMS = mount.cifs
mount_cifs_SOURCES = mount.cifs.c mtab.c resolve_host.c util.c
mount_cifs_LDADD = $(LIBCAP) $(CAPNG_LDADD) $(RT_LDADD)
include_HEADERS = cifsidmap.h
--
2.43.0

BIN
cifs-utils-6.14.tar.bz2
View File

Binary file not shown.

BIN
cifs-utils-7.0.tar.bz2 Normal file
View File

Binary file not shown.

22
cifs-utils.spec
View File

@ -1,6 +1,6 @@
Name: cifs-utils
Version: 6.14
Release: 2
Version: 7.0
Release: 3
Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem
License: GPLv3+
URL: http://linux-cifs.samba.org/cifs-utils/
@ -12,6 +12,9 @@ Provides: pam_cifscreds
Obsoletes: pam_cifscreds
Requires: keyutils
Patch0: 0001-cifs.upcall-fix-UAF-in-get_cachename_from_process_en.patch
Patch1: 0002-cifs-utils-Make-automake-treat-sbin-as-exec-not-data.patch
%description
The in-kernel CIFS filesystem is generally the preferred method for mounting
SMB/CIFS shares on Linux.
@ -75,6 +78,21 @@ install -m 644 contrib/request-key.d/cifs.spnego.conf %{buildroot}%{_sysconfdir}
%{_mandir}/man8/*
%changelog
* Fri Jun 21 2024 liuh <liuhuan01@kylinos.cn> - 7.0-3
- sync patch from community
* Tue Apr 9 2024 liuh <liuhuan01@kylinos.cn> - 7.0-2
- sync patch from community
* Sat Feb 11 2023 suweifeng <suweifeng1@huawei.com> - 7.0-1
- upgarde to version 7.0
* Tue Jul 26 2022 zhanchengbin <zhanchengbin1@huawei.com> - 6.15-1
- update cifs-utils version to 6.15-1
* Thu May 5 2022 yanglongkang <yanglongkang@h-partners.com> - 6.14-3
- Fix CVE-2022-27239 and CVE-2022-29869
* Sat Jan 8 2022 yanglongkang <yanglongkang@huawei.com> - 6.14-2
- delete BuildRequires python3-samba