packages/openssh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

move closefrom to before first malloc

Browse Source
This commit is contained in:
seuzw 2021-07-20 19:31:47 +08:00
parent 48e33d1f96
commit 24ff0a5c9c
2 changed files with 55 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
backport-move-closefrom-to-before-first-malloc.patch Normal file
View File

@ -0,0 +1,46 @@
From c9f7bba2e6f70b7ac1f5ea190d890cb5162ce127 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@dtucker.net>
Date: Fri, 25 Jun 2021 15:08:18 +1000
Subject: Move closefrom() to before first malloc.
When built against tcmalloc, tcmalloc allocates a descriptor for its
internal use, so calling closefrom() afterward causes the descriptor
number to be reused resulting in a corrupted connection. Moving the
closefrom a little earlier should resolve this. From kircherlike at
outlook.com via bz#3321, ok djm@
---
ssh.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/ssh.c b/ssh.c
index cf8c018e..0343cba3 100644
--- a/ssh.c
+++ b/ssh.c
@@ -609,6 +609,12 @@ main(int ac, char **av)
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
+ /*
+ * Discard other fds that are hanging around. These can cause problem
+ * with backgrounded ssh processes started by ControlPersist.
+ */
+ closefrom(STDERR_FILENO + 1);
+
__progname = ssh_get_progname(av[0]);
#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSLeay_add_all_algorithms();
@@ -638,12 +644,6 @@ main(int ac, char **av)
debug("FIPS mode initialized");
}
- /*
- * Discard other fds that are hanging around. These can cause problem
- * with backgrounded ssh processes started by ControlPersist.
- */
- closefrom(STDERR_FILENO + 1);
-
/* Get user data. */
pw = getpwuid(getuid());
if (!pw) {
--
cgit v1.2.3

10
openssh.spec
View File

@ -6,7 +6,7 @@
%{?no_gtk2:%global gtk2 0} %{?no_gtk2:%global gtk2 0}
%global sshd_uid 74 %global sshd_uid 74
%global openssh_release 11 %global openssh_release 12
Name: openssh Name: openssh
Version: 8.2p1 Version: 8.2p1
@ -92,6 +92,7 @@ Patch59: upstream-expose-vasnmprintf.patch
Patch60: CVE-2018-15919.patch Patch60: CVE-2018-15919.patch
Patch61: CVE-2020-14145.patch Patch61: CVE-2020-14145.patch
Patch62: add-strict-scp-check-for-CVE-2020-15778.patch Patch62: add-strict-scp-check-for-CVE-2020-15778.patch
Patch63: backport-move-closefrom-to-before-first-malloc.patch
Requires: /sbin/nologin Requires: /sbin/nologin
Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8 Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8
@ -256,6 +257,7 @@ popd
%patch60 -p1 %patch60 -p1
%patch61 -p1 %patch61 -p1
%patch62 -p1 %patch62 -p1
%patch63 -p1
autoreconf autoreconf
pushd pam_ssh_agent_auth-0.10.3 pushd pam_ssh_agent_auth-0.10.3
@ -470,6 +472,12 @@ getent passwd sshd >/dev/null || \
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8* %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
%changelog %changelog
* Tue Jul 20 2021 seuzw<930zhaowei@163.com> - 8.2P1-12
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:move classfrom to before first malloc
* Fri Jul 09 2021 panchenbo<panchenbo@uniontech.com> - 8.2P1-11 * Fri Jul 09 2021 panchenbo<panchenbo@uniontech.com> - 8.2P1-11
- fix pam_ssh_agent_auth.8.gz conflicts - fix pam_ssh_agent_auth.8.gz conflicts