Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
openssh-askpass-gnome.29887
openssh-CVE-2019-6109-sanitize-scp-filenames.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssh-CVE-2019-6109-sanitize-scp-filenames.patch of Package openssh-askpass-gnome.29887
commit 8976f1c4b2721c26e878151f52bdf346dfe2d54c Author: dtucker@openbsd.org <dtucker@openbsd.org> Date: Wed Jan 23 08:01:46 2019 +0000 upstream: Sanitize scp filenames via snmprintf. To do this we move the progressmeter formatting outside of signal handler context and have the atomicio callback called for EINTR too. bz#2434 with contributions from djm and jjelen at redhat.com, ok djm@ OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8 Index: openssh-7.2p2/atomicio.c =================================================================== --- openssh-7.2p2.orig/atomicio.c +++ openssh-7.2p2/atomicio.c @@ -65,9 +65,14 @@ atomicio6(ssize_t (*f) (int, void *, siz res = (f) (fd, s + pos, n - pos); switch (res) { case -1: - if (errno == EINTR) + if (errno == EINTR) { + /* possible SIGALARM, update callback */ + if (cb != NULL && cb(cb_arg, 0) == -1) { + errno = EINTR; + return pos; + } continue; - if (errno == EAGAIN || errno == EWOULDBLOCK) { + } else if (errno == EAGAIN || errno == EWOULDBLOCK) { #ifndef BROKEN_READ_COMPARISON (void)poll(&pfd, 1, -1); #endif @@ -122,9 +127,14 @@ atomiciov6(ssize_t (*f) (int, const stru res = (f) (fd, iov, iovcnt); switch (res) { case -1: - if (errno == EINTR) + if (errno == EINTR) { + /* possible SIGALARM, update callback */ + if (cb != NULL && cb(cb_arg, 0) == -1) { + errno = EINTR; + return pos; + } continue; - if (errno == EAGAIN || errno == EWOULDBLOCK) { + } else if (errno == EAGAIN || errno == EWOULDBLOCK) { #ifndef BROKEN_READV_COMPARISON (void)poll(&pfd, 1, -1); #endif Index: openssh-7.2p2/progressmeter.c =================================================================== --- openssh-7.2p2.orig/progressmeter.c +++ openssh-7.2p2/progressmeter.c @@ -31,6 +31,7 @@ #include <errno.h> #include <signal.h> +#include <stdarg.h> #include <stdio.h> #include <string.h> #include <time.h> @@ -39,6 +40,7 @@ #include "progressmeter.h" #include "atomicio.h" #include "misc.h" +#include "utf8.h" #define DEFAULT_WINSIZE 80 #define MAX_WINSIZE 512 @@ -61,7 +63,7 @@ static void setscreensize(void); void refresh_progress_meter(void); /* signal handler for updating the progress meter */ -static void update_progress_meter(int); +static void sig_alarm(int); static time_t start; /* start progress */ static time_t last_update; /* last progress update */ @@ -74,6 +76,7 @@ static long stalled; /* how long we hav static int bytes_per_second; /* current speed in bytes per second */ static int win_size; /* terminal window size */ static volatile sig_atomic_t win_resized; /* for window resizing */ +static volatile sig_atomic_t alarm_fired; /* units for format_size */ static const char unit[] = " KMGT"; @@ -127,9 +130,17 @@ refresh_progress_meter(void) off_t bytes_left; int cur_speed; int hours, minutes, seconds; - int i, len; int file_len; + if ((!alarm_fired && !win_resized) || !can_output()) + return; + alarm_fired = 0; + + if (win_resized) { + setscreensize(); + win_resized = 0; + } + transferred = *counter - (cur_pos ? cur_pos : start_pos); cur_pos = *counter; now = monotime(); @@ -159,16 +170,11 @@ refresh_progress_meter(void) /* filename */ buf[0] = '\0'; - file_len = win_size - 35; + file_len = win_size - 36; if (file_len > 0) { - len = snprintf(buf, file_len + 1, "\r%s", file); - if (len < 0) - len = 0; - if (len >= file_len + 1) - len = file_len; - for (i = len; i < file_len; i++) - buf[i] = ' '; - buf[file_len] = '\0'; + buf[0] = '\r'; + snmprintf(buf+1, sizeof(buf)-1 , &file_len, "%*s", + file_len * -1, file); } /* percent of transfer done */ @@ -229,22 +235,11 @@ refresh_progress_meter(void) /*ARGSUSED*/ static void -update_progress_meter(int ignore) +sig_alarm(int ignore) { - int save_errno; - - save_errno = errno; - - if (win_resized) { - setscreensize(); - win_resized = 0; - } - if (can_output()) - refresh_progress_meter(); - - signal(SIGALRM, update_progress_meter); + signal(SIGALRM, sig_alarm); + alarm_fired = 1; alarm(UPDATE_INTERVAL); - errno = save_errno; } void @@ -260,10 +255,9 @@ start_progress_meter(const char *f, off_ bytes_per_second = 0; setscreensize(); - if (can_output()) - refresh_progress_meter(); + refresh_progress_meter(); - signal(SIGALRM, update_progress_meter); + signal(SIGALRM, sig_alarm); signal(SIGWINCH, sig_winch); alarm(UPDATE_INTERVAL); } @@ -287,6 +281,7 @@ stop_progress_meter(void) static void sig_winch(int sig) { + signal(SIGWINCH, sig_winch); win_resized = 1; } Index: openssh-7.2p2/progressmeter.h =================================================================== --- openssh-7.2p2.orig/progressmeter.h +++ openssh-7.2p2/progressmeter.h @@ -1,4 +1,4 @@ -/* $OpenBSD: progressmeter.h,v 1.3 2015/01/14 13:54:13 djm Exp $ */ +/* $OpenBSD: progressmeter.h,v 1.4 2019/01/23 08:01:46 dtucker Exp $ */ /* * Copyright (c) 2002 Nils Nordman. All rights reserved. * @@ -24,4 +24,5 @@ */ void start_progress_meter(const char *, off_t, off_t *); +void refresh_progress_meter(void); void stop_progress_meter(void); Index: openssh-7.2p2/scp.c =================================================================== --- openssh-7.2p2.orig/scp.c +++ openssh-7.2p2/scp.c @@ -556,6 +556,7 @@ scpio(void *_cnt, size_t s) off_t *cnt = (off_t *)_cnt; *cnt += s; + refresh_progress_meter(); if (limit_kbps > 0) bandwidth_limit(&bwlimit, s); return 0; Index: openssh-7.2p2/sftp-client.c =================================================================== --- openssh-7.2p2.orig/sftp-client.c +++ openssh-7.2p2/sftp-client.c @@ -94,7 +94,9 @@ sftpio(void *_bwlimit, size_t amount) { struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; - bandwidth_limit(bwlimit, amount); + refresh_progress_meter(); + if (bwlimit != NULL) + bandwidth_limit(bwlimit, amount); return 0; } @@ -114,8 +116,8 @@ send_msg(struct sftp_conn *conn, struct iov[1].iov_base = (u_char *)sshbuf_ptr(m); iov[1].iov_len = sshbuf_len(m); - if (atomiciov6(writev, conn->fd_out, iov, 2, - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) != + if (atomiciov6(writev, conn->fd_out, iov, 2, sftpio, + conn->limit_kbps > 0 ? &conn->bwlimit_out : NULL) != sshbuf_len(m) + sizeof(mlen)) fatal("Couldn't send packet: %s", strerror(errno)); @@ -131,8 +133,8 @@ get_msg(struct sftp_conn *conn, struct s if ((r = sshbuf_reserve(m, 4, &p)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (atomicio6(read, conn->fd_in, p, 4, - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) != 4) { + if (atomicio6(read, conn->fd_in, p, 4, sftpio, + conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != 4) { if (errno == EPIPE) fatal("Connection closed"); else @@ -146,8 +148,8 @@ get_msg(struct sftp_conn *conn, struct s if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (atomicio6(read, conn->fd_in, p, msg_len, - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) + if (atomicio6(read, conn->fd_in, p, msg_len, sftpio, + conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != msg_len) { if (errno == EPIPE) fatal("Connection closed");
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
