Attachment 11643 Details for Bug 26413 – Fixed formatting

[patch] Fixed formatting

patch (text/plain), 5.12 KB, created by Elliot L on 2020-05-13 16:09:01 CEST

(hide)

Description:

Filename:

MIME Type:

Creator: Elliot L

Created: 2020-05-13 16:09:01 CEST

Size: 5.12 KB

patch

obsolete

>
>Index: SOURCES/cve-2020-6061+6062-fedora.patch
>===================================================================
>--- SOURCES/cve-2020-6061+6062-fedora.patch	(nonexistent)
>+++ SOURCES/cve-2020-6061+6062-fedora.patch	(working copy)
>@@ -0,0 +1,118 @@
>+new file mode 100644
>+index 0000000..b275505
>+--- /dev/null
>++++ b/coturn-4.5.1.1-cve-2020-6061.patch
>+@@ -0,0 +1,22 @@
>++From 51a7c2b9bf924890c7a3ff4db9c4976c5a93340a Mon Sep 17 00:00:00 2001
>++From: =?UTF-8?q?M=C3=A9sz=C3=A1ros=20Mih=C3=A1ly?= <misi@majd.eu>
>++Date: Mon, 17 Feb 2020 10:34:56 +0100
>++Subject: [PATCH] Fix: CVE-2020-6061/TALOS-2020-0984
>++
>++---
>++ src/apps/relay/http_server.c | 2 +-
>++ 1 file changed, 1 insertion(+), 1 deletion(-)
>++
>++diff --git a/src/apps/relay/http_server.c b/src/apps/relay/http_server.c
>++index 573af49b..1126b49c 100644
>++--- a/src/apps/relay/http_server.c
>+++++ b/src/apps/relay/http_server.c
>++@@ -103,7 +103,7 @@ const char* get_http_date_header()
>++ 
>++ static struct headers_list * post_parse(char *data, size_t data_len)
>++ {
>++-	while((*data=='\r')||(*data=='\n')) ++data;
>+++	while((*data=='\r')||(*data=='\n')) { ++data; --data_len; }
>++ 	char *post_data = (char*)calloc(data_len + 1, sizeof(char));
>++ 	memcpy(post_data, data, data_len);
>++ 	char *fmarker = NULL;
>+new file mode 100644
>+index 0000000..28af270
>+--- /dev/null
>++++ b/coturn-4.5.1.1-cve-2020-6062.patch
>+@@ -0,0 +1,85 @@
>++From e09bcd9f7af5b32c81b37f51835b384b5a7d03a8 Mon Sep 17 00:00:00 2001
>++From: =?UTF-8?q?M=C3=A9sz=C3=A1ros=20Mih=C3=A1ly?= <misi@majd.eu>
>++Date: Tue, 18 Feb 2020 12:31:38 +0100
>++Subject: [PATCH] Fix: CVE-2020-6062 / TALOS-2020-0985
>++
>++---
>++ src/apps/relay/http_server.c | 63 ++++++++++++++++++++----------------
>++ 1 file changed, 36 insertions(+), 27 deletions(-)
>++
>++diff --git a/src/apps/relay/http_server.c b/src/apps/relay/http_server.c
>++index 1126b49c..ff8e3992 100644
>++--- a/src/apps/relay/http_server.c
>+++++ b/src/apps/relay/http_server.c
>++@@ -104,35 +104,44 @@ const char* get_http_date_header()
>++ static struct headers_list * post_parse(char *data, size_t data_len)
>++ {
>++ 	while((*data=='\r')||(*data=='\n')) { ++data; --data_len; }
>++-	char *post_data = (char*)calloc(data_len + 1, sizeof(char));
>++-	memcpy(post_data, data, data_len);
>++-	char *fmarker = NULL;
>++-	char *fsplit = strtok_r(post_data, "&", &fmarker);
>++-	struct headers_list *list = (struct headers_list*)malloc(sizeof(struct headers_list));
>++-	ns_bzero(list,sizeof(struct headers_list));
>++-	while (fsplit != NULL) {
>++-		char *vmarker = NULL;
>++-		char *key = strtok_r(fsplit, "=", &vmarker);
>++-		char *value = strtok_r(NULL, "=", &vmarker);
>++-		char empty[1];
>++-		empty[0]=0;
>++-		value = value ? value : empty;
>++-		value = evhttp_decode_uri(value);
>++-		char *p = value;
>++-		while (*p) {
>++-			if (*p == '+')
>++-				*p = ' ';
>++-			p++;
>+++	if (data_len) {
>+++		char *post_data = (char*)calloc(data_len + 1, sizeof(char));
>+++		if (post_data != NULL) {
>+++			memcpy(post_data, data, data_len);
>+++			char *fmarker = NULL;
>+++			char *fsplit = strtok_r(post_data, "&", &fmarker);
>+++			struct headers_list *list = (struct headers_list*)malloc(sizeof(struct headers_list));
>+++			bzero(list,sizeof(struct headers_list));
>+++			while (fsplit != NULL) {
>+++				char *vmarker = NULL;
>+++				char *key = strtok_r(fsplit, "=", &vmarker);
>+++				if (key == NULL)
>+++					break;
>+++				else {
>+++					char *value = strtok_r(NULL, "=", &vmarker);
>+++					char empty[1];
>+++					empty[0]=0;
>+++					value = value ? value : empty;
>+++					value = evhttp_decode_uri(value);
>+++					char *p = value;
>+++					while (*p) {
>+++						if (*p == '+')
>+++							*p = ' ';
>+++						p++;
>+++					}
>+++					list->keys = (char**)realloc(list->keys,sizeof(char*)*(list->n+1));
>+++					list->keys[list->n] = strdup(key);
>+++					list->values = (char**)realloc(list->values,sizeof(char*)*(list->n+1));
>+++					list->values[list->n] = value;
>+++					++(list->n);
>+++					fsplit = strtok_r(NULL, "&", &fmarker);
>+++				}
>+++			}
>+++			free(post_data);
>+++			return list;
>++ 		}
>++-		list->keys = (char**)realloc(list->keys,sizeof(char*)*(list->n+1));
>++-		list->keys[list->n] = strdup(key);
>++-		list->values = (char**)realloc(list->values,sizeof(char*)*(list->n+1));
>++-		list->values[list->n] = value;
>++-		++(list->n);
>++-		fsplit = strtok_r(NULL, "&", &fmarker);
>++ 	}
>++-	free(post_data);
>++-	return list;
>+++	return NULL;
>++ }
>++ 
>++ static struct http_request* parse_http_request_1(struct http_request* ret, char* request, int parse_post)
>+
>Index: SPECS/coturn.spec
>===================================================================
>--- SPECS/coturn.spec	(revision 1583436)
>+++ SPECS/coturn.spec	(working copy)
>@@ -1,4 +1,5 @@
> %define		sname turnserver
>+%global		subrel 1
> 
> # We don't yet ship libmongoc
> #%bcond_with	build_mongodb
>@@ -12,6 +13,8 @@
> Summary:	Free open source implementation of TURN and STUN Server
> URL:		http://coturn.github.io
> Source:		https://github.com/%{name}/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
>+Patch0:		cve-2020-6061+6062-fedora.patch
>+
> BuildRequires:	pkgconfig(openssl) >= 1.0.2
> BuildRequires:	pkgconfig(libevent) >= 2.0
> BuildRequires:	pkgconfig(sqlite3)
>@@ -31,6 +34,7 @@
> 
> %prep
> %setup -q
>+%autopatch -p1
> 
> %build

Index: SOURCES/cve-2020-6061+6062-fedora.patch
===================================================================
--- SOURCES/cve-2020-6061+6062-fedora.patch	(nonexistent)
+++ SOURCES/cve-2020-6061+6062-fedora.patch	(working copy)
@@ -0,0 +1,118 @@
+new file mode 100644
+index 0000000..b275505
+--- /dev/null
++++ b/coturn-4.5.1.1-cve-2020-6061.patch
+@@ -0,0 +1,22 @@
++From 51a7c2b9bf924890c7a3ff4db9c4976c5a93340a Mon Sep 17 00:00:00 2001
++From: =?UTF-8?q?M=C3=A9sz=C3=A1ros=20Mih=C3=A1ly?= <misi@majd.eu>
++Date: Mon, 17 Feb 2020 10:34:56 +0100
++Subject: [PATCH] Fix: CVE-2020-6061/TALOS-2020-0984
++
++---
++ src/apps/relay/http_server.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/apps/relay/http_server.c b/src/apps/relay/http_server.c
++index 573af49b..1126b49c 100644
++--- a/src/apps/relay/http_server.c
+++++ b/src/apps/relay/http_server.c
++@@ -103,7 +103,7 @@ const char* get_http_date_header()
++ 
++ static struct headers_list * post_parse(char *data, size_t data_len)
++ {
++-	while((*data=='\r')||(*data=='\n')) ++data;
+++	while((*data=='\r')||(*data=='\n')) { ++data; --data_len; }
++ 	char *post_data = (char*)calloc(data_len + 1, sizeof(char));
++ 	memcpy(post_data, data, data_len);
++ 	char *fmarker = NULL;
+new file mode 100644
+index 0000000..28af270
+--- /dev/null
++++ b/coturn-4.5.1.1-cve-2020-6062.patch
+@@ -0,0 +1,85 @@
++From e09bcd9f7af5b32c81b37f51835b384b5a7d03a8 Mon Sep 17 00:00:00 2001
++From: =?UTF-8?q?M=C3=A9sz=C3=A1ros=20Mih=C3=A1ly?= <misi@majd.eu>
++Date: Tue, 18 Feb 2020 12:31:38 +0100
++Subject: [PATCH] Fix: CVE-2020-6062 / TALOS-2020-0985
++
++---
++ src/apps/relay/http_server.c | 63 ++++++++++++++++++++----------------
++ 1 file changed, 36 insertions(+), 27 deletions(-)
++
++diff --git a/src/apps/relay/http_server.c b/src/apps/relay/http_server.c
++index 1126b49c..ff8e3992 100644
++--- a/src/apps/relay/http_server.c
+++++ b/src/apps/relay/http_server.c
++@@ -104,35 +104,44 @@ const char* get_http_date_header()
++ static struct headers_list * post_parse(char *data, size_t data_len)
++ {
++ 	while((*data=='\r')||(*data=='\n')) { ++data; --data_len; }
++-	char *post_data = (char*)calloc(data_len + 1, sizeof(char));
++-	memcpy(post_data, data, data_len);
++-	char *fmarker = NULL;
++-	char *fsplit = strtok_r(post_data, "&", &fmarker);
++-	struct headers_list *list = (struct headers_list*)malloc(sizeof(struct headers_list));
++-	ns_bzero(list,sizeof(struct headers_list));
++-	while (fsplit != NULL) {
++-		char *vmarker = NULL;
++-		char *key = strtok_r(fsplit, "=", &vmarker);
++-		char *value = strtok_r(NULL, "=", &vmarker);
++-		char empty[1];
++-		empty[0]=0;
++-		value = value ? value : empty;
++-		value = evhttp_decode_uri(value);
++-		char *p = value;
++-		while (*p) {
++-			if (*p == '+')
++-				*p = ' ';
++-			p++;
+++	if (data_len) {
+++		char *post_data = (char*)calloc(data_len + 1, sizeof(char));
+++		if (post_data != NULL) {
+++			memcpy(post_data, data, data_len);
+++			char *fmarker = NULL;
+++			char *fsplit = strtok_r(post_data, "&", &fmarker);
+++			struct headers_list *list = (struct headers_list*)malloc(sizeof(struct headers_list));
+++			bzero(list,sizeof(struct headers_list));
+++			while (fsplit != NULL) {
+++				char *vmarker = NULL;
+++				char *key = strtok_r(fsplit, "=", &vmarker);
+++				if (key == NULL)
+++					break;
+++				else {
+++					char *value = strtok_r(NULL, "=", &vmarker);
+++					char empty[1];
+++					empty[0]=0;
+++					value = value ? value : empty;
+++					value = evhttp_decode_uri(value);
+++					char *p = value;
+++					while (*p) {
+++						if (*p == '+')
+++							*p = ' ';
+++						p++;
+++					}
+++					list->keys = (char**)realloc(list->keys,sizeof(char*)*(list->n+1));
+++					list->keys[list->n] = strdup(key);
+++					list->values = (char**)realloc(list->values,sizeof(char*)*(list->n+1));
+++					list->values[list->n] = value;
+++					++(list->n);
+++					fsplit = strtok_r(NULL, "&", &fmarker);
+++				}
+++			}
+++			free(post_data);
+++			return list;
++ 		}
++-		list->keys = (char**)realloc(list->keys,sizeof(char*)*(list->n+1));
++-		list->keys[list->n] = strdup(key);
++-		list->values = (char**)realloc(list->values,sizeof(char*)*(list->n+1));
++-		list->values[list->n] = value;
++-		++(list->n);
++-		fsplit = strtok_r(NULL, "&", &fmarker);
++ 	}
++-	free(post_data);
++-	return list;
+++	return NULL;
++ }
++ 
++ static struct http_request* parse_http_request_1(struct http_request* ret, char* request, int parse_post)
+
Index: SPECS/coturn.spec
===================================================================
--- SPECS/coturn.spec	(revision 1583436)
+++ SPECS/coturn.spec	(working copy)
@@ -1,4 +1,5 @@
 %define		sname turnserver
+%global		subrel 1
 
 # We don't yet ship libmongoc
 #%bcond_with	build_mongodb
@@ -12,6 +13,8 @@
 Summary:	Free open source implementation of TURN and STUN Server
 URL:		http://coturn.github.io
 Source:		https://github.com/%{name}/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
+Patch0:		cve-2020-6061+6062-fedora.patch
+
 BuildRequires:	pkgconfig(openssl) >= 1.0.2
 BuildRequires:	pkgconfig(libevent) >= 2.0
 BuildRequires:	pkgconfig(sqlite3)
@@ -31,6 +34,7 @@
 
 %prep
 %setup -q
+%autopatch -p1
 
 %build

Actions: View | Diff

Attachments on bug 26413: 11640 | 11641 | 11642 | 11643 | 11644