aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKevin Zheng <kevinz5000@gmail.com>2021-09-01 05:07:43 +0000
committerPhilip Paeps <philip@FreeBSD.org>2021-10-04 04:28:58 +0000
commit371d21badc1c56e48e307eb2f0a0ccf376a03cdb (patch)
tree721cde01c3f80d780e8f411a854a2b55564db2a9
parent7a48303412a57950bed83a91f1b1033c089fb657 (diff)
downloadports-371d21badc1c56e48e307eb2f0a0ccf376a03cdb.tar.gz
ports-371d21badc1c56e48e307eb2f0a0ccf376a03cdb.zip
security/sshguard: Fix memset() off-by-one
This bug causes a stack overflow (and crash due to failed stack check) when certain IPv6 addresses are whitelisted on i386. PR: 258179 Reported by: John Marshall <john@jmarshall.id.au> MFH: 2021Q4 (cherry picked from commit c3381bf4d961159f4903f573c7f01fae85ad5a18)
-rw-r--r--security/sshguard/Makefile1
-rw-r--r--security/sshguard/files/patch-src_blocker_sshguard__whitelist.c11
2 files changed, 12 insertions, 0 deletions
diff --git a/security/sshguard/Makefile b/security/sshguard/Makefile
index ba84072408b4..48621f158097 100644
--- a/security/sshguard/Makefile
+++ b/security/sshguard/Makefile
@@ -2,6 +2,7 @@
PORTNAME= sshguard
PORTVERSION= 2.4.2
+PORTREVISION= 1
PORTEPOCH= 1
CATEGORIES= security
MASTER_SITES= SF/sshguard/sshguard/${PORTVERSION}
diff --git a/security/sshguard/files/patch-src_blocker_sshguard__whitelist.c b/security/sshguard/files/patch-src_blocker_sshguard__whitelist.c
new file mode 100644
index 000000000000..6e468872f458
--- /dev/null
+++ b/security/sshguard/files/patch-src_blocker_sshguard__whitelist.c
@@ -0,0 +1,11 @@
+--- src/blocker/sshguard_whitelist.c.orig 2020-12-31 17:06:03 UTC
++++ src/blocker/sshguard_whitelist.c
+@@ -275,7 +275,7 @@ int whitelist_add_block6(const char *restrict address,
+ bitlen = masklen % 8;
+ bitmask = 0xFF << (8 - bitlen);
+ ab.address.ip6.mask.s6_addr[bytelen] = bitmask;
+- memset(& ab.address.ip6.mask.s6_addr[bytelen+1], 0x00, sizeof(ab.address.ip6.mask.s6_addr) - bytelen);
++ memset(& ab.address.ip6.mask.s6_addr[bytelen+1], 0x00, sizeof(ab.address.ip6.mask.s6_addr) - bytelen - 1);
+
+ if (! list_contains(& whitelist, &ab)) {
+ list_append(& whitelist, &ab);