svn commit: r371656 - in head/x11/kde4-runtime: . files

Alonso Schaich alonso at FreeBSD.org
Tue Oct 28 22:56:29 UTC 2014 

Author: alonso
Date: Tue Oct 28 22:56:27 2014
New Revision: 371656
URL: https://svnweb.freebsd.org/changeset/ports/371656
QAT: https://qat.redports.org/buildarchive/r371656/

Log:
  Fix an OOB memory read in kio_sftp
  
  When passing timeout values to ssh_option_set of security/libssh, an int type
  pointer is used instead of a long int one required by the ssh_option_set
  documentation, which causes platform specific (or undefined) behaviour on
  architectures where sizeof (long int) is different to sizeof (int).
  
  Fix this by "promoting" the referenced locals to long integer type.
  
  This commit merges r10452 of area51 and is based on a report by Dwayne
  MacKinnon via kde@ mailing list.
  
  References:
    https://mail.kde.org/pipermail/kde-freebsd/2014-October/018330.html
    https://bugs.kde.org/show_bug.cgi?id=331674
  
  Approved by:	rakuco (mentor)

Added:
  head/x11/kde4-runtime/files/patch-kioslave__sftp__kio_sftp.cpp   (contents, props changed)
Modified:
  head/x11/kde4-runtime/Makefile

Modified: head/x11/kde4-runtime/Makefile
==============================================================================
--- head/x11/kde4-runtime/Makefile	Tue Oct 28 22:55:13 2014	(r371655)
+++ head/x11/kde4-runtime/Makefile	Tue Oct 28 22:56:27 2014	(r371656)
@@ -2,6 +2,7 @@
 
 PORTNAME=	kde-runtime
 PORTVERSION=	${KDE4_VERSION}
+PORTREVISION=	1
 CATEGORIES=	x11 kde
 MASTER_SITES=	KDE/${KDE4_BRANCH}/${PORTVERSION}/src
 DIST_SUBDIR=	KDE/${PORTVERSION}

Added: head/x11/kde4-runtime/files/patch-kioslave__sftp__kio_sftp.cpp
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/x11/kde4-runtime/files/patch-kioslave__sftp__kio_sftp.cpp	Tue Oct 28 22:56:27 2014	(r371656)
@@ -0,0 +1,11 @@
+--- kioslave/sftp/kio_sftp.cpp.orig	2014-10-27 22:00:05.195340477 +0100
++++ kioslave/sftp/kio_sftp.cpp		2014-10-27 22:00:14.755340379 +0100
+@@ -528,7 +528,7 @@
+     return false;
+   }
+ 
+-  int timeout_sec = 30, timeout_usec = 0;
++  long int timeout_sec = 30, timeout_usec = 0;
+ 
+   kDebug(KIO_SFTP_DB) << "Creating the SSH session and setting options";
+

More information about the svn-ports-head mailing list