~alpine/aports

1

[alpine-aports] [PATCH] main/busybox: Fixed segfault in microcom

Marian Buschsieweke <marian.buschsieweke@ovgu.de>
Details
Message ID
<20170803050752.17496-1-marian.buschsieweke@ovgu.de>
Sender timestamp
1501736872
DKIM signature
missing
Download raw message
6 years ago
Patch: +34 -1 
microcom does not check if required parameter "TTY" is present. Thus,
bb_basename() is called with a NULL pointer, if microcom is started without
any parameter. This in turn calls strlen() on this NULL pointer, resulting
in a segfault. The supplied patch adds a check for the missing TTY parameter
and prints usage when it is missing.
---
 main/busybox/0012-microcom-segfault.patch | 31 +++++++++++++++++++++++++++++++
 main/busybox/APKBUILD                     |  4 +++-
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 main/busybox/0012-microcom-segfault.patch

diff --git a/main/busybox/0012-microcom-segfault.patch b/main/busybox/0012-microcom-segfault.patch
new file mode 100644
index 0000000000..4789079b35
--- /dev/null
+++ b/main/busybox/0012-microcom-segfault.patch
@@ -0,0 +1,31 @@
From fd8a0116a29ea4014fac7fbdba2636fc7b51ffc2 Mon Sep 17 00:00:00 2001
From: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
Date: Wed, 2 Aug 2017 23:36:08 +0200
Subject: [PATCH] miscutils/microcom: Fixed segfault

microcom did not check if required parameter TTY is present. Thus,
bb_basename() was called with a NULL pointer if TTY was missing.
This commit adds the missing check.
---
 miscutils/microcom.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/miscutils/microcom.c b/miscutils/microcom.c
index 14b9f3baf..38f6425c1 100644
--- a/miscutils/microcom.c
+++ b/miscutils/microcom.c
@@ -78,6 +78,11 @@ int microcom_main(int argc UNUSED_PARAM, char **argv)
 //	argc -= optind;
 	argv += optind;
 
+	if (*argv == NULL){
+		bb_show_usage();
+		return EXIT_FAILURE;
+	}
+
 	// try to create lock file in /var/lock
 	device_lock_file = (char *)bb_basename(argv[0]);
 	device_lock_file = xasprintf("/var/lock/LCK..%s", device_lock_file);
-- 
2.13.3

diff --git a/main/busybox/APKBUILD b/main/busybox/APKBUILD
index 012df29aa0..d8e68b13f0 100644
--- a/main/busybox/APKBUILD
+++ b/main/busybox/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=busybox
pkgver=1.27.0
pkgrel=3
pkgrel=4
pkgdesc="Size optimized toolbox of many common UNIX utilities"
url=http://busybox.net
arch="all"
@@ -30,6 +30,7 @@ source="http://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
	0010-udhcpc-Don-t-background-if-n-is-given.patch
	0011-testsuite-fix-cpio-tests.patch
	0001-unzip-fix-regression-on-big-endian-machines.patch
	0012-microcom-segfault.patch

	top-buffer-overflow.patch

@@ -181,6 +182,7 @@ d1c375184f806f7550bac5c82ab5471bdb8085d845172c973724b22af05ab3759b3ce982e088b4c4
9b5143d0be615b1604d82007628d59a62721f1e61a63cca7a4ffa5e60fa8da102bfc21fa20cc35c2f5a0a24bc8013598f8eff5888f9d0f3bcfa796343b5f5a91  0010-udhcpc-Don-t-background-if-n-is-given.patch
f4e00eb13fda752df13f300a7ed9b1320ca9f573c4309247f292c8710464d7be8740148f42e4aff16312335eadabce5a629dce4af58334b9199faf2fd658e4f9  0011-testsuite-fix-cpio-tests.patch
daa6732a95a52a194d2031f2d5af5f658b9da3e8669fc2206000faaab7da56966a62646eed615fd1cbc5f07d42c03bf19ff183ef6f933b7daaeef1d388e21874  0001-unzip-fix-regression-on-big-endian-machines.patch
a09a64b3bce8048c58a68dcd2dd9e63c911009c06195d6bb4e5aecfb5700e479c25b34635c60899127975fae32275ad51846ee75f840d612e00668ce9aba8322  0012-microcom-segfault.patch
524e858b52cb31fb8d24e8c7f18606fff349aeab6a14da9cca3902641f6127980daed73c53586c6e8b41eecda06cdb29c40ff1dde2dc82a318c2649680458921  top-buffer-overflow.patch
a9b1403c844c51934637215307dd9e2adb9458921047acff0d86dcf229b6e0027f4b2c6cdaa25a58407aad9d098fb5685d58eb5ff8d2aa3de4912cdea21fe54c  acpid.logrotate
857dece10267a065e0e8c16dd6190656f890a5aff774e96321715673dda23e75a8e61148e81d6286b7bdfe737a0b99104f9b04deeb4f392c72b63d8e3d00e556  busyboxconfig
-- 
2.13.3



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Natanael Copa <ncopa@alpinelinux.org>
Details
Message ID
<20170803130652.383aa34c@ncopa-desktop.copa.dup.pw>
In-Reply-To
<20170803050752.17496-1-marian.buschsieweke@ovgu.de> (view parent)
Sender timestamp
1501758412
DKIM signature
missing
Download raw message
6 years ago 
On Thu,  3 Aug 2017 07:07:52 +0200
Marian Buschsieweke <marian.buschsieweke@ovgu.de> wrote:

> microcom does not check if required parameter "TTY" is present. Thus,
> bb_basename() is called with a NULL pointer, if microcom is started without
> any parameter. This in turn calls strlen() on this NULL pointer, resulting
> in a segfault. The supplied patch adds a check for the missing TTY parameter
> and prints usage when it is missing.

I pushed it to git master. Thank you!

Did you send it upstream? Or at least reported it to busybox developers?

Is this needed for 3.6-stable too?

-nc



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)