diff options
author | garga <garga@FreeBSD.org> | 2005-09-30 19:37:29 +0000 |
---|---|---|
committer | garga <garga@FreeBSD.org> | 2005-09-30 19:37:29 +0000 |
commit | f452e9e79a6336d1e192232f2ab435a4f0981f42 (patch) | |
tree | bbd0f084a2b1ca035cc04eb58d676108a4956dea | |
parent | 587a496fca4bc8782a7364567861983e99c7648a (diff) | |
download | FreeBSD-ports-f452e9e79a6336d1e192232f2ab435a4f0981f42.zip FreeBSD-ports-f452e9e79a6336d1e192232f2ab435a4f0981f42.tar.gz |
Rodrigo Graeff <delphus@delphus.org> made a patch to convert select() to
poll() and fix the security problem on rinetd.
Author told me will use this patch and release a new version, but, when
it doesn't happen, i'm adding the patch here, and, bumping PORTREVISION,
so, 0.62_1 is not more vulnerable.
Security: http://www.FreeBSD.org/ports/portaudit/4c005a5e-2541-4d95-80a0-00c76919aa66.html
-rw-r--r-- | net/rinetd/Makefile | 1 | ||||
-rw-r--r-- | net/rinetd/files/patch-select2poll | 162 |
2 files changed, 163 insertions, 0 deletions
diff --git a/net/rinetd/Makefile b/net/rinetd/Makefile index f4aaccb..5751c9d 100644 --- a/net/rinetd/Makefile +++ b/net/rinetd/Makefile @@ -7,6 +7,7 @@ PORTNAME= rinetd PORTVERSION= 0.62 +PORTREVISION= 1 CATEGORIES= net MASTER_SITES= http://www.boutell.com/rinetd/http/ DISTNAME= rinetd diff --git a/net/rinetd/files/patch-select2poll b/net/rinetd/files/patch-select2poll new file mode 100644 index 0000000..0e0eedc --- /dev/null +++ b/net/rinetd/files/patch-select2poll @@ -0,0 +1,162 @@ +--- rinetd.c.bkp Mon Apr 14 22:19:23 2003 ++++ rinetd.c Fri Sep 30 16:03:34 2005 +@@ -12,6 +12,7 @@ + #include <netinet/in.h>
+ #include <getopt.h>
+ #include <errno.h>
++#include <poll.h> + #define INVALID_SOCKET (-1)
+ #include <sys/time.h>
+ #endif /* WIN32 */
+@@ -750,15 +751,62 @@ + void openLocalFd(int se, int i); + int getAddress(char *host, struct in_addr *iaddr); + ++inline void poll_init_fds(struct pollfd *pfds, int size) { ++ int i; ++ ++ memset(pfds, 0, sizeof(struct pollfd) * size); ++ for(i = 0; i < size; i++) ++ pfds[i].fd = -1; ++} ++ ++void poll_set_fd(struct pollfd *pfds, int size, int *count, ++ int fd, short int ev) { ++ int i; ++ ++ for(i = 0; i < size; i++) { ++ if(pfds[i].fd == -1) { ++ pfds[i].fd = fd; ++ pfds[i].events |= ev; ++ *count++; ++ break; ++ } ++ if(pfds[i].fd == fd) { ++ pfds[i].events |= ev; ++ break; ++ } ++ } ++} ++ ++int poll_fd_isset(struct pollfd *pfds, int nfds, int fd, short event) { ++ int i; ++ ++ for(i = 0; i < nfds; i++) { ++ if(pfds[i].fd == fd) ++ return pfds[i].revents & event; ++ } ++ ++ return 0; ++} ++ + void selectPass(void) { + int i; +- fd_set readfds, writefds; +- FD_ZERO(&readfds); +- FD_ZERO(&writefds); ++ int nfds = 0; ++ int total = 0; ++ static struct pollfd *pfds = NULL; ++ + /* Server sockets */ ++ total = seTotal + (coTotal * 2); ++ ++ if(!pfds) { ++ pfds = malloc(sizeof(struct pollfd) * total); ++ } ++ ++ poll_init_fds(pfds, total); ++ + for (i = 0; (i < seTotal); i++) { + if (seFds[i] != INVALID_SOCKET) { +- FD_SET(seFds[i], &readfds); ++ //FD_SET(seFds[i], &readfds) ++ poll_set_fd(pfds, total, &nfds, seFds[i], POLLIN); + } + } + /* Connection sockets */ +@@ -768,35 +816,45 @@ + } + if (coClosing[i]) { + if (!reClosed[i]) { +- FD_SET(reFds[i], &writefds); ++ //FD_SET(reFds[i], &writefds); ++ poll_set_fd(pfds, total, &nfds, ++ reFds[i], POLLOUT); + } + if (!loClosed[i]) { +- FD_SET(loFds[i], &writefds); ++ //FD_SET(loFds[i], &writefds); ++ poll_set_fd(pfds, total, &nfds, ++ loFds[i], POLLOUT); + } + } + /* Get more input if we have room for it */ + if ((!reClosed[i]) && (coInputRPos[i] < bufferSpace)) { +- FD_SET(reFds[i], &readfds); ++ //FD_SET(reFds[i], &readfds); ++ poll_set_fd(pfds, total, &nfds, reFds[i], POLLIN); + } + /* Send more output if we have any */ + if ((!reClosed[i]) && (coOutputWPos[i] < coOutputRPos[i])) { +- FD_SET(reFds[i], &writefds); ++ //FD_SET(reFds[i], &writefds); ++ poll_set_fd(pfds, total, &nfds, reFds[i], POLLOUT); + } + /* Accept more output from the local + server if there's room */ + if ((!loClosed[i]) && (coOutputRPos[i] < bufferSpace)) { +- FD_SET(loFds[i], &readfds); ++ //FD_SET(loFds[i], &readfds); ++ poll_set_fd(pfds, total, &nfds, loFds[i], POLLIN); + } + /* Send more input to the local server + if we have any */ + if ((!loClosed[i]) && (coInputWPos[i] < coInputRPos[i])) { +- FD_SET(loFds[i], &writefds); ++ //FD_SET(loFds[i], &writefds); ++ poll_set_fd(pfds, total, &nfds, loFds[i], POLLOUT); + } + } +- select(maxfd + 1, &readfds, &writefds, 0, 0); ++ //select(maxfd + 1, &readfds, &writefds, 0, 0); ++ poll(pfds, nfds, 0); + for (i = 0; (i < seTotal); i++) { + if (seFds[i] != -1) { +- if (FD_ISSET(seFds[i], &readfds)) { ++ //if (FD_ISSET(seFds[i], &readfds)) { ++ if (poll_fd_isset(pfds, nfds, seFds[i], POLLIN)) { + handleAccept(i); + } + } +@@ -806,22 +864,26 @@ + continue; + } + if (!reClosed[i]) { +- if (FD_ISSET(reFds[i], &readfds)) { ++ //if (FD_ISSET(reFds[i], &readfds)) { ++ if (poll_fd_isset(pfds, nfds, reFds[i], POLLIN)) { + handleRemoteRead(i); + } + } + if (!reClosed[i]) { +- if (FD_ISSET(reFds[i], &writefds)) { ++ //if (FD_ISSET(reFds[i], &writefds)) { ++ if (poll_fd_isset(pfds, nfds, reFds[i], POLLOUT)) { + handleRemoteWrite(i); + } + } + if (!loClosed[i]) { +- if (FD_ISSET(loFds[i], &readfds)) { ++ //if (FD_ISSET(loFds[i], &readfds)) { ++ if (poll_fd_isset(pfds, nfds, loFds[i], POLLIN)) { + handleLocalRead(i); + } + } + if (!loClosed[i]) { +- if (FD_ISSET(loFds[i], &writefds)) { ++ //if (FD_ISSET(loFds[i], &writefds)) { ++ if (poll_fd_isset(pfds, nfds, loFds[i], POLLOUT)) { + handleLocalWrite(i); + } + } |