]> git.pld-linux.org Git - packages/lighttpd.git/commitdiff
projects / packages / lighttpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d84a12b)
- rel 2; avoid SEGV when crypt() returns error in case of invalid salt or wrong lack... auto/th/lighttpd-1.4.32-2
authorArkadiusz Miśkiewicz <arekm@maven.pl>
Wed, 5 Jun 2013 18:00:46 +0000 (20:00 +0200)
committerArkadiusz Miśkiewicz <arekm@maven.pl>
Wed, 5 Jun 2013 18:00:46 +0000 (20:00 +0200)
lighttpd-crypt.patch [new file with mode: 0644] patch | blob
lighttpd.spec patch | blob | blame | history

diff --git a/lighttpd-crypt.patch b/lighttpd-crypt.patch
new file mode 100644 (file)
index 0000000..66ad80a
--- /dev/null
+++ b/lighttpd-crypt.patch
@@ -0,0 +1,12 @@
+diff -urN lighttpd-1.4.32.org/src/http_auth.c lighttpd-1.4.32/src/http_auth.c
+--- lighttpd-1.4.32.org/src/http_auth.c        2012-05-17 11:29:24.000000000 +0200
++++ lighttpd-1.4.32/src/http_auth.c    2013-06-05 19:58:07.828450230 +0200
+@@ -688,6 +688,8 @@
+               salt[salt_len] = '\0';
+               crypted = crypt(pw, salt);
++              if (NULL == crypted)
++                      return -1;
+               if (0 == strcmp(password->ptr, crypted)) {
+                       return 0;
diff --git a/lighttpd.spec b/lighttpd.spec
index ef290e60dac137eb8f66670cff0d8b5db58ef7fa..f31ecf85565049ec116259906875b3f00b29fda5 100644 (file)
--- a/lighttpd.spec
+++ b/lighttpd.spec
@@ -29,7 +29,7 @@ Summary:      Fast and light HTTP server
 Summary(pl.UTF-8):     Szybki i lekki serwer HTTP
 Name:          lighttpd
 Version:       1.4.32
-Release:       1
+Release:       2
 License:       BSD
 Group:         Networking/Daemons/HTTP
 Source0:       http://download.lighttpd.net/lighttpd/releases-1.4.x/%{name}-%{version}.tar.bz2
@@ -100,6 +100,7 @@ Patch2:             %{name}-mod_h264_streaming.patch
 Patch3:                %{name}-branding.patch
 Patch5:                %{name}-mod_deflate.patch
 Patch6:                test-port-setup.patch
+Patch7:                %{name}-crypt.patch
 #Patch:                %{name}-modinit-before-fork.patch
 #Patch:                %{name}-errorlog-before-fork.patch
 URL:           http://www.lighttpd.net/
@@ -836,6 +837,7 @@ Plik monitrc do monitorowania serwera www lighttpd.
 %patch3 -p1
 %{?with_deflate:%patch5 -p1}
 %patch6 -p1
+%patch7 -p1
 
 rm -f src/mod_ssi_exprparser.h # bad patching: should be removed by is emptied instead
 
Fast and light HTTP server
This page took 0.058644 seconds and 4 git commands to generate.