[Pkg-privacy-commits] [torsocks] 01/03: Fix-check_addr-to-return-either-0-or-1.patch: new patch, from upstream maint-0.2.x branch, that fixes a serious bug reported many times upstream and to me (privately) since the Stretch release.

Intrigeri intrigeri at moszumanska.debian.org
Sun Aug 6 17:33:00 UTC 2017 

This is an automated email from the git hooks/post-receive script.

intrigeri pushed a commit to branch stretch
in repository torsocks.

commit 70ce0c2f9a4cc8e79c6ccf4fcb571a94a96bd2fd
Author: intrigeri <intrigeri at boum.org>
Date:   Fri Aug 4 18:58:56 2017 +0000

    Fix-check_addr-to-return-either-0-or-1.patch: new patch, from upstream maint-0.2.x branch, that fixes a serious bug reported many times upstream and to me (privately) since the Stretch release.
---
 .../Fix-check_addr-to-return-either-0-or-1.patch   | 97 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 2 files changed, 98 insertions(+)

diff --git a/debian/patches/Fix-check_addr-to-return-either-0-or-1.patch b/debian/patches/Fix-check_addr-to-return-either-0-or-1.patch
new file mode 100644
index 0000000..cd3f76b
--- /dev/null
+++ b/debian/patches/Fix-check_addr-to-return-either-0-or-1.patch
@@ -0,0 +1,97 @@
+Bug: http://bugs.torproject.org/20871
+Origin: upstream, https://gitweb.torproject.org/torsocks.git/commit/?h=maint-2.2.x&id=15465aa7ace1d5e6dbb58e7adf37933b48e20250
+From: David Goulet <dgoulet at ev0ke.net>
+Date: Fri, 24 Feb 2017 11:02:13 -0500
+Subject: Fix check_addr() to return either 0 or 1
+
+This function is used by utils_is_address_ipv4/6 and has to return 0 on
+error or 1 on success.
+
+Fixes #20871
+
+Signed-off-by: David Goulet <dgoulet at ev0ke.net>
+---
+ src/common/utils.c            | 11 ++++++-----
+ tests/unit/test_config-file.c |  4 ++--
+ tests/unit/test_utils.c       |  8 ++++----
+ 3 files changed, 12 insertions(+), 11 deletions(-)
+
+diff --git a/src/common/utils.c b/src/common/utils.c
+index 82479af..8fe9c6e 100644
+--- a/src/common/utils.c
++++ b/src/common/utils.c
+@@ -45,8 +45,8 @@ static const char *localhost_names_v6[] = {
+ };
+ 
+ /*
+- * Return 1 if the given IP belongs in the af domain else return a negative
+- * value.
++ * Return 1 if the given IP belongs in the af domain else return 0 if the
++ * given ip is not a valid address or the af value is unknown.
+  */
+ static int check_addr(const char *ip, int af)
+ {
+@@ -56,9 +56,10 @@ static int check_addr(const char *ip, int af)
+ 	assert(ip);
+ 
+ 	ret = inet_pton(af, ip, buf);
+-	if (ret != 1) {
+-		ret = -1;
+-	}
++  if (ret == -1) {
++    /* Possible if the af value is unknown to inet_pton. */
++    ret = 0;
++  }
+ 
+ 	return ret;
+ }
+diff --git a/tests/unit/test_config-file.c b/tests/unit/test_config-file.c
+index 59e3115..b48094c 100644
+--- a/tests/unit/test_config-file.c
++++ b/tests/unit/test_config-file.c
+@@ -104,13 +104,13 @@ static void test_config_file_read_invalid_values(void)
+ 
+ 	memset(&config, 0x0, sizeof(config));
+ 	ret = config_file_read(fixture("config4"), &config);
+-	ok(ret == -1 &&
++	ok(ret == 0 &&
+ 		config.conf_file.tor_address == NULL,
+ 		"TorAddress invalid IPv4 returns -1");
+ 
+ 	memset(&config, 0x0, sizeof(config));
+ 	ret = config_file_read(fixture("config5"), &config);
+-	ok(ret == -1 &&
++	ok(ret == 0 &&
+ 		config.conf_file.tor_address == NULL,
+ 		"TorAddress invalid IPv6 returns -1");
+ 
+diff --git a/tests/unit/test_utils.c b/tests/unit/test_utils.c
+index dc5b0ca..95469d8 100644
+--- a/tests/unit/test_utils.c
++++ b/tests/unit/test_utils.c
+@@ -36,10 +36,10 @@ static void test_is_address_ipv4(void)
+ 	ok(ret == 1, "Valid IPv4 address");
+ 
+ 	ret = utils_is_address_ipv4("127.0.0.256");
+-	ok(ret == -1, "Invalid IPv4 address");
++	ok(ret == 0, "Invalid IPv4 address");
+ 
+ 	ret = utils_is_address_ipv4("::1");
+-	ok(ret == -1, "Invalid IPv4 address when IPv6");
++	ok(ret == 0, "Invalid IPv4 address when IPv6");
+ }
+ 
+ static void test_is_address_ipv6(void)
+@@ -55,10 +55,10 @@ static void test_is_address_ipv6(void)
+ 	ok(ret == 1, "Valid IPv6 address");
+ 
+ 	ret = utils_is_address_ipv6("2001:DB8:0:0:8:800:200C:G");
+-	ok(ret == -1, "Invalid IPv6 address");
++	ok(ret == 0, "Invalid IPv6 address");
+ 
+ 	ret = utils_is_address_ipv6("192.168.0.1");
+-	ok(ret == -1, "Invalid IPv6 address when IPv4");
++	ok(ret == 0, "Invalid IPv6 address when IPv4");
+ }
+ 
+ static void test_localhost_resolve(void)
diff --git a/debian/patches/series b/debian/patches/series
index 030d0ff..ca41ce6 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
+Fix-check_addr-to-return-either-0-or-1.patch
 exclude_test_requiring_network.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/torsocks.git

More information about the Pkg-privacy-commits mailing list