Package: release.debian.org
Severity: normal
Tags: patch
User: release.debian....@packages.debian.org
Usertags: unblock
Hi,
both olsrd 0.6.2-2 (testing) and 0.6.3-5 (unstable) suffer from
corrupted data on amd64 platforms [1].
I have performed NMUs both for testing-proposed-updates and unstable
and would like to have the version for t-p-u unblocked.
Attaching debdiff.
Adrian
unblock olsrd/0.6.2-2.1
> [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704025
-- System Information:
Debian Release: 7.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.8-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru olsrd-0.6.2/debian/changelog olsrd-0.6.2/debian/changelog
--- olsrd-0.6.2/debian/changelog 2012-02-19 16:18:18.000000000 +0100
+++ olsrd-0.6.2/debian/changelog 2013-03-28 04:31:12.000000000 +0100
@@ -1,3 +1,11 @@
+olsrd (0.6.2-2.1) testing-proposed-updates; urgency=low
+
+ * Non-maintainer upload.
+ * Include upstream patch to fix stack corruption in
+ net output (Closes: #704025).
+
+ -- John Paul Adrian Glaubitz <glaub...@physik.fu-berlin.de> Thu, 28 Mar 2013 04:29:10 +0100
+
olsrd (0.6.2-2) unstable; urgency=low
* debian/control: Build-Depends: debhelper (>= 9) (Closes: #658330)
diff -Nru olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch
--- olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch 1970-01-01 01:00:00.000000000 +0100
+++ olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch 2013-03-28 04:27:03.000000000 +0100
@@ -0,0 +1,57 @@
+From f4d250ad4fad5fcfe5b5feaac3f3e121adef3fba Mon Sep 17 00:00:00 2001
+From: Jo-Philipp Wich <j...@openwrt.org>
+Date: Fri, 22 Jun 2012 03:17:59 +0200
+Subject: [PATCH] olsrd: fix stack corruption in net_output()
+
+The net_output() function indirectly uses the stack variables dst and dst6
+outside of the scope they're declared in, this might leads to olsr_sendto()
+being called with a corrupted destination sockaddr_in.
+
+This failure condition can be observed in the log, olsrd will continuosly
+print "sendto(v4): Invalid Argument" or a similar message. On ARM it has been
+reported to result in "Unsupported Address Family".
+
+This bug became apparant on a custon OpenWrt x86_64 uClibc target using the
+Linaro GCC 4.7-2012.04 compiler, it has been reported for an unspecified ARM
+target as well.
+
+The offending code seems to be unchanged since 2008 and it does not cause
+issues on 32bit systems and/or with older (Linaro) GCC versions, but the
+compiler used in our tests seems to perform more aggressive optimizations
+leading to a stack corruption.
+---
+ src/net_olsr.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/net_olsr.c b/src/net_olsr.c
+index 7d85f4f..66e103d 100644
+--- a/src/net_olsr.c
++++ b/src/net_olsr.c
+@@ -336,6 +336,8 @@ net_output(struct interface *ifp)
+ {
+ struct sockaddr_in *sin = NULL;
+ struct sockaddr_in6 *sin6 = NULL;
++ struct sockaddr_in dst;
++ struct sockaddr_in6 dst6;
+ struct ptf *tmp_ptf_list;
+ union olsr_packet *outmsg;
+ int retval;
+@@ -354,7 +356,6 @@ net_output(struct interface *ifp)
+ outmsg->v4.olsr_packlen = htons(ifp->netbuf.pending);
+
+ if (olsr_cnf->ip_version == AF_INET) {
+- struct sockaddr_in dst;
+ /* IP version 4 */
+ sin = (struct sockaddr_in *)&ifp->int_broadaddr;
+
+@@ -365,7 +366,6 @@ net_output(struct interface *ifp)
+ if (sin->sin_port == 0)
+ sin->sin_port = htons(olsr_cnf->olsrport);
+ } else {
+- struct sockaddr_in6 dst6;
+ /* IP version 6 */
+ sin6 = (struct sockaddr_in6 *)&ifp->int6_multaddr;
+ /* Copy sin */
+--
+1.7.9.5
+
diff -Nru olsrd-0.6.2/debian/patches/series olsrd-0.6.2/debian/patches/series
--- olsrd-0.6.2/debian/patches/series 2012-02-19 16:07:42.000000000 +0100
+++ olsrd-0.6.2/debian/patches/series 2013-03-28 04:27:57.000000000 +0100
@@ -6,3 +6,4 @@
270-gui-linux-gtk-align-olsr_ip_addr-to-olsr-definition-of-it.patch
280-fix-linux-gtk-build.patch
290-hardcode-etc-olsrd-olsrd-conf.patch
+300-fix-stack-corruption-in-net-output.patch
