Bug#414832: diff for 2.0.3+dfsg1-2.1 NMU

Thu, 22 Mar 2007 03:12:14 -0800 

Hi,

Attached is the diff for my ktorrent 2.0.3+dfsg1-2.1 NMU.



@the release team:
  please unblock ktorrent as it fixes an RC bug.

-- 
·O·  Pierre Habouzit
··O                                                [EMAIL PROTECTED]
OOO                                                http://www.madism.org

diff -u ktorrent-2.0.3+dfsg1/debian/changelog ktorrent-2.0.3+dfsg1/debian/changelog
--- ktorrent-2.0.3+dfsg1/debian/changelog
+++ ktorrent-2.0.3+dfsg1/debian/changelog
@@ -1,3 +1,13 @@
+ktorrent (2.0.3+dfsg1-2.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Fix security issue (Closes: 414832, 414830):
+    + drop patch from #414832 in debian/patches.
+    + use quilt as a patches management system to deal with it.
+    + urgency set to high due to RC bugfix.
+
+ -- Pierre Habouzit <[EMAIL PROTECTED]>  Thu, 22 Mar 2007 11:11:20 +0100
+
 ktorrent (2.0.3+dfsg1-2) unstable; urgency=low
 
   * Resolve FTBFS - remove nonportable "-z now" from LDFLAGS  (Closes: 395897)
diff -u ktorrent-2.0.3+dfsg1/debian/control ktorrent-2.0.3+dfsg1/debian/control
--- ktorrent-2.0.3+dfsg1/debian/control
+++ ktorrent-2.0.3+dfsg1/debian/control
@@ -2,7 +2,7 @@
 Section: kde
 Priority: optional
 Maintainer: Joel Johnson <[EMAIL PROTECTED]>
-Build-Depends: debhelper (>= 5.0.0), autotools-dev, kdelibs4-dev, libpcre3-dev, libx11-dev, libgmp3-dev
+Build-Depends: debhelper (>= 5.0.0), autotools-dev, kdelibs4-dev, libpcre3-dev, libx11-dev, libgmp3-dev, quilt
 Standards-Version: 3.7.2.0
 
 Package: ktorrent
diff -u ktorrent-2.0.3+dfsg1/debian/rules ktorrent-2.0.3+dfsg1/debian/rules
--- ktorrent-2.0.3+dfsg1/debian/rules
+++ ktorrent-2.0.3+dfsg1/debian/rules
@@ -7,8 +7,9 @@
 # from having to guess our platform (since we know it already)
 DEB_HOST_GNU_TYPE   ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
 DEB_BUILD_GNU_TYPE  ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
+QUILT_PATCH_DIR     ?= debian/patches
 
-config.status: configure
+config.status: patch configure
 	dh_testdir
 ifneq "$(wildcard /usr/share/misc/config.sub)" ""
 	cp -f /usr/share/misc/config.sub config.sub
@@ -27,19 +28,30 @@
 	$(MAKE)
 	touch build-stamp
 
-clean:
+clean: unpatch
 	dh_testdir
 	dh_testroot
-	rm -f build-stamp 
+	rm -f build-stamp
 	[ ! -f Makefile ] || make distclean
 	[ ! -f config.sub ] || rm -f config.sub
 	[ ! -f config.guess ] || rm -f config.guess
-	dh_clean 
+	dh_clean
+
+patch: debian/stamp-patched
+debian/stamp-patched:
+	# quilt exits with 2 as return when there was nothing to do.
+	QUILT_PATCHES=$(QUILT_PATCH_DIR) quilt --quiltrc /dev/null push -a || test $$? = 2
+	touch $@
+
+unpatch:
+	# quilt exits with 2 as return when there was nothing to do.
+	QUILT_PATCHES=$(QUILT_PATCH_DIR) quilt --quiltrc /dev/null pop -a -R || test $$? = 2
+	rm -rf .pc debian/stamp-patched
 
 install: build
 	dh_testdir
 	dh_testroot
-	dh_clean -k 
+	dh_clean -k
 	$(MAKE) install DESTDIR=$(CURDIR)/debian/ktorrent
 
 	# Install linda/lintian overrides
only in patch2:
unchanged:
--- ktorrent-2.0.3+dfsg1.orig/debian/patches/series
+++ ktorrent-2.0.3+dfsg1/debian/patches/series
@@ -0,0 +1 @@
+kubuntu_03_security_fix.patch
only in patch2:
unchanged:
--- ktorrent-2.0.3+dfsg1.orig/debian/patches/kubuntu_03_security_fix.patch
+++ ktorrent-2.0.3+dfsg1/debian/patches/kubuntu_03_security_fix.patch
@@ -0,0 +1,67 @@
+diff -Nru ktorrent-2.0.3+dfsg1.orig/libktorrent/torrent/chunkcounter.cpp ktorrent-2.0.3+dfsg1/libktorrent/torrent/chunkcounter.cpp
+--- ktorrent-2.0.3+dfsg1.orig/libktorrent/torrent/chunkcounter.cpp	2006-10-09 11:04:10.000000000 -0500
++++ ktorrent-2.0.3+dfsg1/libktorrent/torrent/chunkcounter.cpp	2007-03-11 11:33:38.000000000 -0500
+@@ -59,12 +59,13 @@
+ 
+ 	void ChunkCounter::inc(Uint32 idx)
+ 	{
++		if (idx < cnt.size())
+ 		cnt[idx]++;
+ 	}
+ 		
+ 	void ChunkCounter::dec(Uint32 idx)
+ 	{
+-		if (cnt[idx] > 0)
++		if (idx < cnt.size() && cnt[idx] > 0)
+ 			cnt[idx]--;
+ 	}
+ 		
+diff -Nru ktorrent-2.0.3+dfsg1.orig/libktorrent/torrent/peer.cpp ktorrent-2.0.3+dfsg1/libktorrent/torrent/peer.cpp
+--- ktorrent-2.0.3+dfsg1.orig/libktorrent/torrent/peer.cpp	2006-10-09 11:04:10.000000000 -0500
++++ ktorrent-2.0.3+dfsg1/libktorrent/torrent/peer.cpp	2007-03-11 11:35:27.000000000 -0500
+@@ -182,11 +182,21 @@
+ 				{
+ 					Out() << "len err HAVE" << endl;
+ 					kill();
+-					return;
+ 				}
+-				
+-				haveChunk(this,ReadUint32(tmp_buf,1));
+-				pieces.set(ReadUint32(tmp_buf,1),true);
++				else	
++				{
++					Uint32 ch = ReadUint32(tmp_buf,1);
++					if (ch < pieces.getNumBits())
++					{
++						haveChunk(this,ch);
++						pieces.set(ch,true);
++					}
++					else
++					{
++						Out(SYS_CON|LOG_NOTICE) << "Received invalid have value, kicking peer" << endl;
++						kill();
++					}
++				}
+ 				break;
+ 			case BITFIELD:
+ 				if (len != 1 + pieces.getNumBytes())
+diff -Nru ktorrent-2.0.3+dfsg1.orig/libktorrent/torrent/torrent.cpp ktorrent-2.0.3+dfsg1/libktorrent/torrent/torrent.cpp
+--- ktorrent-2.0.3+dfsg1.orig/libktorrent/torrent/torrent.cpp	2006-10-09 11:04:10.000000000 -0500
++++ ktorrent-2.0.3+dfsg1/libktorrent/torrent/torrent.cpp	2007-03-11 11:37:36.000000000 -0500
+@@ -141,9 +141,13 @@
+ 				if (!v || v->data().getType() != Value::STRING)
+ 					throw Error(i18n("Corrupted torrent!"));
+ 	
+-				path += v->data().toString(encoding);
+-				if (j + 1 < ln->getNumChildren())
+-					path += bt::DirSeparator();
++				QString sd = v->data().toString(encoding);
++				if (sd != "..")
++				{
++					path += sd;
++					if (j + 1 < ln->getNumChildren())
++						path += bt::DirSeparator();
++				}
+ 			}
+ 
+ 			// we do not want empty dirs

Attachment: signature.asc
Description: Digital signature

Reply via email to