Fixes http://www.milw0rm.com/exploits/4028
This might also be of interest to the screen maintainers...
Btw: To be perfectly clear, this is a bug in screen, not in OpenBSD
Index: Makefile
===================================================================
RCS file: /cvs/ports/misc/screen/Makefile,v
retrieving revision 1.58
diff -u -r1.58 Makefile
--- Makefile 1 Sep 2007 20:11:21 -0000 1.58
+++ Makefile 22 Jun 2008 12:08:32 -0000
@@ -4,7 +4,7 @@
VERSION= 4.0.3
DISTNAME= screen-${VERSION}
-PKGNAME= ${DISTNAME}p1
+PKGNAME= ${DISTNAME}p2
CATEGORIES= misc
MASTER_SITES= ftp://ftp.uni-erlangen.de/pub/utilities/screen/
Index: patches/patch-attacher_c
===================================================================
RCS file: /cvs/ports/misc/screen/patches/patch-attacher_c,v
retrieving revision 1.1
diff -u -r1.1 patch-attacher_c
--- patches/patch-attacher_c 14 Oct 2003 23:05:28 -0000 1.1
+++ patches/patch-attacher_c 22 Jun 2008 12:08:32 -0000
@@ -1,6 +1,6 @@
$OpenBSD: patch-attacher_c,v 1.1 2003/10/14 23:05:28 jolan Exp $
---- attacher.c.orig 2003-09-08 09:24:48.000000000 -0500
-+++ attacher.c 2003-10-14 14:10:14.000000000 -0500
+--- attacher.c.orig Mon Sep 8 16:24:48 2003
++++ attacher.c Sun Jun 22 14:04:14 2008
@@ -676,7 +676,7 @@ LockTerminal()
setuid(real_uid); /* this should be done already */
#endif
@@ -10,3 +10,16 @@
exit(errno);
}
if (pid == -1)
+@@ -869,8 +869,10 @@ screen_builtin_lck()
+ errno = 0;
+ if ((cp1 = getpass(message)) == NULL)
+ {
+- AttacherFinit(SIGARG);
+- /* NOTREACHED */
++ if (errno == EINTR) /* interrupted by a signal */
++ continue;
++
++ AttacherFinit(SIGARG); /* fatal error, exit attacher, unlock screen
*/
+ }
+ #ifdef USE_PAM
+ PAM_conversation.appdata_ptr = cp1;
