found 745493 1.3.5-1
thanks
On Sat, 2014-05-03 at 15:31 -0700, TJ Saunders wrote:
> > I just submitted the following patch to Debian BTS:
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745493
> >
> > This patch use fpathconf() and avoids usage of the constant PIPE_BUF,
> > which is not available on all architectures, especially GNU/Hurd.
> >
> > The patch, against Debian version 1.3.5~rc4-1, is attached here for
> > convenience. Something to consider for next pre-release?
>
> I've filed a bug report for this in ProFTPD's Bugzilla instance
> (arguably the best place for a change like this); see:
>
> http://bugs.proftpd.org/show_bug.cgi?id=4050
Attached is a re-diffed patch against 1.3.5-1. No further changes. The
attachment in http://bugs.proftpd.org/show_bug.cgi?id=4050 did not make
it into release 1.3.5. I'll try it out and test if it works, and comment
there.
Index: proftpd-dfsg-1.3.5/contrib/mod_exec.c
===================================================================
--- proftpd-dfsg-1.3.5.orig/contrib/mod_exec.c
+++ proftpd-dfsg-1.3.5/contrib/mod_exec.c
@@ -742,14 +742,20 @@ static int exec_ssystem(cmd_rec *cmd, co
if (fds >= 0) {
int buflen;
- char buf[PIPE_BUF];
+
+ size_t len = fpathconf(exec_stdout_pipe[0], _PC_PIPE_BUF);
+ char *buf = malloc(len);
+ if (buf == NULL) {
+ exec_log("malloc failed: %s", strerror(errno));
+ return errno;
+ }
/* The child sent us something. How thoughtful. */
if (FD_ISSET(exec_stdout_pipe[0], &readfds)) {
- memset(buf, '\0', sizeof(buf));
+ memset(buf, '\0', len);
- buflen = read(exec_stdout_pipe[0], buf, sizeof(buf)-1);
+ buflen = read(exec_stdout_pipe[0], buf, len - 1);
if (buflen > 0) {
if (exec_opts & EXEC_OPT_SEND_STDOUT) {
@@ -796,9 +802,9 @@ static int exec_ssystem(cmd_rec *cmd, co
}
if (FD_ISSET(exec_stderr_pipe[0], &readfds)) {
- memset(buf, '\0', sizeof(buf));
+ memset(buf, '\0', len);
- buflen = read(exec_stderr_pipe[0], buf, sizeof(buf)-1);
+ buflen = read(exec_stdout_pipe[0], buf, len - 1);
if (buflen > 0) {
/* Trim trailing CRs and LFs. */
@@ -828,6 +834,7 @@ static int exec_ssystem(cmd_rec *cmd, co
}
}
}
+ free(buf);
}
res = waitpid(pid, &status, WNOHANG);
Index: proftpd-dfsg-1.3.5/contrib/mod_tls.c
===================================================================
--- proftpd-dfsg-1.3.5.orig/contrib/mod_tls.c
+++ proftpd-dfsg-1.3.5/contrib/mod_tls.c
@@ -1787,10 +1787,15 @@ static int tls_exec_passphrase_provider(
if (FD_ISSET(stderr_pipe[0], &readfds)) {
int stderrlen;
- char stderrbuf[PIPE_BUF];
- memset(stderrbuf, '\0', sizeof(stderrbuf));
- stderrlen = read(stderr_pipe[0], stderrbuf, sizeof(stderrbuf)-1);
+ size_t len = fpathconf(stderr_pipe[0], _PC_PIPE_BUF);
+ char *stderrbuf = malloc(len);
+ if (stderrbuf == NULL) {
+ tls_log("malloc failed: %s", strerror(errno));
+ return -1;
+ }
+ memset(stderrbuf, '\0', len);
+ stderrlen = read(stderr_pipe[0], stderrbuf, len - 1);
if (stderrlen > 0) {
while (stderrlen &&
(stderrbuf[stderrlen-1] == '\r' ||
@@ -1807,6 +1812,7 @@ static int tls_exec_passphrase_provider(
": error reading stderr from '%s': %s",
tls_passphrase_provider, strerror(errno));
}
+ free(stderrbuf);
}
}
Index: proftpd-dfsg-1.3.5/contrib/mod_sftp/keys.c
===================================================================
--- proftpd-dfsg-1.3.5.orig/contrib/mod_sftp/keys.c
+++ proftpd-dfsg-1.3.5/contrib/mod_sftp/keys.c
@@ -413,10 +413,15 @@ static int exec_passphrase_provider(serv
if (FD_ISSET(stderr_pipe[0], &readfds)) {
int stderrlen;
- char stderrbuf[PIPE_BUF];
- memset(stderrbuf, '\0', sizeof(stderrbuf));
- stderrlen = read(stderr_pipe[0], stderrbuf, sizeof(stderrbuf)-1);
+ size_t len = fpathconf(stderr_pipe[0], _PC_PIPE_BUF);
+ char *stderrbuf = malloc(len);
+ if (stderrbuf == NULL) {
+ pr_log_pri(PR_LOG_ALERT, MOD_SFTP_VERSION ": Out of memory!");
+ return -1;
+ }
+ memset(stderrbuf, '\0', len);
+ stderrlen = read(stderr_pipe[0], stderrbuf, len - 1);
if (stderrlen > 0) {
while (stderrlen &&
(stderrbuf[stderrlen-1] == '\r' ||
@@ -433,6 +438,7 @@ static int exec_passphrase_provider(serv
": error reading stderr from '%s': %s",
passphrase_provider, strerror(errno));
}
+ free(stderrbuf);
}
}