Re: squeeze update of screen?

Wed, 02 Sep 2015 10:20:55 -0700 

On Wed, Sep 2, 2015 at 3:33 PM, Axel Beckert <a...@debian.org> wrote:
> Santiago Ruano Rincón wrote:
>> the Debian LTS team would like to fix the security issues which are
>> currently open in the Squeeze version of screen:
>> https://security-tracker.debian.org/tracker/source-package/screen
>>
>> Would you like to take care of this yourself?
>
> Let's phrase it this way: I don't mind if someone else does it.
 OK, the proposed patch is attached. Only build tested - it compiles
fine in a clean Squeeze chroot.

> I'll work on the updates for Jessie and Wheezy first, though.
 Feel free to drop my patch entirely if you want.

Regards,
Laszlo/GCS

diff -u screen-4.0.3/debian/changelog screen-4.0.3/debian/changelog
--- screen-4.0.3/debian/changelog
+++ screen-4.0.3/debian/changelog
@@ -1,3 +1,9 @@
+screen (4.0.3-14+deb6u1) squeeze-security; urgency=high
+
+  * Fix stack overflow due to too deep recursion.
+
+ -- Laszlo Boszormenyi (GCS) <g...@debian.org>  Wed, 02 Sep 2015 18:53:14 +0200
+
 screen (4.0.3-14) unstable; urgency=low
 
   * Cherry-pick a few upstream commits:
diff -u screen-4.0.3/debian/patches/00list screen-4.0.3/debian/patches/00list
--- screen-4.0.3/debian/patches/00list
+++ screen-4.0.3/debian/patches/00list
@@ -44,0 +45 @@
+61denial-of-service-stack-overflow-fix
only in patch2:
unchanged:
--- screen-4.0.3.orig/debian/patches/61denial-of-service-stack-overflow-fix.dpatch
+++ screen-4.0.3/debian/patches/61denial-of-service-stack-overflow-fix.dpatch
@@ -0,0 +1,44 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 61denial-of-service-stack-overflow-fix.dpatch by Kuang-che Wu <k...@csie.org>
+##
+## DP: Fix stack overflow due to too deep recursion
+
+@DPATCH@
+--- a/ansi.c
++++ b/ansi.c
+@@ -2425,13 +2425,13 @@ int n, ys, ye, bce;
+     return;
+   if (n > 0)
+     {
++      if (ye - ys + 1 < n)
++	n = ye - ys + 1;
+       if (n > 256)
+ 	{
+ 	  MScrollV(p, n - 256, ys, ye, bce);
+ 	  n = 256;
+ 	}
+-      if (ye - ys + 1 < n)
+-	n = ye - ys + 1;
+ #ifdef COPY_PASTE
+       if (compacthist)
+ 	{
+@@ -2482,14 +2482,14 @@ int n, ys, ye, bce;
+     }
+   else
+     {
+-      if (n < -256)
+-	{
+-	  MScrollV(p, n + 256, ys, ye, bce);
+-	  n = -256;
+-	}
+       n = -n;
+       if (ye - ys + 1 < n)
+ 	n = ye - ys + 1;
++      if (n > 256)
++	{
++	  MScrollV(p, - (n - 256), ys, ye, bce);
++	  n = 256;
++	}
+ 
+       ml = p->w_mlines + ye;
+       /* Clear lines */

Reply via email to