Bug#988412: unblock: stunnel4/3:5.56+dfsg-10

Wed, 12 May 2021 03:03:24 -0700 

Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock

Please unblock package stunnel4:

[ Reason ]

My mistake in restoring some functionality resulted in the failure of
the stunnel daemon to restart in some situations due to freeing
unallocated memory.  See #987265 for more details.

[ Impact ]

Restarting a running stunnel daemon may result in it dying instead.

[ Tests ]

No automated tests yet.

[ Risks ]

The code change is trivial: allocate (strdup(3)) a string instead of
storing a pointer to a string literal. It cannot possibly result in
a memory leak - the whole issue is that stunnel will attempt to free it.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

Thanks for all your work!

unblock stunnel4/3:5.56+dfsg-10

diff -Nru stunnel4-5.56+dfsg/debian/changelog 
stunnel4-5.56+dfsg/debian/changelog
--- stunnel4-5.56+dfsg/debian/changelog 2021-03-04 12:06:17.000000000 +0200
+++ stunnel4-5.56+dfsg/debian/changelog 2021-04-21 09:12:28.000000000 +0300
@@ -1,3 +1,12 @@
+stunnel4 (3:5.56+dfsg-10) unstable; urgency=medium
+
+  * Allocate a new memory buffer for the pidfile path in
+    the 04-restore-pidfile-default patch, since it may be freed when
+    stunnel is reconfigured, e.g. on a SIGHUP.
+    Closes: #987265; LP: #1901784
+
+ -- Peter Pentchev <r...@debian.org>  Wed, 21 Apr 2021 09:12:28 +0300
+
 stunnel4 (3:5.56+dfsg-9) unstable; urgency=medium
 
   * Add one more part to the 13-tls13 patch to hopefully fix a FTBFS
diff -Nru stunnel4-5.56+dfsg/debian/patches/04-restore-pidfile-default.patch 
stunnel4-5.56+dfsg/debian/patches/04-restore-pidfile-default.patch
--- stunnel4-5.56+dfsg/debian/patches/04-restore-pidfile-default.patch  
2021-03-04 12:06:17.000000000 +0200
+++ stunnel4-5.56+dfsg/debian/patches/04-restore-pidfile-default.patch  
2021-04-21 09:12:28.000000000 +0300
@@ -8,7 +8,8 @@
 Forwarded: not-needed
 Author: Peter Pentchev <r...@ringlet.net>
 Bug-Debian: https://bugs.debian.org/744851
-Last-Update: 2018-12-06
+Last-Update: 2021-04-21
+
 --- a/src/Makefile.am
 +++ b/src/Makefile.am
 @@ -33,6 +33,7 @@
@@ -26,7 +27,7 @@
      switch(cmd) {
      case CMD_SET_DEFAULTS:
 -        new_global_options.pidfile=NULL; /* do not create a pid file */
-+        new_global_options.pidfile=PIDFILE;
++        new_global_options.pidfile=str_dup(PIDFILE);
          break;
      case CMD_SET_COPY: /* not used for global options */
          break;

Attachment: signature.asc
Description: PGP signature

Reply via email to