Signed-off-by: Fabian Grünbichler <[email protected]> --- ...ients-about-left-nodes-during-pause.patch} | 0 ...temcrypto-Check-length-of-the-packet.patch | 38 ------------------- patches/series | 3 +- 3 files changed, 1 insertion(+), 40 deletions(-) rename patches/{0011-cpg-Inform-clients-about-left-nodes-during-pause.patch => 0010-cpg-Inform-clients-about-left-nodes-during-pause.patch} (100%) delete mode 100644 patches/0010-totemcrypto-Check-length-of-the-packet.patch
diff --git a/patches/0011-cpg-Inform-clients-about-left-nodes-during-pause.patch b/patches/0010-cpg-Inform-clients-about-left-nodes-during-pause.patch similarity index 100% rename from patches/0011-cpg-Inform-clients-about-left-nodes-during-pause.patch rename to patches/0010-cpg-Inform-clients-about-left-nodes-during-pause.patch diff --git a/patches/0010-totemcrypto-Check-length-of-the-packet.patch b/patches/0010-totemcrypto-Check-length-of-the-packet.patch deleted file mode 100644 index 7463e9c..0000000 --- a/patches/0010-totemcrypto-Check-length-of-the-packet.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Friesse <[email protected]> -Date: Mon, 19 Mar 2018 16:59:41 +0100 -Subject: [PATCH] totemcrypto: Check length of the packet -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Packet has to be longer than crypto_config_header and hash_len, -otherwise unallocated memory is passed into calculate_nss_hash function, -what may result in crash. - -Signed-off-by: Jan Friesse <[email protected]> -Reviewed-by: Raphael Sanchez Prudencio <[email protected]> -Reviewed-by: Christine Caulfield <[email protected]> -(cherry picked from commit fc1d5418533c1faf21616b282c2559bed7d361c4) -Signed-off-by: Fabian Grünbichler <[email protected]> ---- - exec/totemcrypto.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/exec/totemcrypto.c b/exec/totemcrypto.c -index 9f8f083c..d8d0fcae 100644 ---- a/exec/totemcrypto.c -+++ b/exec/totemcrypto.c -@@ -864,6 +864,12 @@ int crypto_authenticate_and_decrypt (struct crypto_instance *instance, - return (-1); - } - -+ if (*buf_len <= sizeof(struct crypto_config_header)) { -+ log_printf(instance->log_level_security, "Received message is too short... ignoring"); -+ -+ return (-1); -+ } -+ - if (cch->crypto_cipher_type != CRYPTO_CIPHER_TYPE_2_3) { - guessed_str = NULL; - diff --git a/patches/series b/patches/series index 1cbfb27..51a6ee3 100644 --- a/patches/series +++ b/patches/series @@ -7,5 +7,4 @@ 0007-add-libcorosync4-pve-transitional-package.patch 0008-only-start-corosync.service-if-conf-exists.patch 0009-remove-unecessary-and-problematic-corosync-qdevice.i.patch -0010-totemcrypto-Check-length-of-the-packet.patch -0011-cpg-Inform-clients-about-left-nodes-during-pause.patch +0010-cpg-Inform-clients-about-left-nodes-during-pause.patch -- 2.19.1 _______________________________________________ pve-devel mailing list [email protected] https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
