The Samba-Bugzilla – Attachment 6756 Details for
Bug 8347
CVE-2011-2522 regression for HP-UX, AIX and OSF
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for master
tmp.diff (text/plain), 1.50 KB, created by
Stefan Metzmacher
on 2011-08-05 18:07:00 UTC
(
hide
)
Description:
Patch for master
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2011-08-05 18:07:00 UTC
Size:
1.50 KB
patch
obsolete
>From f248b0d0f1d05c34f3957950901b9be95618b1c7 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Fri, 5 Aug 2011 19:48:38 +0200 >Subject: [PATCH] s3:web/swat: use strtoll() instead of atoi/atol/atoll > >This is more portable, as we have a strtoll replacement >in lib/replace. > >metze >--- > source3/web/swat.c | 25 +++++++++++++++++++------ > 1 files changed, 19 insertions(+), 6 deletions(-) > >diff --git a/source3/web/swat.c b/source3/web/swat.c >index f955466..ef1c231 100644 >--- a/source3/web/swat.c >+++ b/source3/web/swat.c >@@ -199,16 +199,29 @@ bool verify_xsrf_token(const char *formname) > const char *pass = cgi_user_pass(); > const char *token = cgi_variable_nonull(XSRF_TOKEN); > const char *time_str = cgi_variable_nonull(XSRF_TIME); >+ char *p = NULL; >+ long long xsrf_time_ll = 0; > time_t xsrf_time = 0; > time_t now = time(NULL); > >- if (sizeof(time_t) == sizeof(int)) { >- xsrf_time = atoi(time_str); >- } else if (sizeof(time_t) == sizeof(long)) { >- xsrf_time = atol(time_str); >- } else if (sizeof(time_t) == sizeof(long long)) { >- xsrf_time = atoll(time_str); >+ errno = 0; >+ xsrf_time_ll = strtoll(time_str, &p, 10); >+ if (errno != 0) { >+ return false; >+ } >+ if (p == NULL) { >+ return false; >+ } >+ if (PTR_DIFF(p, time_str) > strlen(time_str)) { >+ return false; >+ } >+ if (xsrf_time_ll > _TYPE_MAXIMUM(time_t)) { >+ return false; >+ } >+ if (xsrf_time_ll < _TYPE_MINIMUM(time_t)) { >+ return false; > } >+ xsrf_time = xsrf_time_ll; > > if (abs(now - xsrf_time) > XSRF_TIMEOUT) { > return false; >-- >1.7.4.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
kai
:
review+
Actions:
View
Attachments on
bug 8347
:
6751
| 6756 |
6760
|
6761
|
6762
|
6765