Re: BoS: serious security bug in wu-ftpd v2.4 -- PATCH

hpjone.se

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Sean B. Hamor: "Stronghold v1.3.3: Security Release"
• Previous message: David Sacerdote: "Apache 1.1.1 overflow"
• In reply to: Dave Kinchlea: "BoS: serious security bug in wu-ftpd v2.4 -- PATCH"

Below comes an hopefully improved version of the sigfix.c file to fix wu-ftp.
This will block signals while within crusial parts of the FTP server, yet the
signals will occur after the resumesigs is called. I have no idea of how
portable this may or may not be, but it seems to work on HP, OSF, linux and
Solaris. Otherwise the patch as supplied by Dave Kinchlea
<securitykinch.ark.com> should be applied.

/* ######################### sigfix.c ################################# */

void
#ifdef __STDC__
suspendsigs(void)
#else
suspendsigs()
#endif
{
    sigset_t sset=0;
#ifdef SIGPIPE
    sset=SIGPIPE;
#endif

#ifdef SIGURG
    sset|=SIGURG;
#endif
    sigprocmask(SIG_BLOCK,&sset,NULL);
}

void
#ifdef __STDC__
resumesigs(void)
#else
reseumesigs()
#endif
{
    sigset_t sset=0;
#ifdef SIGPIPE
    sset=SIGPIPE;
#endif

#ifdef SIGURG
    sset|=SIGURG;
#endif
    sigprocmask(SIG_UNBLOCK,&sset,NULL);
}



==============================================================================
Henrik P Johnson              Tel: +46-(0)31-812091           Eklandagatan 41a
GlobeCom Network              GSM: +46-(0)70-5409924            41261 Göteborg
IRC: [TC]                     FAX: +46-(0)31-208460                     Sweden
E-Mail: kingglobecom.net kingone.se, hpjetek.chalmers.se, hpjtjh.se... etc
==============================================================================
Nice site: http://www.underscore.se/sj (Swedish)

• Next message: Sean B. Hamor: "Stronghold v1.3.3: Security Release"
• Previous message: David Sacerdote: "Apache 1.1.1 overflow"
• In reply to: Dave Kinchlea: "BoS: serious security bug in wu-ftpd v2.4 -- PATCH"