diff options
Diffstat (limited to 'meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch')
-rw-r--r-- | meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch | 62 |
1 files changed, 0 insertions, 62 deletions
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch deleted file mode 100644 index 274722c231..0000000000 --- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/0004-Do-not-double-close-IPC-file-stream-to-iscsid.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 8167e5ce99682f64918a20966ce393cd33ac67ef Mon Sep 17 00:00:00 2001 -From: Lee Duncan <lduncan@suse.com> -Date: Fri, 15 Dec 2017 11:13:29 -0800 -Subject: [PATCH 4/7] Do not double-close IPC file stream to iscsid - -A double-close of a file descriptor and its associated FILE stream -can be an issue in multi-threaded cases. Found by Qualsys. - -CVE: CVE-2017-17840 - -Upstream-Status: Backport - -Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> ---- - iscsiuio/src/unix/iscsid_ipc.c | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - -diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c -index 61e96cc..bde8d66 100644 ---- a/iscsiuio/src/unix/iscsid_ipc.c -+++ b/iscsiuio/src/unix/iscsid_ipc.c -@@ -913,6 +913,9 @@ early_exit: - /** - * process_iscsid_broadcast() - This function is used to process the - * broadcast messages from iscsid -+ * -+ * s2 is an open file descriptor, which -+ * must not be left open upon return - */ - int process_iscsid_broadcast(int s2) - { -@@ -928,6 +931,7 @@ int process_iscsid_broadcast(int s2) - if (fd == NULL) { - LOG_ERR(PFX "Couldn't open file descriptor: %d(%s)", - errno, strerror(errno)); -+ close(s2); - return -EIO; - } - -@@ -1030,7 +1034,8 @@ int process_iscsid_broadcast(int s2) - } - - error: -- free(data); -+ if (data) -+ free(data); - fclose(fd); - - return rc; -@@ -1132,8 +1137,8 @@ static void *iscsid_loop(void *arg) - break; - } - -+ /* this closes the file descriptor s2 */ - process_iscsid_broadcast(s2); -- close(s2); - } - - pthread_cleanup_pop(0); --- -1.9.1 - |