package-update/network/pptpd/pptpd-1.3.4-invalid-ip-rang...

# --- SDE-COPYRIGHT-NOTE-BEGIN ---
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
#
# Filename: package/.../pptpd/pptpd-1.3.4-invalid-ip-range.patch
# Copyright (C) 2011 The OpenSDE Project
#
# More information can be found in the files COPYING and README.
#
# This patch file is dual-licensed. It is available under the license the
# patched project is licensed under, as long as it is an OpenSource license
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
# of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
# --- SDE-COPYRIGHT-NOTE-END ---

From 44fb69accd620f858fd04aa76bf06d272829f4e7 Mon Sep 17 00:00:00 2001
From: Christian Wiese <christian.wiese@securepoint.de>
Date: Wed, 24 Aug 2011 14:07:07 +0200
Subject: [PATCH] pptpd: added fix for a segfault when invalid IP ranges are specified in the config file

Origin: http://patch-tracker.debian.org/patch/misc/dl/pptpd/1.3.4-5/pptpd.c

Debian Changelog:

* Apply patch provided by Sergey Naumov to fix a segmentation fault
  when invalid IP ranges are specified in the config file (upper <
  lower)
---
 pptpd.c |   10 ++++++++++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git pptpd-1.3.4.orig/pptpd.c 1.3.4/pptpd.c
index ac009e6..0fbeb65 100644
--- pptpd-1.3.4.orig/pptpd.c
+++ 1.3.4/pptpd.c
@@ -735,6 +735,16 @@ static void processIPStr(int type, char *ipstr)
 				continue;
 			}
 
+			if (upper < lower) {
+			/* if upper < lower segmantation fault in pptpctrl happens
+			 * due to enabling pppLocal parameter without providing its value.
+			 *
+			 * we can safely use ipstr because it is not modified except
+			 * of truncating.
+			 */
+				syslog(LOG_ERR, "MGR: Bad %s IP range: %s", (type == LOCAL)?"local":"remote", ipstr);
+				exit(1);
+			}
 			for (n = lower; n <= upper; n++) {
 				sprintf(tmpstr5, "%s%d%s", ip_pre, n, ip_post);
 				/* Check if the ip address is valid */
-- 
1.6.6.2
pptpd: integrated most useful patches from debian patch tracker 13 years ago			`# --- SDE-COPYRIGHT-NOTE-BEGIN ---`
			`# This copyright note is auto-generated by ./scripts/Create-CopyPatch.`
			`#`
			`# Filename: package/.../pptpd/pptpd-1.3.4-invalid-ip-range.patch`
			`# Copyright (C) 2011 The OpenSDE Project`
			`#`
			`# More information can be found in the files COPYING and README.`
			`#`
			`# This patch file is dual-licensed. It is available under the license the`
			`# patched project is licensed under, as long as it is an OpenSource license`
			`# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms`
			`# of the GNU General Public License as published by the Free Software`
			`# Foundation; either version 2 of the License, or (at your option) any later`
			`# version.`
			`# --- SDE-COPYRIGHT-NOTE-END ---`

			`From 44fb69accd620f858fd04aa76bf06d272829f4e7 Mon Sep 17 00:00:00 2001`
			`From: Christian Wiese <christian.wiese@securepoint.de>`
			`Date: Wed, 24 Aug 2011 14:07:07 +0200`
			`Subject: [PATCH] pptpd: added fix for a segfault when invalid IP ranges are specified in the config file`

			`Origin: http://patch-tracker.debian.org/patch/misc/dl/pptpd/1.3.4-5/pptpd.c`

			`Debian Changelog:`

			`* Apply patch provided by Sergey Naumov to fix a segmentation fault`
			`when invalid IP ranges are specified in the config file (upper <`
			`lower)`
			`---`
			`pptpd.c \| 10 ++++++++++`
			`1 files changed, 10 insertions(+), 0 deletions(-)`

			`diff --git pptpd-1.3.4.orig/pptpd.c 1.3.4/pptpd.c`
			`index ac009e6..0fbeb65 100644`
			`--- pptpd-1.3.4.orig/pptpd.c`
			`+++ 1.3.4/pptpd.c`
			`@@ -735,6 +735,16 @@ static void processIPStr(int type, char *ipstr)`
			`continue;`
			`}`

			`+ if (upper < lower) {`
			`+ /* if upper < lower segmantation fault in pptpctrl happens`
			`+ * due to enabling pppLocal parameter without providing its value.`
			`+ *`
			`+ * we can safely use ipstr because it is not modified except`
			`+ * of truncating.`
			`+ */`
			`+ syslog(LOG_ERR, "MGR: Bad %s IP range: %s", (type == LOCAL)?"local":"remote", ipstr);`
			`+ exit(1);`
			`+ }`
			`for (n = lower; n <= upper; n++) {`
			`sprintf(tmpstr5, "%s%d%s", ip_pre, n, ip_post);`
			`/* Check if the ip address is valid */`
			`--`
			`1.6.6.2`