[mail-notification] Fixed a stack overflow in SSL code
Erik van Pienbroek
epienbro at fedoraproject.org
Thu Apr 5 14:40:32 UTC 2012
commit 1a08be0877a4d56011f16d1e00b8ca0bbd9e0f53
Author: Erik van Pienbroek <epienbro at fedoraproject.org>
Date: Thu Apr 5 16:39:55 2012 +0200
Fixed a stack overflow in SSL code
Fixed a stack overflow which occured while verifying SSL certificates for POP3 and IMAP mailboxes. RHBZ #810054
...erflow-in-verify-ssl-certificate-function.patch | 19 +++++++++++++++++++
mail-notification.spec | 12 +++++++++++-
2 files changed, 30 insertions(+), 1 deletions(-)
---
diff --git a/mail-notification-5.4-prevent-stack-overflow-in-verify-ssl-certificate-function.patch b/mail-notification-5.4-prevent-stack-overflow-in-verify-ssl-certificate-function.patch
new file mode 100644
index 0000000..737089f
--- /dev/null
+++ b/mail-notification-5.4-prevent-stack-overflow-in-verify-ssl-certificate-function.patch
@@ -0,0 +1,19 @@
+--- src/mn-client-session.c.orig 2012-04-05 16:13:12.078530159 +0200
++++ src/mn-client-session.c 2012-04-05 16:18:30.823859820 +0200
+@@ -679,7 +679,7 @@
+ else
+ {
+ unsigned char md5sum[16];
+- unsigned char fingerprint[40];
++ unsigned char fingerprint[49];
+ int md5len;
+ int i;
+ unsigned char *f;
+@@ -687,6 +687,7 @@
+ /* calculate the MD5 hash of the raw certificate */
+ md5len = sizeof(md5sum);
+ X509_digest(cert, EVP_md5(), md5sum, &md5len);
++ memset(fingerprint, 0, sizeof(fingerprint));
+ for (i = 0, f = fingerprint; i < 16; i++, f += 3)
+ sprintf(f, "%.2x%c", md5sum[i], i != 15 ? ':' : '\0');
+
diff --git a/mail-notification.spec b/mail-notification.spec
index 2effea1..c1d5466 100644
--- a/mail-notification.spec
+++ b/mail-notification.spec
@@ -1,6 +1,6 @@
Name: mail-notification
Version: 5.4
-Release: 53%{?dist}
+Release: 54%{?dist}
Summary: Status icon that informs you if you have new mail
Group: Applications/Internet
@@ -24,6 +24,7 @@ Patch13: popup-markup.patch
Patch14: mail-notification-5.4-make-properties-dialog-resizable.patch
Patch15: mail-notification-5.4-prevent-memory-corruption-in-tooltips-code.patch
Patch16: mail-notification-5.4-libemail.patch
+Patch17: mail-notification-5.4-prevent-stack-overflow-in-verify-ssl-certificate-function.patch
BuildRequires: gettext
BuildRequires: desktop-file-utils, scrollkeeper
@@ -110,6 +111,11 @@ Evolution support for Mail Notification.
# Prevent memory corruption in the tooltips code
%patch15 -p0 -b .tooltips_mem_corruption
+# Prevent stack overflow in the verify_ssl_certificate function
+# The POP3 and IMAP backends should only be affected by this
+# https://bugzilla.redhat.com/show_bug.cgi?id=810054
+%patch17 -p0 -b .stack_overflow_verify_ssl_certificate
+
# Drop #line statements in C sources generated by .gob,
# for the proper debuginfo package
pushd build/src
@@ -234,6 +240,10 @@ touch --no-create %{_datadir}/icons/hicolor || :
%changelog
+* Thu Apr 5 2012 Erik van Pienbroek <epienbro at fedoraproject.org> - 5.4-54
+- Fixed a stack overflow which occured while verifying SSL certificates
+ for POP3 and IMAP mailboxes. RHBZ #810054
+
* Wed Mar 21 2012 Erik van Pienbroek <epienbro at fedoraproject.org> - 5.4-53
- Fixed a posible segfault in the evolution plugin
More information about the scm-commits
mailing list