[mutt] Fixed a segmentation fault while parsing the certificates file (rhbz#750929)

Jan Horak hhorak at fedoraproject.org
Wed Dec 7 13:25:21 UTC 2011 

commit 017b5aab8d324c01d4a1b065424271862da46e56
Author: Honza HorĂ¡k <hhorak at redhat.com>
Date:   Wed Dec 7 14:24:59 2011 +0100

    Fixed a segmentation fault while parsing the certificates file
    (rhbz#750929)

 mutt-1.5.21-certscomp.patch |   21 +++++++++++++++++++++
 mutt.spec                   |    8 +++++++-
 2 files changed, 28 insertions(+), 1 deletions(-)
---
diff --git a/mutt-1.5.21-certscomp.patch b/mutt-1.5.21-certscomp.patch
new file mode 100644
index 0000000..5935098
--- /dev/null
+++ b/mutt-1.5.21-certscomp.patch
@@ -0,0 +1,21 @@
+diff -up mutt-1.5.21/mutt_ssl_gnutls.c.debug mutt-1.5.21/mutt_ssl_gnutls.c
+--- mutt-1.5.21/mutt_ssl_gnutls.c.debug	2011-11-03 15:56:29.992235238 +0100
++++ mutt-1.5.21/mutt_ssl_gnutls.c	2011-11-03 16:23:42.960123578 +0100
+@@ -434,9 +434,16 @@ static int tls_compare_certificates (con
+       return 0;
+     }
+ 
+-    ptr = (unsigned char *)strstr((char*)b64_data.data, CERT_SEP) + 1;
+-    ptr = (unsigned char *)strstr((char*)ptr, CERT_SEP);
++    ptr = (unsigned char *)memmem((char*)b64_data.data, b64_data.size, CERT_SEP, sizeof(CERT_SEP));
++    if (ptr == NULL)
++    {
++      gnutls_free(cert.data);
++      FREE (&b64_data_data);
++      return 0;
++    }
+ 
++    ptr += 1;
++    ptr = (unsigned char *)memmem((char*)ptr, b64_data.size - (ptr - b64_data.data), CERT_SEP, sizeof(CERT_SEP));
+     b64_data.size = b64_data.size - (ptr - b64_data.data);
+     b64_data.data = ptr;
diff --git a/mutt.spec b/mutt.spec
index d61cbe7..e593bbb 100644
--- a/mutt.spec
+++ b/mutt.spec
@@ -16,7 +16,7 @@
 Summary: A text mode mail user agent
 Name: mutt
 Version: 1.5.21
-Release: 8%{?dist}
+Release: 9%{?dist}
 Epoch: 5
 # The entire source code is GPLv2+ except
 # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain
@@ -33,6 +33,7 @@ Patch7: mutt-1.5.21-testcert.patch
 Patch8: mutt-1.5.21-cabundle.patch
 Patch9: mutt-1.5.21-gpgme-1.2.0.patch
 Patch10: mutt-1.5.21-pophash.patch
+Patch11: mutt-1.5.21-certscomp.patch
 Url: http://www.mutt.org/
 Requires: mailcap urlview
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -78,6 +79,7 @@ for selecting groups of messages.
 %patch8 -p1 -b .cabundle
 %patch9 -p1 -b .gpgme-1.2.0
 %patch10 -p1 -b .pophash
+%patch11 -p1 -b .certscomp
 
 sed -i.gpgerror 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure
 
@@ -160,6 +162,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man5/muttrc.*
 
 %changelog
+* Wed Dec 07 2011 Honza Horak <hhorak at redhat.com> - 5:1.5.21-9
+- Fixed a segmentation fault while parsing the certificates file
+  (rhbz#750929)
+
 * Wed Nov 02 2011 Honza Horak <hhorak at redhat.com> - 5:1.5.21-8
 - Removed ca-bundle.crt since it is outdated (rhbz#734379)
 - Build with gpgme support by default (rhbz#748337)

More information about the scm-commits mailing list