[wget/f20] Fix NULL pointer dereference in FTP code (#1169022)

Tue Dec 16 17:14:18 UTC 2014

commit 8c44e0d68cf9d49f102ebfc773717f99433e121e
Author: Tomas Hozza <thozza at redhat.com>
Date:   Tue Dec 16 17:15:19 2014 +0100

    Fix NULL pointer dereference in FTP code (#1169022)
    
    Signed-off-by: Tomas Hozza <thozza at redhat.com>

 wget-1.16.1-fix-ftp-crash.patch |   32 ++++++++++++++++++++++++++++++++
 wget.spec                       |    7 ++++++-
 2 files changed, 38 insertions(+), 1 deletions(-)
---

diff --git a/wget-1.16.1-fix-ftp-crash.patch b/wget-1.16.1-fix-ftp-crash.patch
new file mode 100644
index 0000000..71690d7
--- /dev/null
+++ b/wget-1.16.1-fix-ftp-crash.patch
@@ -0,0 +1,32 @@
+From 26790c3583b0588d21aa47603f441ee75937a2e1 Mon Sep 17 00:00:00 2001
+From: Cong Ma <cma at pmo.ac.cn>
+Date: Mon, 15 Dec 2014 21:21:10 +0800
+Subject: [PATCH] ftp: fix invalid pointer dereference in getftp() (tiny change)
+
+---
+ src/ftp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ftp.c b/src/ftp.c
+index a3b2cb6..34c3858 100644
+--- a/src/ftp.c
++++ b/src/ftp.c
+@@ -1350,7 +1350,6 @@ Error in server response, closing control connection.\n"));
+ 
+   /* Get the server to tell us if everything is retrieved.  */
+   err = ftp_response (csock, &respline);
+-  *last_expected_bytes = ftp_expected_bytes (respline);
+   if (err != FTPOK)
+     {
+       /* The control connection is decidedly closed.  Print the time
+@@ -1366,6 +1365,7 @@ Error in server response, closing control connection.\n"));
+       con->csock = -1;
+       return FTPRETRINT;
+     } /* err != FTPOK */
++  *last_expected_bytes = ftp_expected_bytes (respline);
+   /* If retrieval failed for any reason, return FTPRETRINT, but do not
+      close socket, since the control connection is still alive.  If
+      there is something wrong with the control connection, it will
+--
+libgit2 0.21.0
+
diff --git a/wget.spec b/wget.spec
index ee963b6..264c4f4 100644
--- a/wget.spec
+++ b/wget.spec
@@ -1,7 +1,7 @@
 Summary: A utility for retrieving files using the HTTP or FTP protocols
 Name: wget
 Version: 1.16.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv3+
 Group: Applications/Internet
 Url: http://www.gnu.org/software/wget/
@@ -10,6 +10,7 @@ Source: ftp://ftp.gnu.org/gnu/wget/wget-%{version}.tar.xz
 Patch1: wget-rh-modified.patch
 Patch2: wget-1.16.1-path.patch
 Patch3: wget-1.16-dont-run-failing-test.patch
+Patch4: wget-1.16.1-fix-ftp-crash.patch
 
 Provides: webclient
 Provides: bundled(gnulib) 
@@ -36,6 +37,7 @@ support for Proxy servers, and configurability.
 # don't run the Test-proxied-https-auth.px test since it fails with OpenSSL
 # upstream is working on fix and will be fixed most probably in 1.16.1
 %patch3 -p1 -b .test
+%patch4 -p1 -b .ftp_crash
 
 %build
 if pkg-config openssl ; then
@@ -75,6 +77,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_infodir}/*
 
 %changelog
+* Tue Dec 16 2014 Tomas Hozza <thozza at redhat.com> - 1.16.1-2
+- Fix NULL pointer dereference in FTP code (#1169022)
+
 * Thu Dec 11 2014 Tomas Hozza <thozza at redhat.com> - 1.16.1-1
 - update to 1.16.1
 
