Commit fb13b1c2 authored by Leo's avatar Leo

main/ngircd: fix CVE-2020-14148

See #11680
parent 27213e7a
......@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=ngircd
pkgver=24
pkgrel=4
pkgrel=5
pkgdesc="Next Generation IRC Daemon"
url="https://ngircd.barton.de/"
arch="all"
......@@ -12,6 +12,7 @@ makedepends="openssl-dev zlib-dev linux-pam-dev"
subpackages="$pkgname-doc"
install="$pkgname.pre-install"
source="https://ngircd.barton.de/pub/ngircd/ngircd-$pkgver.tar.xz
CVE-2020-14148.patch
$pkgname.initd
"
_builddir="$srcdir"/$pkgname-$pkgver
......@@ -24,6 +25,10 @@ prepare() {
done
}
# secfixes:
# 24-r5:
# - CVE-2020-14148
build() {
cd "$_builddir"
./configure \
......@@ -45,10 +50,6 @@ package() {
make DESTDIR="$pkgdir" install || return 1
install -Dm755 ../$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
}
md5sums="81b9c5ae283d07aab35ce16eaf49e458 ngircd-24.tar.xz
51c3679a7c1f2f5522031fa856e34734 ngircd.initd"
sha256sums="173fa0ea10788a8ba08ef2f7e64ea8951d7c88862e744128c8b87bae424b1008 ngircd-24.tar.xz
890d0dc433a8d7f082c35ba806bac53f19d2d4352fcb7127cc28741abcbd6a75 ngircd.initd"
sha512sums="d176ec4eb3e780aa8b5efb722c8c0f6fc1a7ac3c06e2039019e6e602aad64ca5357762f1549e117f6e452fe6314fb6cf5bc31a9fdbec1a08cc6d2a344c0bf49f ngircd-24.tar.xz
3863bab40dcb0283127497efa117ceaab3f4d1d427399ad262a1a3b24d50ff663578579639c9ea39b9be41698ad13767ee575071e46e8ba80eebbda1f3d58881 CVE-2020-14148.patch
50339507917c956a38451394a8a5996337ff29948944ff6aa40ed39f6dd3d6bfdfb864d60a24199c0a86a01e18a71f213efa6cfb2857a320f31b9fcfb92c6ac1 ngircd.initd"
From 02cf31c0e267a4c9a7656d43ad3ad4eeb37fc9c5 Mon Sep 17 00:00:00 2001
From: Alexander Barton <alex@barton.de>
Date: Mon, 25 May 2020 23:43:29 +0200
Subject: [PATCH] IRC_SERVER: Make sure that the client sent a prefix
The SERVER command is only valid with a prefix when received from other
servers, so make sure that there is one and disconnect the peer if not
(instead of crashing ...).
This obsoletes PR #275.
Thanks Hilko Bengen (hillu) for finding & reporting this as well for the
patch & pull request! But I think this is the "more correct" fix.
---
src/ngircd/irc-server.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/ngircd/irc-server.c b/src/ngircd/irc-server.c
index 317a3e1a..10f1ef69 100644
--- a/src/ngircd/irc-server.c
+++ b/src/ngircd/irc-server.c
@@ -186,6 +186,15 @@ IRC_SERVER( CLIENT *Client, REQUEST *Req )
if (!Client_CheckID(Client, Req->argv[0]))
return DISCONNECTED;
+ if (!Req->prefix) {
+ /* We definitely need a prefix here! */
+ Log(LOG_ALERT, "Got SERVER command without prefix! (on connection %d)",
+ Client_Conn(Client));
+ Conn_Close(Client_Conn(Client), NULL,
+ "SERVER command without prefix", true);
+ return DISCONNECTED;
+ }
+
from = Client_Search( Req->prefix );
if (! from) {
/* Uh, Server, that introduced the new server is unknown?! */
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment