diff --git a/0005-channel.c-fix-a-use-after-free.patch b/0005-channel.c-fix-a-use-after-free.patch new file mode 100644 index 0000000..8fa0a05 --- /dev/null +++ b/0005-channel.c-fix-a-use-after-free.patch @@ -0,0 +1,26 @@ +From 96e1078fced70e39e4163857ad8345ae9d24573f Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Wed, 14 Aug 2013 17:37:00 +0200 +Subject: [PATCH 5/5] channel.c: fix a use after free + +Bug: https://trac.libssh2.org/ticket/268 +--- + src/channel.c | 2 -- + 1 files changed, 0 insertions(+), 2 deletions(-) + +diff --git a/src/channel.c b/src/channel.c +index d4ffdce..9f2c241 100644 +--- a/src/channel.c ++++ b/src/channel.c +@@ -670,8 +670,6 @@ int _libssh2_channel_forward_cancel(LIBSSH2_LISTENER *listener) + + LIBSSH2_FREE(session, listener); + +- listener->chanFwdCncl_state = libssh2_NB_state_idle; +- + return 0; + } + +-- +1.7.1 + diff --git a/libssh2.spec b/libssh2.spec index c485e67..9536806 100644 --- a/libssh2.spec +++ b/libssh2.spec @@ -23,6 +23,7 @@ Patch1: 0001-sftp-seek-Don-t-flush-buffers-on-same-offset.patch Patch2: 0002-sftp-statvfs-Along-error-path-reset-the-correct-stat.patch Patch3: 0003-sftp-Add-support-for-fsync-OpenSSH-extension.patch Patch4: 0004-partially-revert-window_size-explicit-adjustments-on.patch +Patch5: 0005-channel.c-fix-a-use-after-free.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu) BuildRequires: openssl-devel BuildRequires: zlib-devel @@ -84,6 +85,9 @@ sed -i s/4711/47%{?__isa_bits}/ tests/ssh2.{c,sh} # http://thread.gmane.org/gmane.network.ssh.libssh2.devel/6428 %patch4 -p1 +# https://trac.libssh2.org/ticket/268 +%patch5 -p1 + # Make sshd transition appropriately if building in an SELinux environment %if !(0%{?fedora} >= 17 || 0%{?rhel} >= 7) chcon $(/usr/sbin/matchpathcon -n /etc/rc.d/init.d/sshd) tests/ssh2.sh || : @@ -152,6 +156,7 @@ rm -rf %{buildroot} %changelog * Wed Aug 14 2013 Kamil Dudka 1.4.3-8 - fix very slow sftp upload to localhost +- fix a use after free in channel.c * Sat Aug 03 2013 Fedora Release Engineering - 1.4.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild