|
Bugtraq
mailing list archives
Re: BoS: serious security bug in wu-ftpd v2.4 -- PATCH
From: hpj () one se (Henrik P Johnson)
Date: Sun, 12 Jan 1997 19:56:01 +0100
Below comes an hopefully improved version of the sigfix.c file to fix wu-ftp.
This will block signals while within crusial parts of the FTP server, yet the
signals will occur after the resumesigs is called. I have no idea of how
portable this may or may not be, but it seems to work on HP, OSF, linux and
Solaris. Otherwise the patch as supplied by Dave Kinchlea
<security () kinch ark com> should be applied.
/* ######################### sigfix.c ################################# */
void
#ifdef __STDC__
suspendsigs(void)
#else
suspendsigs()
#endif
{
sigset_t sset=0;
#ifdef SIGPIPE
sset=SIGPIPE;
#endif
#ifdef SIGURG
sset|=SIGURG;
#endif
sigprocmask(SIG_BLOCK,&sset,NULL);
}
void
#ifdef __STDC__
resumesigs(void)
#else
reseumesigs()
#endif
{
sigset_t sset=0;
#ifdef SIGPIPE
sset=SIGPIPE;
#endif
#ifdef SIGURG
sset|=SIGURG;
#endif
sigprocmask(SIG_UNBLOCK,&sset,NULL);
}
==============================================================================
Henrik P Johnson Tel: +46-(0)31-812091 Eklandagatan 41a
GlobeCom Network GSM: +46-(0)70-5409924 41261 Göteborg
IRC: [TC] FAX: +46-(0)31-208460 Sweden
E-Mail: king () globecom net king () one se, hpj () etek chalmers se, hpj () tjh se etc
==============================================================================
Nice site: http://www.underscore.se/sj (Swedish)
 By Date 
By Thread
Current thread:
|
Intro
