Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BoS: serious security bug in wu-ftpd v2.4 -- PATCH

From: hpj () one se (Henrik P Johnson)
Date: Sun, 12 Jan 1997 19:56:01 +0100

Below comes an hopefully improved version of the sigfix.c file to fix wu-ftp.
This will block signals while within crusial parts of the FTP server, yet the
signals will occur after the resumesigs is called. I have no idea of how
portable this may or may not be, but it seems to work on HP, OSF, linux and
Solaris. Otherwise the patch as supplied by Dave Kinchlea
<security () kinch ark com> should be applied.

/* ######################### sigfix.c ################################# */

void
#ifdef __STDC__
suspendsigs(void)
#else
suspendsigs()
#endif
{
    sigset_t sset=0;
#ifdef SIGPIPE
    sset=SIGPIPE;
#endif

#ifdef SIGURG
    sset|=SIGURG;
#endif
    sigprocmask(SIG_BLOCK,&sset,NULL);
}

void
#ifdef __STDC__
resumesigs(void)
#else
reseumesigs()
#endif
{
    sigset_t sset=0;
#ifdef SIGPIPE
    sset=SIGPIPE;
#endif

#ifdef SIGURG
    sset|=SIGURG;
#endif
    sigprocmask(SIG_UNBLOCK,&sset,NULL);
}



==============================================================================
Henrik P Johnson              Tel: +46-(0)31-812091           Eklandagatan 41a
GlobeCom Network              GSM: +46-(0)70-5409924            41261 Göteborg
IRC: [TC]                     FAX: +46-(0)31-208460                     Sweden
E-Mail: king () globecom net king () one se, hpj () etek chalmers se, hpj () tjh se... etc
==============================================================================
Nice site: http://www.underscore.se/sj (Swedish)
Previous By Date Next
Previous By Thread Next

Current thread: