Hi,
probably the latest putty security fix (1) or the upgrade to PuTTY 0.57
is not really relevant to plink (and such not to TortoisePlink). But I
think "it looks better" if TortoiseSVN uses the latest released
PuTTY-code ;-)
Since I'm playing with subversion and tortoiseSVN to get familiar using
the software - why should I not contrib my results to the community?
The following changes should do the upgrade:
A) Update
misc.c
puttymem.h
ssh.c
x11fwd.c
in src\TortoisePlink to the version in
svn://ixion.tartarus.org/main/putty-0.57
B) Update the version number in TortoisePlink.vcproj
I've attached an patchfile and a description how I've figured out the
relevant changes. I'm not yet able to compile tsvn, so this patch is yet
untested!
Thanks for TSVN!
Markus
(1)
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html
--
markus.schuh@sdm.de
Index: src/TortoisePlink/TortoisePlink.vcproj
===================================================================
--- src/TortoisePlink/TortoisePlink.vcproj (revision 2933)
+++ src/TortoisePlink/TortoisePlink.vcproj (working copy)
@@ -87,7 +87,7 @@
FavorSizeOrSpeed="2"
OptimizeForWindowsApplication="TRUE"
AdditionalIncludeDirectories=""
- PreprocessorDefinitions="NDEBUG;RELEASE="0.56";WIN32;_CONSOLE;HAVE_ERRNO_H;_WINDOWS;_NO_OLDNAMES;NO_MULTIMON;WIN32S_COMPAT"
+ PreprocessorDefinitions="NDEBUG;RELEASE="0.57";WIN32;_CONSOLE;HAVE_ERRNO_H;_WINDOWS;_NO_OLDNAMES;NO_MULTIMON;WIN32S_COMPAT"
StringPooling="TRUE"
RuntimeLibrary="2"
EnableFunctionLevelLinking="TRUE"
Index: src/TortoisePlink/SSH.C
===================================================================
--- src/TortoisePlink/SSH.C (revision 2933)
+++ src/TortoisePlink/SSH.C (working copy)
@@ -525,6 +525,7 @@
static int ssh_sendbuffer(void *handle);
static void ssh_do_close(Ssh ssh);
static unsigned long ssh_pkt_getuint32(Ssh ssh);
+static int ssh2_pkt_getbool(Ssh ssh);
static void ssh_pkt_getstring(Ssh ssh, char **p, int *length);
struct rdpkt1_state_tag {
@@ -1198,7 +1199,10 @@
/* log the debug message */
char *buf, *msg;
int msglen;
+ int always_display;
+ /* XXX maybe we should actually take notice of this */
+ always_display = ssh2_pkt_getbool(ssh);
ssh_pkt_getstring(ssh, &msg, &msglen);
buf = dupprintf("Remote debug message: %.*s", msglen, msg);
@@ -3578,7 +3582,8 @@
}
if (sport && dport) {
/* Set up a description of the source port. */
- char *sportdesc = dupprintf("%.*s%.*s%.*s%.*s%d%.*s",
+ static char *sportdesc;
+ sportdesc = dupprintf("%.*s%.*s%.*s%.*s%d%.*s",
(int)(*saddr?strlen(saddr):0), *saddr?saddr:NULL,
(int)(*saddr?1:0), ":",
(int)(sserv ? strlen(sports) : 0), sports,
@@ -5766,7 +5771,8 @@
}
if (sport && dport) {
/* Set up a description of the source port. */
- char *sportdesc = dupprintf("%.*s%.*s%.*s%.*s%d%.*s",
+ static char *sportdesc;
+ sportdesc = dupprintf("%.*s%.*s%.*s%.*s%d%.*s",
(int)(*saddr?strlen(saddr):0), *saddr?saddr:NULL,
(int)(*saddr?1:0), ":",
(int)(sserv ? strlen(sports) : 0), sports,
@@ -5819,12 +5825,13 @@
ssh2_pkt_init(ssh, SSH2_MSG_GLOBAL_REQUEST);
ssh2_pkt_addstring(ssh, "tcpip-forward");
ssh2_pkt_addbool(ssh, 1);/* want reply */
- if (*saddr)
+ if (*saddr) {
ssh2_pkt_addstring(ssh, saddr);
- if (ssh->cfg.rport_acceptall)
+ } else if (ssh->cfg.rport_acceptall) {
ssh2_pkt_addstring(ssh, "0.0.0.0");
- else
+ } else {
ssh2_pkt_addstring(ssh, "127.0.0.1");
+ }
ssh2_pkt_adduint32(ssh, sport);
ssh2_pkt_send(ssh);
Index: src/TortoisePlink/X11FWD.C
===================================================================
--- src/TortoisePlink/X11FWD.C (revision 2933)
+++ src/TortoisePlink/X11FWD.C (working copy)
@@ -242,7 +242,7 @@
ret = dupstr(display);
if(ret[0] == ':') {
/* no transport specified, use whatever we think is best */
- char *s = dupcat(platform_x11_best_transport, display, (char *)0);
+ char *s = dupcat(platform_x11_best_transport, ret, (char *)0);
sfree(ret);
return s;
} else
Index: src/TortoisePlink/MISC.C
===================================================================
--- src/TortoisePlink/MISC.C (revision 2933)
+++ src/TortoisePlink/MISC.C (working copy)
@@ -5,6 +5,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
+#include <limits.h>
#include <ctype.h>
#include <assert.h>
#include "putty.h"
@@ -332,14 +333,21 @@
}
#endif
-void *safemalloc(size_t size)
+void *safemalloc(size_t n, size_t size)
{
void *p;
+
+ if (n > INT_MAX / size) {
+ p = NULL;
+ } else {
+ size *= n;
#ifdef MINEFIELD
- p = minefield_c_malloc(size);
+ p = minefield_c_malloc(size);
#else
- p = malloc(size);
+ p = malloc(size);
#endif
+ }
+
if (!p) {
char str[200];
#ifdef MALLOC_LOG
@@ -359,22 +367,29 @@
return p;
}
-void *saferealloc(void *ptr, size_t size)
+void *saferealloc(void *ptr, size_t n, size_t size)
{
void *p;
- if (!ptr) {
+
+ if (n > INT_MAX / size) {
+ p = NULL;
+ } else {
+ size *= n;
+ if (!ptr) {
#ifdef MINEFIELD
- p = minefield_c_malloc(size);
+ p = minefield_c_malloc(size);
#else
- p = malloc(size);
+ p = malloc(size);
#endif
- } else {
+ } else {
#ifdef MINEFIELD
- p = minefield_c_realloc(ptr, size);
+ p = minefield_c_realloc(ptr, size);
#else
- p = realloc(ptr, size);
+ p = realloc(ptr, size);
#endif
+ }
}
+
if (!p) {
char str[200];
#ifdef MALLOC_LOG
Index: src/TortoisePlink/PUTTYMEM.H
===================================================================
--- src/TortoisePlink/PUTTYMEM.H (revision 2933)
+++ src/TortoisePlink/PUTTYMEM.H (working copy)
@@ -11,18 +11,22 @@
/* #define MALLOC_LOG do this if you suspect putty of leaking memory */
#ifdef MALLOC_LOG
-#define smalloc(z) (mlog(__FILE__,__LINE__), safemalloc(z))
-#define srealloc(y,z) (mlog(__FILE__,__LINE__), saferealloc(y,z))
+#define smalloc(z) (mlog(__FILE__,__LINE__), safemalloc(z,1))
+#define snmalloc(z,s) (mlog(__FILE__,__LINE__), safemalloc(z,s))
+#define srealloc(y,z) (mlog(__FILE__,__LINE__), saferealloc(y,z,1))
+#define snrealloc(y,z) (mlog(__FILE__,__LINE__), saferealloc(y,z,s))
#define sfree(z) (mlog(__FILE__,__LINE__), safefree(z))
void mlog(char *, int);
#else
-#define smalloc safemalloc
-#define srealloc saferealloc
+#define smalloc(z) safemalloc(z,1)
+#define snmalloc safemalloc
+#define srealloc(y,z) saferealloc(y,z,1)
+#define snrealloc saferealloc
#define sfree safefree
#endif
-void *safemalloc(size_t);
-void *saferealloc(void *, size_t);
+void *safemalloc(size_t, size_t);
+void *saferealloc(void *, size_t, size_t);
void safefree(void *);
/*
@@ -31,8 +35,8 @@
* you don't mistakenly allocate enough space for one sort of
* structure and assign it to a different sort of pointer.
*/
-#define snew(type) ((type *)smalloc(sizeof(type)))
-#define snewn(n, type) ((type *)smalloc((n)*sizeof(type)))
-#define sresize(ptr, n, type) ((type *)srealloc(ptr, (n)*sizeof(type)))
+#define snew(type) ((type *)snmalloc(1, sizeof(type)))
+#define snewn(n, type) ((type *)snmalloc((n), sizeof(type)))
+#define sresize(ptr, n, type) ((type *)snrealloc((ptr), (n), sizeof(type)))
#endif
# local directory with WC
# putty/putty-0.56 from svn://ixion.tartarus.org/main/putty-0.56
# putty/putty-0.57 from svn://ixion.tartarus.org/main/putty-0.57
# TortoiseSVN-trunk from http://svn.collab.net/repos/tortoisesvn/trunk
# I know:
# The following could be done easier with a graphical diff3-Tool which scans directories recursively ...
# Identify TortoisePlink files which are different from latest putty version
# Differences between putty-0.57 and TortoisePlink in tsvn-trunk
$ diff -rq --ignore-file-name-case putty/putty-0.57 TortoiseSVN-trunk/src/TortoisePlink |
> egrep -v '/.svn|Only in putty' |
> sort
Files putty/putty-0.57/cmdline.c and TortoiseSVN-trunk/src/TortoisePlink/CMDLINE.C differ
Files putty/putty-0.57/console.c and TortoiseSVN-trunk/src/TortoisePlink/CONSOLE.C differ
Files putty/putty-0.57/misc.c and TortoiseSVN-trunk/src/TortoisePlink/MISC.C differ
Files putty/putty-0.57/plink.c and TortoiseSVN-trunk/src/TortoisePlink/PLINK.C differ
Files putty/putty-0.57/plink.rc and TortoiseSVN-trunk/src/TortoisePlink/Plink.rc differ
Files putty/putty-0.57/putty.h and TortoiseSVN-trunk/src/TortoisePlink/PUTTY.H differ
Files putty/putty-0.57/puttymem.h and TortoiseSVN-trunk/src/TortoisePlink/PUTTYMEM.H differ
Files putty/putty-0.57/ssh.c and TortoiseSVN-trunk/src/TortoisePlink/SSH.C differ
Files putty/putty-0.57/x11fwd.c and TortoiseSVN-trunk/src/TortoisePlink/X11FWD.C differ
Only in TortoiseSVN-trunk/src/TortoisePlink: LoginDialog.cpp
Only in TortoiseSVN-trunk/src/TortoisePlink: LoginDialog.h
Only in TortoiseSVN-trunk/src/TortoisePlink: Makefile
Only in TortoiseSVN-trunk/src/TortoisePlink: TortoisePlink.rc
Only in TortoiseSVN-trunk/src/TortoisePlink: TortoisePlink.vcproj
Only in TortoiseSVN-trunk/src/TortoisePlink: TortoisePlinkRes.h
# Which of these nine changed files have also changed between putty-0.56 and putty-0.57?
$ for file in cmdline.c console.c misc.c plink.c plink.rc putty.h puttymem.h ssh.c x11fwd.c
> do
> diff -sq putty/putty-0.56/$file putty/putty-0.57/$file
> done | sort +5
Files putty/putty-0.56/misc.c and putty/putty-0.57/misc.c differ
Files putty/putty-0.56/puttymem.h and putty/putty-0.57/puttymem.h differ
Files putty/putty-0.56/ssh.c and putty/putty-0.57/ssh.c differ
Files putty/putty-0.56/x11fwd.c and putty/putty-0.57/x11fwd.c differ
Files putty/putty-0.56/cmdline.c and putty/putty-0.57/cmdline.c are identical
Files putty/putty-0.56/console.c and putty/putty-0.57/console.c are identical
Files putty/putty-0.56/plink.c and putty/putty-0.57/plink.c are identical
Files putty/putty-0.56/plink.rc and putty/putty-0.57/plink.rc are identical
Files putty/putty-0.56/putty.h and putty/putty-0.57/putty.h are identical
# Which of these four changed files in putty do have TortoisePlink modifications?
# Differences between Putty-0.56 and TortoisePlink in tsvn-trunk
$ for file in misc.c puttymem.h ssh.c x11fwd.c
> do
> diff -sq putty/putty-0.56/$file TortoiseSVN-trunk/src/TortoisePlink
> done
Files putty/putty-0.56/misc.c and TortoiseSVN-trunk/src/TortoisePlink/misc.c are identical
Files putty/putty-0.56/puttymem.h and TortoiseSVN-trunk/src/TortoisePlink/puttymem.h are identical
Files putty/putty-0.56/ssh.c and TortoiseSVN-trunk/src/TortoisePlink/ssh.c are identical
Files putty/putty-0.56/x11fwd.c and TortoiseSVN-trunk/src/TortoisePlink/x11fwd.c are identical
# None. Therefore all these four files should be updated in TortoisePlink to update it to putty version 0.57
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: dev-help@tortoisesvn.tigris.org
Received on Tue Mar 29 13:50:51 2005