Blame SOURCES/ntp-4.2.6p5-cve-2016-7429.patch
|
 |
2b78f7 |
diff -up ntp-4.2.6p5/ntpd/ntp_peer.c.cve-2016-7429 ntp-4.2.6p5/ntpd/ntp_peer.c
|
|
|
2b78f7 |
--- ntp-4.2.6p5/ntpd/ntp_peer.c.cve-2016-7429 2016-11-21 16:47:51.738767270 +0100
|
|
|
2b78f7 |
+++ ntp-4.2.6p5/ntpd/ntp_peer.c 2016-11-21 16:52:02.434034046 +0100
|
|
|
2b78f7 |
@@ -241,7 +241,8 @@ findpeer(
|
|
|
2b78f7 |
hash = NTP_HASH_ADDR(srcadr);
|
|
|
2b78f7 |
for (p = peer_hash[hash]; p != NULL; p = p->next) {
|
|
|
2b78f7 |
if (SOCK_EQ(srcadr, &p->srcadr) &&
|
|
|
2b78f7 |
- NSRCPORT(srcadr) == NSRCPORT(&p->srcadr)) {
|
|
|
2b78f7 |
+ NSRCPORT(srcadr) == NSRCPORT(&p->srcadr) &&
|
|
|
2b78f7 |
+ (p->hmode == MODE_BCLIENT || p->dstadr == rbufp->dstadr)) {
|
|
|
2b78f7 |
|
|
|
2b78f7 |
/*
|
|
|
2b78f7 |
* if the association matching rules determine
|
|
|
2b78f7 |
@@ -288,13 +289,6 @@ findpeer(
|
|
|
2b78f7 |
*/
|
|
|
2b78f7 |
if (NULL == p) {
|
|
|
2b78f7 |
*action = MATCH_ASSOC(NO_PEER, pkt_mode);
|
|
|
2b78f7 |
- } else if (p->dstadr != rbufp->dstadr) {
|
|
|
2b78f7 |
- set_peerdstadr(p, rbufp->dstadr);
|
|
|
2b78f7 |
- if (p->dstadr == rbufp->dstadr) {
|
|
|
2b78f7 |
- DPRINTF(1, ("Changed %s local address to match response\n",
|
|
|
2b78f7 |
- stoa(&p->srcadr)));
|
|
|
2b78f7 |
- return findpeer(rbufp, pkt_mode, action);
|
|
|
2b78f7 |
- }
|
|
|
2b78f7 |
}
|
|
|
2b78f7 |
return p;
|
|
|
2b78f7 |
}
|
|
|
2b78f7 |
@@ -548,6 +542,11 @@ set_peerdstadr(
|
|
|
2b78f7 |
{
|
|
|
2b78f7 |
struct peer * unlinked;
|
|
|
2b78f7 |
|
|
|
2b78f7 |
+ DEBUG_INSIST(p != NULL);
|
|
|
2b78f7 |
+
|
|
|
2b78f7 |
+ if (p == NULL)
|
|
|
2b78f7 |
+ return;
|
|
|
2b78f7 |
+
|
|
|
2b78f7 |
if (p->dstadr == dstadr)
|
|
|
2b78f7 |
return;
|
|
|
2b78f7 |
|