rpms / ntp

Clone
Source Code
GIT

Blame SOURCES/ntp-4.2.6p5-cve-2016-9311.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta
  1.   2b78f720d4176726c1d27400684acfb0362c2ff6
  2.   SOURCES
  3.   ntp-4.2.6p5-cve-2016-9311.patch
Blob History Raw
2b78f7 
diff -up ntp-4.2.6p5/ntpd/ntp_control.c.cve-2016-9311 ntp-4.2.6p5/ntpd/ntp_control.c
2b78f7 
--- ntp-4.2.6p5/ntpd/ntp_control.c.cve-2016-9311	2016-11-21 16:14:42.800048565 +0100
2b78f7 
+++ ntp-4.2.6p5/ntpd/ntp_control.c	2016-11-21 16:18:24.484590147 +0100
2b78f7 
@@ -3080,6 +3080,22 @@ report_event(
2b78f7 
 	if (num_ctl_traps <= 0)
2b78f7 
 		return;
2b78f7
2b78f7 
+	/* [Bug 3119]
2b78f7 
+	 * Peer Events should be associated with a peer -- hence the
2b78f7 
+	 * name. But there are instances where this function is called
2b78f7 
+	 * *without* a valid peer. This happens e.g. with an unsolicited
2b78f7 
+	 * CryptoNAK, or when a leap second alarm is going off while
2b78f7 
+	 * currently without a system peer.
2b78f7 
+	 *
2b78f7 
+	 * The most sensible approach to this seems to bail out here if
2b78f7 
+	 * this happens. Avoiding to call this function would also
2b78f7 
+	 * bypass the log reporting in the first part of this function,
2b78f7 
+	 * and this is probably not the best of all options.
2b78f7 
+	 *   -*-perlinger@ntp.org-*-
2b78f7 
+	 */
2b78f7 
+	if ((err & PEER_EVENT) && !peer)
2b78f7 
+		return;
2b78f7 
+
2b78f7 
 	/*
2b78f7 
 	 * Set up the outgoing packet variables
2b78f7 
 	 */
2b78f7 
@@ -3104,8 +3120,7 @@ report_event(
2b78f7 
 #endif /* OPENSSL */
2b78f7 
 			ctl_putsys(i);
2b78f7 
 		}
2b78f7 
-	} else {
2b78f7 
-		NTP_INSIST(peer != NULL);
2b78f7 
+	} else if (NULL != peer) { /* paranoia -- skip output */
2b78f7 
 		rpkt.associd = htons(peer->associd);
2b78f7 
 		rpkt.status = htons(ctlpeerstatus(peer));
2b78f7

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation