pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/sysutils fix a ups-nut-usb crash. from the patch file:



details:   https://anonhg.NetBSD.org/pkgsrc/rev/a17a359416a5
branches:  trunk
changeset: 377287:a17a359416a5
user:      mrg <mrg%pkgsrc.org@localhost>
date:      Mon Apr 18 19:49:18 2022 +0000

description:
fix a ups-nut-usb crash.  from the patch file:

  As comm_driver->get_interrupt() can return larger than the buffer size,
  limit the future accesses by this amount.  Bump the size of the buffer
  here as returns as high as 3500 have been seen.

bump ups-nut-usb revision.

with this, i am able to monitor a recent CyberPower UPS.

diffstat:

 sysutils/ups-nut-usb/Makefile                   |   4 +-
 sysutils/ups-nut/distinfo                       |   3 +-
 sysutils/ups-nut/patches/patch-drivers_libhid.c |  32 +++++++++++++++++++++++++
 3 files changed, 36 insertions(+), 3 deletions(-)

diffs (64 lines):

diff -r 38f3eeab2309 -r a17a359416a5 sysutils/ups-nut-usb/Makefile
--- a/sysutils/ups-nut-usb/Makefile     Mon Apr 18 19:09:40 2022 +0000
+++ b/sysutils/ups-nut-usb/Makefile     Mon Apr 18 19:49:18 2022 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.12 2021/05/24 19:54:21 wiz Exp $
+# $NetBSD: Makefile,v 1.13 2022/04/18 19:49:18 mrg Exp $
 
-PKGREVISION=           2
+PKGREVISION=           3
 .include "../../sysutils/ups-nut/Makefile.common"
 
 PKGNAME=               ${DISTNAME:S/nut/ups-nut-usb/}
diff -r 38f3eeab2309 -r a17a359416a5 sysutils/ups-nut/distinfo
--- a/sysutils/ups-nut/distinfo Mon Apr 18 19:09:40 2022 +0000
+++ b/sysutils/ups-nut/distinfo Mon Apr 18 19:49:18 2022 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.36 2021/10/26 11:20:20 nia Exp $
+$NetBSD: distinfo,v 1.37 2022/04/18 19:49:18 mrg Exp $
 
 BLAKE2s (nut-2.7.4.tar.gz) = 0dcc6ea3d6c24ac99a6813616839995f89b30431717feec1938ff2176dc95d0f
 SHA512 (nut-2.7.4.tar.gz) = 320c4aff85d8a370c5eff77d33924fdfc3caf6a250620693cdd5bf3336b3a80d8a207488eee841bcf8b72fbad68fda4c074e63b99c56e7886716fc934122d11a
@@ -6,5 +6,6 @@
 SHA1 (patch-aa) = 5f39487b0ebb39e27dcc76b762ce06090085c24b
 SHA1 (patch-clients_upsclient.c) = 9c521684a5ccf108bd464767f9b31aa2694afae1
 SHA1 (patch-drivers_hidparser.c) = c71d84bbf3140db1f82ef155fdf5afec79cbd38d
+SHA1 (patch-drivers_libhid.c) = d6008a8ee17c8b3b262f9fe2f1b1fd6b403f1a18
 SHA1 (patch-drivers_libusb.c) = 4e75bc13123a37aa2a2b5497d51605f88b0c5464
 SHA1 (patch-drivers_snmp-ups.c) = f01db1f935cc168c9e831f5b672cd9e16ddf6f2c
diff -r 38f3eeab2309 -r a17a359416a5 sysutils/ups-nut/patches/patch-drivers_libhid.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/sysutils/ups-nut/patches/patch-drivers_libhid.c   Mon Apr 18 19:49:18 2022 +0000
@@ -0,0 +1,32 @@
+$NetBSD: patch-drivers_libhid.c,v 1.1 2022/04/18 19:49:18 mrg Exp $
+
+As comm_driver->get_interrupt() can return larger than the buffer size,
+limit the future accesses by this amount.  Bump the size of the buffer
+here as returns as high as 3500 have been seen.
+
+--- drivers/libhid.c.orig      2015-12-29 04:08:34.000000000 -0800
++++ drivers/libhid.c   2022-04-18 12:40:35.352022446 -0700
+@@ -477,7 +477,7 @@
+  */
+ int HIDGetEvents(hid_dev_handle_t udev, HIDData_t **event, int eventsize)
+ {
+-      unsigned char   buf[SMALLBUF];
++      unsigned char   buf[SMALLBUF * 16]; /* XXXMRG: seen at least 8x */
+       int             itemCount = 0;
+       int             buflen, r, i;
+       HIDData_t       *pData;
+@@ -488,6 +488,14 @@
+               return buflen;  /* propagate "error" or "no event" code */
+       }
+ 
++      /*
++       * XXXMRG: Avoid accessing beyond the buffer, no idea what sort of
++       * failure mode this is.
++       */
++      if ((size_t)buflen > sizeof buf) {
++              buflen = sizeof buf;
++      }
++
+       r = file_report_buffer(reportbuf, buf, buflen);
+       if (r < 0) {
+               upsdebug_with_errno(1, "%s: failed to buffer report", __func__);



Home | Main Index | Thread Index | Old Index