relocate packages on recipes-base/recipes-enigma2/recipes-wlan.

[vuplus_openvuplus_3.0] / meta-openvuplus / recipes-base / samba / samba-3.0.37 / samba-3.0-CVE-2012-0870.patch

diff --git a/meta-openvuplus/recipes-base/samba/samba-3.0.37/samba-3.0-CVE-2012-0870.patch b/meta-openvuplus/recipes-base/samba/samba-3.0.37/samba-3.0-CVE-2012-0870.patch
deleted file mode 100644 (file)
index 4144a9e..0000000
--- a/meta-openvuplus/recipes-base/samba/samba-3.0.37/samba-3.0-CVE-2012-0870.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-From f781c9c693462b89b60a3662d2a1224c9387a725 Mon Sep 17 00:00:00 2001
-From: Volker Lendecke <vl@samba.org>
-Date: Fri, 10 Feb 2012 08:10:39 +0100
-Subject: [PATCH 1/2] v3-3: AndX offsets are increasing strictly monotonically
-
----
- source/smbd/process.c |   10 +++++++++-
- 1 files changed, 9 insertions(+), 1 deletions(-)
-
-diff --git source/smbd/process.c source/smbd/process.c
-index e861e16..f64e1ce 100644
---- source/smbd/process.c
-+++ source/smbd/process.c
-@@ -1160,7 +1160,7 @@ int chain_reply(char *inbuf,char *outbuf,int size,int bufsize)
-       static char *orig_inbuf;
-       static char *orig_outbuf;
-       int smb_com1, smb_com2 = CVAL(inbuf,smb_vwv0);
--      unsigned smb_off2 = SVAL(inbuf,smb_vwv1);
-+      static unsigned smb_off2;
-       char *inbuf2, *outbuf2;
-       int outsize2;
-       int new_size;
-@@ -1178,8 +1178,16 @@ int chain_reply(char *inbuf,char *outbuf,int size,int bufsize)
-               /* this is the first part of the chain */
-               orig_inbuf = inbuf;
-               orig_outbuf = outbuf;
-+              smb_off2 = 0;
-       }
- 
-+      if (SVAL(inbuf,smb_vwv1) <= smb_off2) {
-+              DEBUG(1, ("AndX offset not increasing\n"));
-+              SCVAL(outbuf, smb_vwv0, 0xFF);
-+              return outsize;
-+      }
-+      smb_off2 = SVAL(inbuf, smb_vwv1);
-+
-       /*
-        * The original Win95 redirector dies on a reply to
-        * a lockingX and read chain unless the chain reply is
--- 
-1.7.3.4
-
-
-From 009bb0be7383777a650a3bc6af1c0d3ab7476ebc Mon Sep 17 00:00:00 2001
-From: Volker Lendecke <vl@samba.org>
-Date: Fri, 10 Feb 2012 08:39:33 +0100
-Subject: [PATCH 2/2] v3-0-test: Port back some packet consistency checks
-
----
- source/smbd/process.c |   18 ++++++++++++++++++
- 1 files changed, 18 insertions(+), 0 deletions(-)
-
-diff --git source/smbd/process.c source/smbd/process.c
-index f64e1ce..8aabef8 100644
---- source/smbd/process.c
-+++ source/smbd/process.c
-@@ -1025,6 +1025,7 @@ static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
-       int outsize = 0;
-       int msg_type = CVAL(inbuf,0);
-       uint16_t mid = SVAL(inbuf, smb_mid);
-+      uint8_t wct = CVAL(inbuf, smb_wct);
- 
-       chain_size = 0;
-       file_chain_reset();
-@@ -1033,6 +1034,23 @@ static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
-       if (msg_type != 0)
-               return(reply_special(inbuf,outbuf));  
- 
-+      /* Ensure we have at least wct words and 2 bytes of bcc. */
-+      if (smb_size + wct*2 > size) {
-+              DEBUG(0,("init_smb_request: invalid wct number %u (size %u)\n",
-+                      (unsigned int)wct,
-+                      (unsigned int)size));
-+              exit_server_cleanly("Invalid SMB request");
-+      }
-+      /* Ensure bcc is correct. */
-+      if (((uint8 *)smb_buf(inbuf)) + smb_buflen(inbuf) > inbuf + size) {
-+              DEBUG(0,("init_smb_request: invalid bcc number %u "
-+                      "(wct = %u, size %u)\n",
-+                      (unsigned int)smb_buflen(inbuf),
-+                      (unsigned int)wct,
-+                      (unsigned int)size));
-+              exit_server_cleanly("Invalid SMB request");
-+      }
-+
-       construct_reply_common(inbuf, outbuf);
- 
-       outsize = switch_message(type,inbuf,outbuf,size,bufsize);
--- 
-1.7.3.4
-