From 097635b79bc6ddd6066a8369db6e298a25daa96e Mon Sep 17 00:00:00 2001
From: mbm <mbm@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Tue, 24 Aug 2004 23:50:14 +0000
Subject: massive changes - sstrip cleanup from mjn3 - various patches from
 nico and others: http://openwrt.org/forum/viewtopic.php?t=368

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@145 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 .../sources/openwrt/patches/ppp/auth_hook_segfault | 33 ++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault

(limited to 'obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault')

diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault b/obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault
new file mode 100644
index 000000000..59007efaf
--- /dev/null
+++ b/obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault
@@ -0,0 +1,33 @@
+To: md@linux.it, mjt@corpit.ru
+Subject: pppd-auth-hook.patch
+Message-Id: <20040604231517.3E9AD11DC4@paltus.tls.msk.ru>
+Date: Sat,  5 Jun 2004 03:15:17 +0400 (MSD)
+From: mjt@corpit.ru (Michael Tokarev)
+
+The patch below fixes pppd segfault when using auth_hook that sets
+options for the user (use-after-free problem).
+
+/mjt
+
+--- ppp/pppd/auth.c.orig	Mon Jun 23 18:12:04 2003
++++ ppp/pppd/auth.c	Sat Jun  5 03:11:36 2004
+@@ -1251,14 +1251,14 @@
+     if (pap_auth_hook) {
+ 	ret = (*pap_auth_hook)(user, passwd, msg, &addrs, &opts);
+ 	if (ret >= 0) {
++	    /* note: set_allowed_addrs() saves opts (but not addrs): don't free it! */
+ 	    if (ret)
+ 		set_allowed_addrs(unit, addrs, opts);
+-	    BZERO(passwd, sizeof(passwd));
++	    else if (opts != 0)
++		free_wordlist(opts);
+ 	    if (addrs != 0)
+ 		free_wordlist(addrs);
+-	    if (opts != 0) {
+-		free_wordlist(opts);
+-	    }
++	    BZERO(passwd, sizeof(passwd));
+ 	    return ret? UPAP_AUTHACK: UPAP_AUTHNAK;
+ 	}
+     }
+
-- 
cgit v1.2.3