From ddfe6ae2fc81d893b3e979f4e67b4897440f0cc1 Mon Sep 17 00:00:00 2001 From: Dimitry Andric Date: Sat, 30 Jan 2021 13:22:39 +0000 Subject: net/samba411 net/samba412 net/samba413: Fix zero-sized VLAs With recent versions of clang, samba could dump core shortly after startup, terminating with either SIGILL or SIGSEGV. Investigation showed that samba is using C99 variable length arrays (VLAs), and in some cases the length of these arrays would become zero. Since this is undefined behavior, various interesting things would happen, often ending in segfaults. Fix this by avoiding to use zero as the length for these VLA declarations. A similar patch was also sent upstream, and was accepted and included in subsequent samba releases. See also: https://bugzilla.samba.org/show_bug.cgi?id=14605 Reported by: Dries Michiels PR: 252157 MFH: 2021Q1 --- net/samba411/files/patch-source3_lib_messages.c | 29 +++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 net/samba411/files/patch-source3_lib_messages.c (limited to 'net/samba411/files/patch-source3_lib_messages.c') diff --git a/net/samba411/files/patch-source3_lib_messages.c b/net/samba411/files/patch-source3_lib_messages.c new file mode 100644 index 000000000000..8b45d464f07f --- /dev/null +++ b/net/samba411/files/patch-source3_lib_messages.c @@ -0,0 +1,29 @@ +--- source3/lib/messages.c.orig 2020-01-08 10:24:52 UTC ++++ source3/lib/messages.c +@@ -158,7 +158,7 @@ struct messaging_rec *messaging_rec_create( + + { + struct messaging_rec rec; +- int64_t fds64[num_fds]; ++ int64_t fds64[MAX(1, num_fds)]; + size_t i; + + for (i=0; ievent_ctx) { + struct iovec iov; +- int fds[rec->num_fds]; ++ int fds[MAX(1, rec->num_fds)]; + int ret; + + /* -- cgit v1.2.3