Page MenuHomeFreeBSD
Differential D1343

Fix various ntpd vulnerabilities.
ClosedPublic
Actions

Authored by delphij on Dec 20 2014, 12:50 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Nov 24, 3:31 AM
Unknown Object (File)
Wed, Nov 20, 10:05 PM
Unknown Object (File)
Thu, Nov 7, 2:29 PM
Unknown Object (File)
Thu, Nov 7, 2:29 PM
Unknown Object (File)
Thu, Nov 7, 2:29 PM
Unknown Object (File)
Thu, Nov 7, 2:29 PM
Unknown Object (File)
Oct 19 2024, 2:05 PM
Unknown Object (File)
Oct 19 2024, 2:05 PM
View All Files
Subscribers
philip

Details

Reviewers
roberto
Group Reviewers
security
Commits
rS276071: Fix multiple ntp vulnerabilities.
Summary

Fix various ntpd vulnerabilities.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

delphij updated this revision to Diff 2795.Dec 20 2014, 12:50 AM
delphij retitled this revision from to Fix various ntpd vulnerabilities..
delphij updated this object.
delphij edited the test plan for this revision. (Show Details)
delphij added a reviewer: roberto.
roberto accepted this revision.Dec 20 2014, 9:44 AM
roberto edited edge metadata.

This is all security-relevant diffs from upstream then? Go for commit.

This revision is now accepted and ready to land.Dec 20 2014, 9:44 AM
delphij updated this revision to Diff 2802.Dec 21 2014, 8:27 AM
delphij edited edge metadata.

Fix a missed codepath.

This revision now requires review to proceed.Dec 21 2014, 8:27 AM
delphij updated this revision to Diff 2803.Dec 21 2014, 8:30 AM
delphij edited edge metadata.

Oops, updated the changeset at wrong time (updating tree).

delphij added a reviewer: security.Dec 21 2014, 9:08 AM
philip added a subscriber: philip.Dec 21 2014, 1:36 PM

This looks complete and correct to me.

philip added inline comments.Dec 21 2014, 1:41 PM
contrib/ntp/ntpd/ntp_crypto.c
867 ↗(On Diff #2803)

Since nothing else in this file appears to be declared in a block other than a function, maybe *cookiebuf should be declared with the other variables at the beginning of the function. But if this is upstream, there's no point in diverging gratuitously.

contrib/ntp/util/ntp-keygen.c
678 ↗(On Diff #2803)

Maybe this should be a #define?

delphij closed this revision.Dec 22 2014, 6:55 PM
delphij updated this revision to Diff 2820.

Closed by commit rS276071 (authored by @delphij).

Revision Contents
Changeset List

PathSize
head/
contrib/
ntp/
ntpd/
2 lines
17 lines
22 lines
1 line
util/
6 lines

Diff 2820

View Options

head/contrib/ntp/ntpd/ntp_config.c

Loading...
View Options

head/contrib/ntp/ntpd/ntp_control.c

Loading...
View Options

head/contrib/ntp/ntpd/ntp_crypto.c

Loading...
View Options

head/contrib/ntp/ntpd/ntp_proto.c

Loading...
View Options

head/contrib/ntp/util/ntp-keygen.c

Loading...