patch libupnp to not allowing unhandled POSTs to write to the filesystem.

http://www.openwall.com/lists/oss-security/2016/07/18/13 ok naddy@ sthen@
2016-07-19 14:45:18 +00:00 · 2016-07-19 14:45:18 +00:00 · b779fa17de
commit b779fa17de
parent 2b012a1821
2 changed files with 18 additions and 2 deletions
--- a/net/libupnp/Makefile
+++ b/net/libupnp/Makefile
@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.9 2015/08/19 18:55:04 sthen Exp $
+# $OpenBSD: Makefile,v 1.10 2016/07/19 14:45:18 semarie Exp $

 COMMENT=	Universal Plug and Play SDK

 DISTNAME=	libupnp-1.6.19
-REVISION=	0
+REVISION=	1
 EXTRACT_SUFX=	.tar.bz2

 CATEGORIES=	net devel
--- a/net/libupnp/patches/patch-upnp_src_genlib_net_http_webserver_c
+++ b/net/libupnp/patches/patch-upnp_src_genlib_net_http_webserver_c
@ -0,0 +1,16 @@
+$OpenBSD: patch-upnp_src_genlib_net_http_webserver_c,v 1.1 2016/07/19 14:45:18 semarie Exp $
+Don't allow unhandled POSTs to write to the filesystem.
+http://www.openwall.com/lists/oss-security/2016/07/18/13
+--- upnp/src/genlib/net/http/webserver.c.orig	Tue Jul 19 06:47:12 2016
+++ upnp/src/genlib/net/http/webserver.c	Tue Jul 19 06:47:22 2016
+@@ -1368,9 +1368,7 @@ static int http_RecvPostMessage(
+ 		if (Fp == NULL)
+ 			return HTTP_INTERNAL_SERVER_ERROR;
+ 	} else {
+-		Fp = fopen(filename, "wb");
+-		if (Fp == NULL)
+-			return HTTP_UNAUTHORIZED;
+		return HTTP_NOT_FOUND;
+ 	}
+ 	parser->position = POS_ENTITY;
+ 	do {