sources/meta-openembedded/meta-networking/recipes-daemons/proftpd/files/CVE-2024-57392.patch

From 981a37916fdb7b73435c6d5cdb01428b2269427d Mon Sep 17 00:00:00 2001
From: TJ Saunders <tj@castaglia.org>
Date: Sun, 9 Feb 2025 12:14:25 -0800
Subject: [PATCH] Issue #1866: Some of the fuzzing tests submitted in the
 advisory ran into existing null pointer dereferences (not buffer overflows);
 let's correct them. (#1867)

Upstream-Status: Backport [https://github.com/proftpd/proftpd/commit/981a37916fdb7b73435c6d5cdb01428b2269427d]
CVE: CVE-2024-57392
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
 modules/mod_ls.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/modules/mod_ls.c b/modules/mod_ls.c
index 45a3187bd..f7abfe540 100644
--- a/modules/mod_ls.c
+++ b/modules/mod_ls.c
@@ -349,7 +349,8 @@ static int sendline(int flags, char *fmt, ...) {
           errno != 0) {
         int xerrno = errno;
 
-        if (session.d != NULL) {
+        if (session.d != NULL &&
+	    session.d->outstrm != NULL) {
           xerrno = PR_NETIO_ERRNO(session.d->outstrm);
         }
 
@@ -1039,7 +1040,9 @@ static int outputfiles(cmd_rec *cmd) {
     return res;
   }
 
-  tail->down = NULL;
+  if (tail != NULL) {
+    tail->down = NULL;
+  }
   tail = NULL;
   colwidth = (colwidth | 7) + 1;
   if (opt_l || !opt_C) {
-- 
2.25.1
Complete Yocto mirror with license table for TQMa6UL (2038-compliance) - 264 license table entries with exact download URLs (224/264 resolved) - Complete sources/ directory with all BitBake recipes - Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl) - Full traceability for Softwarefreigabeantrag - GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4 - License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16) 2026-03-01 20:58:18 +00:00			`From 981a37916fdb7b73435c6d5cdb01428b2269427d Mon Sep 17 00:00:00 2001`
			`From: TJ Saunders <tj@castaglia.org>`
			`Date: Sun, 9 Feb 2025 12:14:25 -0800`
			`Subject: [PATCH] Issue #1866: Some of the fuzzing tests submitted in the`
			`advisory ran into existing null pointer dereferences (not buffer overflows);`
			`let's correct them. (#1867)`

			`Upstream-Status: Backport [https://github.com/proftpd/proftpd/commit/981a37916fdb7b73435c6d5cdb01428b2269427d]`
			`CVE: CVE-2024-57392`
			`Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>`
			`---`
			`modules/mod_ls.c \| 7 +++++--`
			`1 file changed, 5 insertions(+), 2 deletions(-)`

			`diff --git a/modules/mod_ls.c b/modules/mod_ls.c`
			`index 45a3187bd..f7abfe540 100644`
			`--- a/modules/mod_ls.c`
			`+++ b/modules/mod_ls.c`
			`@@ -349,7 +349,8 @@ static int sendline(int flags, char *fmt, ...) {`
			`errno != 0) {`
			`int xerrno = errno;`

			`- if (session.d != NULL) {`
			`+ if (session.d != NULL &&`
			`+ session.d->outstrm != NULL) {`
			`xerrno = PR_NETIO_ERRNO(session.d->outstrm);`
			`}`

			`@@ -1039,7 +1040,9 @@ static int outputfiles(cmd_rec *cmd) {`
			`return res;`
			`}`

			`- tail->down = NULL;`
			`+ if (tail != NULL) {`
			`+ tail->down = NULL;`
			`+ }`
			`tail = NULL;`
			`colwidth = (colwidth \| 7) + 1;`
			`if (opt_l \|\| !opt_C) {`
			`--`
			`2.25.1`