diff options
Diffstat (limited to 'sys-cluster/torque/files')
6 files changed, 140 insertions, 325 deletions
diff --git a/sys-cluster/torque/files/CVE-2013-4319-2.x-root-submit-fix.patch b/sys-cluster/torque/files/CVE-2013-4319-2.x-root-submit-fix.patch deleted file mode 100644 index aa53239f157c..000000000000 --- a/sys-cluster/torque/files/CVE-2013-4319-2.x-root-submit-fix.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 5dee0365a56dd2cc4cfd0b182bc843b4f32c086c Mon Sep 17 00:00:00 2001 -From: Justin Bronder <jsbronder@gmail.com> -Date: Mon, 23 Dec 2013 12:40:27 -0500 -Subject: [PATCH] CVE-2013-4319: 2.x root submit fix - -https://bugs.gentoo.org/show_bug.cgi?id=484320 -http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4319\ ---- - src/server/process_request.c | 15 +++++++++++++++ - 1 file changed, 15 insertions(+) - -diff --git a/src/server/process_request.c b/src/server/process_request.c -index d4a3c92..b06a333 100644 ---- a/src/server/process_request.c -+++ b/src/server/process_request.c -@@ -640,6 +640,21 @@ void process_request( - log_buffer); - } - -+ if (svr_conn[sfds].cn_authen != PBS_NET_CONN_FROM_PRIVIL) -+ { -+ sprintf(log_buffer, "request type %s from host %s rejected (connection not privileged)", -+ reqtype_to_txt(request->rq_type), -+ request->rq_host); -+ -+ log_record(PBSEVENT_JOB, PBS_EVENTCLASS_JOB, id, log_buffer); -+ -+ req_reject(PBSE_BADHOST, 0, request, NULL, "request not authorized"); -+ -+ close_client(sfds); -+ -+ return; -+ } -+ - if (!tfind(svr_conn[sfds].cn_addr, &okclients)) - { - sprintf(log_buffer, "request type %s from host %s rejected (host not authorized)", --- -1.8.3.2 - diff --git a/sys-cluster/torque/files/CVE-2013-4495.patch b/sys-cluster/torque/files/CVE-2013-4495.patch deleted file mode 100644 index 41232c07ec72..000000000000 --- a/sys-cluster/torque/files/CVE-2013-4495.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 8246d967bbcf174482ef01b1bf4920a5944b1011 Mon Sep 17 00:00:00 2001 -From: David Beer <dbeer@adaptivecomputing.com> -Date: Wed, 13 Nov 2013 10:47:48 -0700 -Subject: [PATCH] Use Michael Jenning's patch for CVE 2013-4495 instead of the - original. This one is being used because 2.5 should face the minimal possible - change. - ---- - src/server/svr_mail.c | 6 ++---- - 1 file changed, 2 insertions(+), 4 deletions(-) - -diff --git a/src/server/svr_mail.c b/src/server/svr_mail.c -index 26b6dd7..241bdfc 100644 ---- a/src/server/svr_mail.c -+++ b/src/server/svr_mail.c -@@ -372,11 +372,9 @@ void svr_mailowner( - exit(1); - } - -- sprintf(cmdbuf, "%s -f %s %s", -- -+ sprintf(cmdbuf, "%s -t -f %s", - SENDMAIL_CMD, -- mailfrom, -- mailto); -+ mailfrom); - - outmail = (FILE *)popen(cmdbuf, "w"); - --- -1.8.3.2 - diff --git a/sys-cluster/torque/files/CVE-2014-0749.patch b/sys-cluster/torque/files/CVE-2014-0749.patch deleted file mode 100644 index 52131edcf7e0..000000000000 --- a/sys-cluster/torque/files/CVE-2014-0749.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 3ed749263abe3d69fa3626d142a5789dcb5a5684 Mon Sep 17 00:00:00 2001 -From: David Beer <dbeer@adaptivecomputing.com> -Date: Fri, 23 Aug 2013 15:53:09 -0600 -Subject: [PATCH] Merge pull request #171 into 2.5-fixes. - ---- - src/lib/Libdis/disrsi_.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/src/lib/Libdis/disrsi_.c b/src/lib/Libdis/disrsi_.c -index 69edd28..154514c 100644 ---- a/src/lib/Libdis/disrsi_.c -+++ b/src/lib/Libdis/disrsi_.c -@@ -112,6 +112,15 @@ int disrsi_( - if (dis_umaxd == 0) - disiui_(); - -+ if (count >= dis_umaxd) -+ { -+ if (count > dis_umaxd) -+ goto overflow; -+ -+ if (memcmp(scratch, dis_umax, dis_umaxd) > 0) -+ goto overflow; -+ } -+ - switch (c = (*dis_getc)(stream)) - { - --- -1.8.3.2 - diff --git a/sys-cluster/torque/files/TRQ-2885-limit-tm_adopt-to-only-adopt-a-session-id-t.patch b/sys-cluster/torque/files/TRQ-2885-limit-tm_adopt-to-only-adopt-a-session-id-t.patch deleted file mode 100644 index 63713a0bc16f..000000000000 --- a/sys-cluster/torque/files/TRQ-2885-limit-tm_adopt-to-only-adopt-a-session-id-t.patch +++ /dev/null @@ -1,134 +0,0 @@ -From f2f4c950f3d461a249111c8826da3beaafccace9 Mon Sep 17 00:00:00 2001 -From: Chad Vizino <cvizino@adaptivecomputing.com> -Date: Tue, 23 Sep 2014 17:40:59 -0600 -Subject: [PATCH 1/2] TRQ-2885 - limit tm_adopt() to only adopt a session id - that is owned by the calling user. - ---- - src/cmds/pbs_track.c | 6 ++++++ - src/include/tm.h | 2 +- - src/include/tm_.h | 1 + - src/lib/Libifl/tm.c | 37 ++++++++++++++++++++++++++++++++++--- - 5 files changed, 56 insertions(+), 4 deletions(-) - -diff --git a/src/cmds/pbs_track.c b/src/cmds/pbs_track.c -index 7a90fda..9383ea5 100644 ---- a/src/cmds/pbs_track.c -+++ b/src/cmds/pbs_track.c -@@ -164,6 +164,12 @@ int main( - - break; - -+ case TM_EPERM: -+ -+ fprintf(stderr, "pbs_track: permission denied: %s (%d)\n", -+ pbse_to_txt(rc), -+ rc); -+ - default: - - /* Unexpected error occurred */ -diff --git a/src/include/tm.h b/src/include/tm.h -index 106d3fb..2288828 100644 ---- a/src/include/tm.h -+++ b/src/include/tm.h -@@ -125,7 +125,7 @@ int tm_register(tm_whattodo_t *what, - /* - * DJH 15 Nov 2001. - * Generic "out-of-band" task adoption call for tasks parented by -- * another job management system. Minor security hole? -+ * another job management system. - * Cannot be called with any other tm call. - * 26 Feb 2002. Allows id to be jobid (adoptCmd = TM_ADOPT_JOBID) - * or some altid (adoptCmd = TM_ADOPT_ALTID) -diff --git a/src/include/tm_.h b/src/include/tm_.h -index c9393b9..8cae7b0 100644 ---- a/src/include/tm_.h -+++ b/src/include/tm_.h -@@ -136,6 +136,7 @@ typedef unsigned int tm_task_id; - #define TM_EBADENVIRONMENT 17005 - #define TM_ENOTFOUND 17006 - #define TM_BADINIT 17007 -+#define TM_EPERM 17008 - - #define TM_TODO_NOP 5000 /* Do nothing (the nodes value may be new) */ - #define TM_TODO_CKPT 5001 /* Checkpoint <what> and continue it */ -diff --git a/src/lib/Libifl/iff --git a/src/lib/Libifl/tm.c b/src/lib/Libifl/tm.c -index edb6273..4f38529 100644 ---- a/src/lib/Libifl/tm.c -+++ b/src/lib/Libifl/tm.c -@@ -94,6 +94,7 @@ - #include <errno.h> - #include <assert.h> - #include <sys/types.h> -+#include <sys/stat.h> - #include <sys/socket.h> - #include <sys/time.h> - #include <netinet/in.h> -@@ -169,6 +170,31 @@ typedef struct event_info - static event_info *event_hash[EVENT_HASH]; - - /* -+ * check if the owner of this process matches the owner of pid -+ * returns TRUE if so, FALSE otherwise -+ */ -+bool ispidowner(pid_t pid) -+ { -+ char path[MAXPATHLEN]; -+ struct stat sbuf; -+ -+ /* build path to pid */ -+ snprintf(path, sizeof(path), "/proc/%d", pid); -+ -+ /* do the stat */ -+ /* if it fails, assume not owner */ -+ if (stat(path, &sbuf) != 0) -+ return(FALSE); -+ -+ /* see if caller is the owner of pid */ -+ if (getuid() != sbuf.st_uid) -+ return(FALSE); -+ -+ /* caller is owner */ -+ return(TRUE); -+ } -+ -+/* - ** Find an event number or return a NULL. - */ - event_info *find_event( -@@ -1800,8 +1826,8 @@ tm_poll_error: - * some mpiruns simply use rsh to start remote processes - no AMS - * tracking or management facilities are available. - * -- * This function allows any task (session) to be adopted into a PBS -- * job. It is used by: -+ * This function allows any task (session) owned by the owner -+ * of the job to be adopted into a PBS job. It is used by: - * - "adopter" (which is in turn used by our pvmrun) - * - our rmsloader wrapper (a home-brew replacement for RMS' - * rmsloader that does some work and then exec()s the real -@@ -1835,7 +1861,8 @@ tm_poll_error: - * the mom. Returns TM_ENOTFOUND if the mom couldn't find a job - * with the given RMS resource id. Returns TM_ESYSTEM or - * TM_ENOTCONNECTED if there was some sort of comms error talking -- * to the mom -+ * to the mom. Returns TM_EPERM if an attempt was made to adopt -+ * a session not owned by the owner of the job. - * - * Side effects: - * Sets the tm_* globals to fake values if tm_init() has never -@@ -1860,6 +1887,10 @@ int tm_adopt( - - sid = getsid(pid); - -+ /* do not adopt a sid not owned by caller */ -+ if (!ispidowner(sid)) -+ return(TM_EPERM); -+ - /* Must be the only call to call to tm and - must only be called once */ - --- -1.8.3.2 - diff --git a/sys-cluster/torque/files/tcl8.6.patch b/sys-cluster/torque/files/tcl8.6.patch deleted file mode 100644 index 0361dbfead0a..000000000000 --- a/sys-cluster/torque/files/tcl8.6.patch +++ /dev/null @@ -1,87 +0,0 @@ -From 061f15e06d6cf85e951cd321360067de5f0b2ce0 Mon Sep 17 00:00:00 2001 -From: Justin Bronder <jsbronder@gmail.com> -Date: Thu, 7 Mar 2013 22:33:04 -0500 -Subject: [PATCH] support tcl-8.6 - ---- - src/cmds/qstat.c | 13 +++++++++---- - src/scheduler.tcl/pbs_tclWrap.c | 6 +++--- - 2 files changed, 12 insertions(+), 7 deletions(-) - -diff --git a/src/cmds/qstat.c b/src/cmds/qstat.c -index 5f85de7..7f289ba 100644 ---- a/src/cmds/qstat.c -+++ b/src/cmds/qstat.c -@@ -88,6 +88,11 @@ - #if TCL_QSTAT - #include <sys/stat.h> - #include <tcl.h> -+#if TCL_MAJOR_VERSION <=8 && TCL_MINOR_VERSION < 6 -+#define Tcl_GetStringResult(x) x->result -+#define Tcl_GetErrorLine(x) x->errorLine -+#define Tcl_SetResult(x, y, z) x->result = y -+#endif - #if TCLX - #include <tclExtend.h> - #endif -@@ -1856,7 +1861,7 @@ tcl_init(void) - if (Tcl_Init(interp) == TCL_ERROR) - { - fprintf(stderr, "Tcl_Init error: %s", -- interp->result); -+ Tcl_GetStringResult(interp)); - } - - #if TCLX -@@ -1869,7 +1874,7 @@ tcl_init(void) - { - #endif - fprintf(stderr, "Tclx_Init error: %s", -- interp->result); -+ Tcl_GetStringResult(interp)); - } - - #endif /* TCLX */ -@@ -1980,10 +1985,10 @@ void tcl_run( - trace = (char *)Tcl_GetVar(interp, "errorInfo", 0); - - if (trace == NULL) -- trace = interp->result; -+ trace = Tcl_GetStringResult(interp); - - fprintf(stderr, "%s: TCL error @ line %d: %s\n", -- script, interp->errorLine, trace); -+ script, Tcl_GetErrorLine(interp), trace); - } - - Tcl_DeleteInterp(interp); -diff --git a/src/scheduler.tcl/pbs_tclWrap.c b/src/scheduler.tcl/pbs_tclWrap.c -index e859ae5..194c24b 100644 ---- a/src/scheduler.tcl/pbs_tclWrap.c -+++ b/src/scheduler.tcl/pbs_tclWrap.c -@@ -924,7 +924,7 @@ char *argv[]; - - if (argc != 2) - { -- sprintf(interp->result, -+ sprintf(Tcl_GetStringResult(interp), - "%s: wrong # args: job_id", argv[0]); - return TCL_ERROR; - } -@@ -936,11 +936,11 @@ char *argv[]; - return TCL_OK; - } - -- interp->result = "0"; -+ Tcl_SetResult(interp, "0", TCL_STATIC); - - if (pbs_rerunjob(connector, argv[1], extend)) - { -- interp->result = "-1"; -+ Tcl_SetResult(interp, "-1", TCL_STATIC); - msg = pbs_geterrmsg(connector); - sprintf(log_buffer, "%s (%d)", msg ? msg : fail, pbs_errno); - log_err(-1, argv[0], log_buffer); --- -1.7.12.4 - diff --git a/sys-cluster/torque/files/torque-4.2-use-NULL-instead-of-char0.patch b/sys-cluster/torque/files/torque-4.2-use-NULL-instead-of-char0.patch new file mode 100644 index 000000000000..a1cb85327d71 --- /dev/null +++ b/sys-cluster/torque/files/torque-4.2-use-NULL-instead-of-char0.patch @@ -0,0 +1,140 @@ +--- a/src/cmds/pbsnodes.c 2015-03-17 16:43:36.000000000 -0400 ++++ b/src/cmds/pbsnodes.c 2019-02-25 12:33:37.824638386 -0500 +@@ -693,7 +693,7 @@ + /* -N n is the same as -N "" -- it clears the note */ + + if (!strcmp(note, "n")) +- *note = '\0'; ++ *note = NULL; + + if (strlen(note) > MAX_NOTE) + { +@@ -821,7 +821,7 @@ + { + nodeargs = (char **)calloc(2, sizeof(char **)); + nodeargs[0] = strdup(""); +- nodeargs[1] = '\0'; ++ nodeargs[1] = NULL; + } + } + } +@@ -901,7 +901,7 @@ + + MXMLCreateE(&DE, "Data"); + +- for (lindex = 0;nodeargs[lindex] != '\0';lindex++) ++ for (lindex = 0;nodeargs[lindex] != NULL;lindex++) + { + bstatus = statnode(con, nodeargs[lindex]); + +@@ -922,7 +922,7 @@ + } + else + { +- for (lindex = 0;nodeargs[lindex] != '\0';lindex++) ++ for (lindex = 0;nodeargs[lindex] != NULL;lindex++) + { + bstatus = statnode(con, nodeargs[lindex]); + +@@ -946,7 +946,7 @@ + + /* list any node that is DOWN, OFFLINE, or UNKNOWN */ + +- for (lindex = 0;nodeargs[lindex] != '\0';lindex++) ++ for (lindex = 0;nodeargs[lindex] != NULL;lindex++) + { + bstatus = statnode(con, nodeargs[lindex]); + +--- a/src/cmds/qsub_functions.c 2015-03-17 16:43:36.000000000 -0400 ++++ b/src/cmds/qsub_functions.c 2019-02-25 12:32:00.442982091 -0500 +@@ -542,7 +542,7 @@ + static char tmpLine[65536]; + + /* we've reached the end */ +- if ((start == NULL) && (*tok_ptr == '\0')) ++ if ((start == NULL) && (*tok_ptr == NULL)) + return(0); + + if (start != NULL) +@@ -554,7 +554,7 @@ + return(0); + + if ((*curr_ptr == '=') || +- (*curr_ptr == '\0')) ++ (*curr_ptr == NULL)) + { + /* no name, fail */ + return(-1); +@@ -574,18 +574,18 @@ + + /* strip blanks */ + while ((*equals) && (isspace((int)*equals))) +- *equals++ = '\0'; ++ *equals++ = NULL; + + if (*equals != '=') + return (-1); /* should have found a = as first non blank */ + +- *equals++ = '\0'; ++ *equals++ = NULL; + + /* skip leading white space */ + while (isspace((int)*equals) && *equals) + equals++; + +- if (*equals == '\0') ++ if (*equals == NULL) + return(-1); + + *value = equals; +@@ -872,7 +872,7 @@ + else + { + char *tmp_host = pbs_default(); +- if (tmp_host == '\0') ++ if (tmp_host == NULL) + hash_add_or_exit(mm, job_attr, ATTR_pbs_o_server, qsub_host, LOGIC_DATA); + else + hash_add_or_exit(mm, job_attr, ATTR_pbs_o_server, tmp_host, LOGIC_DATA); +--- a/src/include/attribute.h 2015-03-17 16:43:36.000000000 -0400 ++++ b/src/include/attribute.h 2019-02-22 16:47:40.507695453 -0500 +@@ -445,7 +445,7 @@ + extern int parse_equal_string(char *, char **, char **); + extern char *parse_comma_string(char *,char **); + +-#define NULL_FUNC '\0' ++#define NULL_FUNC NULL + + /* other associated funtions */ + struct dynamic_string; +--- a/src/resmom/mom_main.c 2015-03-17 16:43:36.000000000 -0400 ++++ b/src/resmom/mom_main.c 2019-02-22 14:01:26.573890840 -0500 +@@ -4224,7 +4224,7 @@ + goto done; + } + +- name[i] = '\0'; ++ name[i] = NULL; + + for (d = ret_string, resline++;*resline;) + { +--- a/src/server/job_attr_def.c 2015-03-17 16:43:36.000000000 -0400 ++++ b/src/server/job_attr_def.c 2019-02-22 16:43:05.653007840 -0500 +@@ -1193,7 +1193,7 @@ + }, + + /* JOB_ATR_system_start_time */ +- {ATTR_system_start_time, /* start time as encoded in the proc/pid directory */ ++ { (char *)ATTR_system_start_time, /* start time as encoded in the proc/pid directory */ + decode_l, + encode_l, + set_l, +@@ -1205,7 +1205,7 @@ + PARENT_TYPE_JOB}, + + /* JOB_ATR_nppcu */ +- {ATTR_nppcu, /* how to handle compute units (on Cray system) */ ++ { (char *)ATTR_nppcu, /* how to handle compute units (on Cray system) */ + decode_l, + encode_l, + set_l, |