summaryrefslogtreecommitdiffstats
path: root/debian/patches/CVE-2023-38408-1.patch
blob: b70fd9fb40ee2087ddc179f719b71b8ac010c1da (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
From 8175e38eaf5636f45c3f27f4eadee1d583b70d35 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 13 Jul 2023 12:09:34 +1000
Subject: terminate pkcs11 process for bad libraries

Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=b23fe83f06ee7e721033769cfa03ae840476d280
Last-Update: 2023-09-17

Patch-Name: CVE-2023-38408-1.patch
---
 ssh-pkcs11.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index f495883d1..d864051c4 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1519,10 +1519,8 @@ pkcs11_register_provider(char *provider_id, char *pin,
 		error("dlopen %s failed: %s", provider_id, dlerror());
 		goto fail;
 	}
-	if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) {
-		error("dlsym(C_GetFunctionList) failed: %s", dlerror());
-		goto fail;
-	}
+	if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL)
+		fatal("dlsym(C_GetFunctionList) failed: %s", dlerror());
 	p = xcalloc(1, sizeof(*p));
 	p->name = xstrdup(provider_id);
 	p->handle = handle;