diff -up ntp-4.2.6p5/ntpd/ntp_control.c.cve-2016-9311 ntp-4.2.6p5/ntpd/ntp_control.c
--- ntp-4.2.6p5/ntpd/ntp_control.c.cve-2016-9311 2016-11-21 16:14:42.800048565 +0100
+++ ntp-4.2.6p5/ntpd/ntp_control.c 2016-11-21 16:18:24.484590147 +0100
@@ -3080,6 +3080,22 @@ report_event(
if (num_ctl_traps <= 0)
return;
+ /* [Bug 3119]
+ * Peer Events should be associated with a peer -- hence the
+ * name. But there are instances where this function is called
+ * *without* a valid peer. This happens e.g. with an unsolicited
+ * CryptoNAK, or when a leap second alarm is going off while
+ * currently without a system peer.
+ *
+ * The most sensible approach to this seems to bail out here if
+ * this happens. Avoiding to call this function would also
+ * bypass the log reporting in the first part of this function,
+ * and this is probably not the best of all options.
+ * -*-perlinger@ntp.org-*-
+ */
+ if ((err & PEER_EVENT) && !peer)
+ return;
+
/*
* Set up the outgoing packet variables
*/
@@ -3104,8 +3120,7 @@ report_event(
#endif /* OPENSSL */
ctl_putsys(i);
}
- } else {
- NTP_INSIST(peer != NULL);
+ } else if (NULL != peer) { /* paranoia -- skip output */
rpkt.associd = htons(peer->associd);
rpkt.status = htons(ctlpeerstatus(peer));
distrib
>
Mageia
>
5
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
cd0f440b578c03b7706d19492362a305
>
files
>
58
