From mboxrd@z Thu Jan 1 00:00:00 1970 From: Xen.org security team Subject: Xen Security Advisory 234 (CVE-2017-14319) - insufficient grant unmapping checks for x86 PV guests Date: Tue, 12 Sep 2017 12:03:36 +0000 Message-ID: Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary Return-path: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com Cc: "Xen.org security team" List-Id: xen-devel@lists.xenproject.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2017-14319 / XSA-234 version 3 insufficient grant unmapping checks for x86 PV guests UPDATES IN VERSION 3 ==================== Added metadata file Public release. ISSUE DESCRIPTION ================= When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were taken into account. IMPACT ====== A malicious or buggy x86 PV guest could escalate its privileges or crash the hypervisor. VULNERABLE SYSTEMS ================== All Xen versions are affected. Only x86 PV guests can leverage the vulnerability. x86 HVM guests as well as ARM guests cannot leverage the vulnerability. MITIGATION ========== Running only HVM guests will avoid this vulnerability. However, the vulnerability is exposed to PV stub qemu serving as the device model for HVM guests. Our default assumption is that an HVM guest has compromised its PV stub qemu. By extension, it is likely that the vulnerability is exposed to HVM guests which are served by a PV stub qemu. For PV guests, the vulnerability can be avoided if the guest kernel is controlled by the host rather than guest administrator, provided that further steps are taken to prevent the guest administrator from loading code into the kernel (e.g. by disabling loadable modules etc) or from using other mechanisms which allow them to run code at kernel privilege. CREDITS ======= This issue was discovered by Andrew Cooper of Citrix. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa234.patch xen-unstable xsa234-4.9.patch Xen 4.9.x xsa234-4.8.patch Xen 4.8.x, Xen 4.7.x xsa234-4.6.patch Xen 4.6.x xsa234-4.5.patch Xen 4.5.x $ sha256sum xsa234* efbcc7eac0f010281c5651d191076ac08cc7dd22a1945e88e92ba8a03ae8cc40 xsa234.meta 08ffa79e5c2a77db0b91b3bfcf9fa5c50f174fe842b7418e2e1549d47e0aec4d xsa234.patch 4b74f3c85a98bc6f40c6a448b068bf45e71f7cce887b7cb1481aca0e8746d990 xsa234-4.5.patch 3df4ce173196111c1ff849039ea4927c0b4bd632b08a501fb26f64e31b951fba xsa234-4.6.patch 169e4e0eaa6b27e58ff0f4ce50e8fcc3f81b1e0a10210decf22d1b4cac7501fb xsa234-4.8.patch 213f9d81a4ab785db67b9f579c9e88c9c8586c46b93f466a309060750df2df32 xsa234-4.9.patch $ DEPLOYMENT DURING EMBARGO ========================= Deployment of the patches and/or mitigations described above (or others which are substantially similar) is permitted during the embargo, even on public-facing systems with untrusted guest users and administrators. But: Distribution of updated software is prohibited (except to other members of the predisclosure list). Predisclosure list members who wish to deploy significantly different patches and/or mitigations, please contact the Xen Project Security Team. (Note: this during-embargo deployment notice is retained in post-embargo publicly released Xen Project advisories, even though it is then no longer applicable. This is to enable the community to have oversight of the Xen Project Security Team's decisionmaking.) For more information about permissible uses of embargoed information, consult the Xen Project community's agreed Security Policy: http://www.xenproject.org/security-policy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJZt80HAAoJEIP+FMlX6CvZBCsH/1ghPnUr7fpKSgd7huB5gtGC +QsoqJlmI8U+eWqmS8RlAZ0f5A2Umy7GyYDWqFbvJR2o60AMf7DI9d1QVHQYRSfD JFw+M4ohZ/gZoHykof929QYY15Fhrnt5PoMJ6ztt3ZsBXYkXTJfyvHwVjCD43Nvt fANPcYOpm8NneV9mAviVEjR3u08ultjcfq0Gdks22L5zWKzG38j/rbBtA75mx5eT v/eYXEqrSgXEfI2zJOP/j53D2CwMJnmbbsxgQTvAalSLq1zqNrXFSHEkfyqi+Aix QReMmubpNVbIv1ybtZsE1tRMgBY7VJBJEbT5/PrOUErb9XMoL0wtMwP+kHuVD2w= =qFgP -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa234.meta" Content-Disposition: attachment; filename="xsa234.meta" Content-Transfer-Encoding: base64 ewogICJYU0EiOiAyMzQsCiAgIlN1cHBvcnRlZFZlcnNpb25zIjogWwogICAg Im1hc3RlciIsCiAgICAiNC45IiwKICAgICI0LjgiLAogICAgIjQuNyIsCiAg ICAiNC42IiwKICAgICI0LjUiCiAgXSwKICAiVHJlZXMiOiBbCiAgICAieGVu IgogIF0sCiAgIlJlY2lwZXMiOiB7CiAgICAiNC41IjogewogICAgICAiWGVu VmVyc2lvbiI6ICI0LjUiLAogICAgICAiUmVjaXBlcyI6IHsKICAgICAgICAi eGVuIjogewogICAgICAgICAgIlN0YWJsZVJlZiI6ICIzMjE3MTI5ZWI2NWMw ZDQ5OTVlZDA4ZmI4OTE5ZTNjMzM0Y2FkNTQ4IiwKICAgICAgICAgICJQcmVy ZXFzIjogWwogICAgICAgICAgICAyMzEsCiAgICAgICAgICAgIDIzMiwKICAg ICAgICAgICAgMjMzCiAgICAgICAgICBdLAogICAgICAgICAgIlBhdGNoZXMi OiBbICJ4c2EyMzQtNC41LnBhdGNoIiBdCiAgICAgICAgfQogICAgICB9CiAg ICB9LAogICAgIjQuNiI6IHsKICAgICAgIlhlblZlcnNpb24iOiAiNC42IiwK ICAgICAgIlJlY2lwZXMiOiB7CiAgICAgICAgInhlbiI6IHsKICAgICAgICAg ICJTdGFibGVSZWYiOiAiYjQ2NjBiNGQ0YTM1ZWRhYzcxNWMwMDNjODQzMjZk ZTJiMGZhNGY0NyIsCiAgICAgICAgICAiUHJlcmVxcyI6IFsKICAgICAgICAg ICAgMjMxLAogICAgICAgICAgICAyMzIsCiAgICAgICAgICAgIDIzMwogICAg ICAgICAgXSwKICAgICAgICAgICJQYXRjaGVzIjogWyAieHNhMjM0LTQuNi5w YXRjaCIgXQogICAgICAgIH0KICAgICAgfQogICAgfSwKICAgICI0LjciOiB7 CiAgICAgICJYZW5WZXJzaW9uIjogIjQuNyIsCiAgICAgICJSZWNpcGVzIjog ewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3RhYmxlUmVmIjogIjUx NTEyNTc2MjYxNTVkNmUzMzFjYzllNjZkODk2Yzg0ZGIxNjExZTEiLAogICAg ICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAgIDIzMSwKICAgICAgICAg ICAgMjMyLAogICAgICAgICAgICAyMzMKICAgICAgICAgIF0sCiAgICAgICAg ICAiUGF0Y2hlcyI6IFsgInhzYTIzNC00LjgucGF0Y2giIF0KICAgICAgICB9 CiAgICAgIH0KICAgIH0sCiAgICAiNC44IjogewogICAgICAiWGVuVmVyc2lv biI6ICI0LjgiLAogICAgICAiUmVjaXBlcyI6IHsKICAgICAgICAieGVuIjog ewogICAgICAgICAgIlN0YWJsZVJlZiI6ICJmNTIxMWNlNzU4MjFlMGYyY2M1 NWVmZmQyOGRmYmU5MDgyMjY5NzBmIiwKICAgICAgICAgICJQcmVyZXFzIjog WwogICAgICAgICAgICAyMzEsCiAgICAgICAgICAgIDIzMiwKICAgICAgICAg ICAgMjMzCiAgICAgICAgICBdLAogICAgICAgICAgIlBhdGNoZXMiOiBbICJ4 c2EyMzQtNC44LnBhdGNoIiBdCiAgICAgICAgfQogICAgICB9CiAgICB9LAog ICAgIjQuOSI6IHsKICAgICAgIlhlblZlcnNpb24iOiAiNC45IiwKICAgICAg IlJlY2lwZXMiOiB7CiAgICAgICAgInhlbiI6IHsKICAgICAgICAgICJTdGFi bGVSZWYiOiAiOWJmMTRiYmY5OTA4NDNiZmVjMTZhNWQ2OWQzNmNmNDZjNzU5 M2Q4OCIsCiAgICAgICAgICAiUHJlcmVxcyI6IFsKICAgICAgICAgICAgMjMx LAogICAgICAgICAgICAyMzIsCiAgICAgICAgICAgIDIzMwogICAgICAgICAg XSwKICAgICAgICAgICJQYXRjaGVzIjogWyAieHNhMjM0LTQuOS5wYXRjaCIg XQogICAgICAgIH0KICAgICAgfQogICAgfSwKICAgICJtYXN0ZXIiOiB7CiAg ICAgICJYZW5WZXJzaW9uIjogIm1hc3RlciIsCiAgICAgICJSZWNpcGVzIjog ewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3RhYmxlUmVmIjogIjkw NTNhNzRjMDhmZDZhYmY0M2JiNDVmZjkzMmI0Mzg2ZGU3ZTg1MTAiLAogICAg ICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAgIDIzMSwKICAgICAgICAg ICAgMjMyLAogICAgICAgICAgICAyMzMKICAgICAgICAgIF0sCiAgICAgICAg ICAiUGF0Y2hlcyI6IFsgInhzYTIzNC5wYXRjaCIgXQogICAgICAgIH0KICAg ICAgfQogICAgfQogIH0KfQ== --=separator Content-Type: application/octet-stream; name="xsa234.patch" Content-Disposition: attachment; filename="xsa234.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiBnbnR0YWI6IGFsc28gdmFsaWRhdGUgUFRFIHBlcm1pc3Npb25zIHVwb24g ZGVzdHJveS9yZXBsYWNlCgpJbiBvcmRlciBmb3IgUFRFIGhhbmRsaW5nIHRv IG1hdGNoIHVwIHdpdGggdGhlIHJlZmVyZW5jZSBjb3VudGluZyBkb25lCmJ5 IGNvbW1vbiBjb2RlLCBwcmVzZW5jZSBhbmQgd3JpdGFiaWxpdHkgb2YgZ3Jh bnQgbWFwcGluZyBQVEVzIG11c3QKYWxzbyBiZSB0YWtlbiBpbnRvIGFjY291 bnQ7IHZhbGlkYXRpbmcganVzdCB0aGUgZnJhbWUgbnVtYmVyIGlzIG5vdApl bm91Z2guIFRoaXMgaXMgaW4gcGFydGljdWxhciByZWxldmFudCBpZiBhIGd1 ZXN0IGZpZGRsZXMgd2l0aCBncmFudApQVEVzIHZpYSBub24tZ3JhbnQgaHlw ZXJjYWxscy4KCk5vdGUgdGhhdCB0aGUgZmxhZ3MgYmVpbmcgcGFzc2VkIHRv IHJlcGxhY2VfZ3JhbnRfaG9zdF9tYXBwaW5nKCkKYWxyZWFkeSBoYXBwZW4g dG8gYmUgdGhvc2Ugb2YgdGhlIGV4aXN0aW5nIG1hcHBpbmcsIHNvIG5vIG5l dyBmdW5jdGlvbgpwYXJhbWV0ZXIgaXMgbmVlZGVkLgoKVGhpcyBpcyBYU0Et MjM0LgoKUmVwb3J0ZWQtYnk6IEFuZHJldyBDb29wZXIgPGFuZHJldy5jb29w ZXIzQGNpdHJpeC5jb20+ClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KUmV2aWV3ZWQtYnk6IEFuZHJldyBDb29wZXIg PGFuZHJldy5jb29wZXIzQGNpdHJpeC5jb20+Ci0tLQp2NTogSW52ZXJ0IHRo ZSBtYXNrIHVzZWQgZm9yIHRoZSAiUFRFIGZsYWdzIGRvbid0IG1hdGNoIiBj aGVja3MuCnY0OiBTbGlnaHRseSByZWxheCB0aGUgIlBURSBmbGFncyBkb24n dCBtYXRjaCIgY2hlY2tzIHRvIGNvcGUgd2l0aAogICAgcmVwbGFjZSBoYW5k bGluZyBhbHNvIGhvbm9yaW5nIF9QQUdFX0FWQUlMIGFuZCBQQUdFX0NBQ0hF X0FUVFJTCiAgICBldmVudHVhbGx5Lgp2MzogUmV2ZXJ0IHRvIHYxLgoKLS0t IGEveGVuL2FyY2gveDg2L21tLmMKKysrIGIveGVuL2FyY2gveDg2L21tLmMK QEAgLTM4NTUsNyArMzg1NSw4IEBAIHN0YXRpYyBpbnQgY3JlYXRlX2dyYW50 X3B0ZV9tYXBwaW5nKAogfQogCiBzdGF0aWMgaW50IGRlc3Ryb3lfZ3JhbnRf cHRlX21hcHBpbmcoCi0gICAgdWludDY0X3QgYWRkciwgdW5zaWduZWQgbG9u ZyBmcmFtZSwgc3RydWN0IGRvbWFpbiAqZCkKKyAgICB1aW50NjRfdCBhZGRy LCB1bnNpZ25lZCBsb25nIGZyYW1lLCB1bnNpZ25lZCBpbnQgZ3JhbnRfcHRl X2ZsYWdzLAorICAgIHN0cnVjdCBkb21haW4gKmQpCiB7CiAgICAgaW50IHJj ID0gR05UU1Rfb2theTsKICAgICB2b2lkICp2YTsKQEAgLTM5MDEsMTcgKzM5 MDIsMjkgQEAgc3RhdGljIGludCBkZXN0cm95X2dyYW50X3B0ZV9tYXBwaW5n KAogCiAgICAgb2wxZSA9ICoobDFfcGdlbnRyeV90ICopdmE7CiAKLSAgICAv KiBDaGVjayB0aGF0IHRoZSB2aXJ0dWFsIGFkZHJlc3Mgc3VwcGxpZWQgaXMg YWN0dWFsbHkgbWFwcGVkIHRvIGZyYW1lLiAqLwotICAgIGlmICggdW5saWtl bHkobDFlX2dldF9wZm4ob2wxZSkgIT0gZnJhbWUpICkKKyAgICAvKgorICAg ICAqIENoZWNrIHRoYXQgdGhlIFBURSBzdXBwbGllZCBhY3R1YWxseSBtYXBz IGZyYW1lICh3aXRoIGFwcHJvcHJpYXRlCisgICAgICogcGVybWlzc2lvbnMp LgorICAgICAqLworICAgIGlmICggdW5saWtlbHkobDFlX2dldF9wZm4ob2wx ZSkgIT0gZnJhbWUpIHx8CisgICAgICAgICB1bmxpa2VseSgobDFlX2dldF9m bGFncyhvbDFlKSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAgICAgICAgICAg ICAgICAgKF9QQUdFX1BSRVNFTlQgfCBfUEFHRV9SVykpICkKICAgICB7CiAg ICAgICAgIHBhZ2VfdW5sb2NrKHBhZ2UpOwotICAgICAgICBnZHByaW50ayhY RU5MT0dfV0FSTklORywKLSAgICAgICAgICAgICAgICAgIlBURSBlbnRyeSAl IlBSSXB0ZSIgZm9yIGFkZHJlc3MgJSJQUkl4NjQiIGRvZXNuJ3QgbWF0Y2gg ZnJhbWUgJWx4XG4iLAotICAgICAgICAgICAgICAgICBsMWVfZ2V0X2ludHB0 ZShvbDFlKSwgYWRkciwgZnJhbWUpOworICAgICAgICBnZHByaW50ayhYRU5M T0dfRVJSLAorICAgICAgICAgICAgICAgICAiUFRFICUiUFJJcHRlIiBhdCAl IlBSSXg2NCIgZG9lc24ndCBtYXRjaCBncmFudCAoJSJQUklwdGUiKVxuIiwK KyAgICAgICAgICAgICAgICAgbDFlX2dldF9pbnRwdGUob2wxZSksIGFkZHIs CisgICAgICAgICAgICAgICAgIGwxZV9nZXRfaW50cHRlKGwxZV9mcm9tX3Bm bihmcmFtZSwgZ3JhbnRfcHRlX2ZsYWdzKSkpOwogICAgICAgICByYyA9IEdO VFNUX2dlbmVyYWxfZXJyb3I7CiAgICAgICAgIGdvdG8gZmFpbGVkOwogICAg IH0KIAorICAgIGlmICggdW5saWtlbHkoKGwxZV9nZXRfZmxhZ3Mob2wxZSkg XiBncmFudF9wdGVfZmxhZ3MpICYKKyAgICAgICAgICAgICAgICAgIH4oX1BB R0VfQVZBSUwgfCBQQUdFX0NBQ0hFX0FUVFJTKSkgKQorICAgICAgICBnZHBy aW50ayhYRU5MT0dfV0FSTklORywKKyAgICAgICAgICAgICAgICAgIlBURSBm bGFncyAleCBhdCAlIlBSSXg2NCIgZG9uJ3QgbWF0Y2ggZ3JhbnQgKCV4KVxu IiwKKyAgICAgICAgICAgICAgICAgbDFlX2dldF9mbGFncyhvbDFlKSwgYWRk ciwgZ3JhbnRfcHRlX2ZsYWdzKTsKKwogICAgIC8qIERlbGV0ZSBwYWdldGFi bGUgZW50cnkuICovCiAgICAgaWYgKCB1bmxpa2VseSghVVBEQVRFX0VOVFJZ KGwxLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAobDFfcGdl bnRyeV90ICopdmEsIG9sMWUsIGwxZV9lbXB0eSgpLCBtZm4sCkBAIC0zOTE5 LDcgKzM5MzIsOCBAQCBzdGF0aWMgaW50IGRlc3Ryb3lfZ3JhbnRfcHRlX21h cHBpbmcoCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDApKSAp CiAgICAgewogICAgICAgICBwYWdlX3VubG9jayhwYWdlKTsKLSAgICAgICAg Z2RwcmludGsoWEVOTE9HX1dBUk5JTkcsICJDYW5ub3QgZGVsZXRlIFBURSBl bnRyeSBhdCAlcFxuIiwgdmEpOworICAgICAgICBnZHByaW50ayhYRU5MT0df V0FSTklORywgIkNhbm5vdCBkZWxldGUgUFRFIGVudHJ5IGF0ICUiUFJJeDY0 IlxuIiwKKyAgICAgICAgICAgICAgICAgYWRkcik7CiAgICAgICAgIHJjID0g R05UU1RfZ2VuZXJhbF9lcnJvcjsKICAgICAgICAgZ290byBmYWlsZWQ7CiAg ICAgfQpAQCAtMzk4Nyw3ICs0MDAxLDggQEAgc3RhdGljIGludCBjcmVhdGVf Z3JhbnRfdmFfbWFwcGluZygKIH0KIAogc3RhdGljIGludCByZXBsYWNlX2dy YW50X3ZhX21hcHBpbmcoCi0gICAgdW5zaWduZWQgbG9uZyBhZGRyLCB1bnNp Z25lZCBsb25nIGZyYW1lLCBsMV9wZ2VudHJ5X3QgbmwxZSwgc3RydWN0IHZj cHUgKnYpCisgICAgdW5zaWduZWQgbG9uZyBhZGRyLCB1bnNpZ25lZCBsb25n IGZyYW1lLCB1bnNpZ25lZCBpbnQgZ3JhbnRfcHRlX2ZsYWdzLAorICAgIGwx X3BnZW50cnlfdCBubDFlLCBzdHJ1Y3QgdmNwdSAqdikKIHsKICAgICBsMV9w Z2VudHJ5X3QgKnBsMWUsIG9sMWU7CiAgICAgdW5zaWduZWQgbG9uZyBnbDFt Zm47CkBAIC00MDIzLDIwICs0MDM4LDMzIEBAIHN0YXRpYyBpbnQgcmVwbGFj ZV9ncmFudF92YV9tYXBwaW5nKAogCiAgICAgb2wxZSA9ICpwbDFlOwogCi0g ICAgLyogQ2hlY2sgdGhhdCB0aGUgdmlydHVhbCBhZGRyZXNzIHN1cHBsaWVk IGlzIGFjdHVhbGx5IG1hcHBlZCB0byBmcmFtZS4gKi8KLSAgICBpZiAoIHVu bGlrZWx5KGwxZV9nZXRfcGZuKG9sMWUpICE9IGZyYW1lKSApCi0gICAgewot ICAgICAgICBnZHByaW50ayhYRU5MT0dfV0FSTklORywKLSAgICAgICAgICAg ICAgICAgIlBURSBlbnRyeSAlbHggZm9yIGFkZHJlc3MgJWx4IGRvZXNuJ3Qg bWF0Y2ggZnJhbWUgJWx4XG4iLAotICAgICAgICAgICAgICAgICBsMWVfZ2V0 X3BmbihvbDFlKSwgYWRkciwgZnJhbWUpOworICAgIC8qCisgICAgICogQ2hl Y2sgdGhhdCB0aGUgdmlydHVhbCBhZGRyZXNzIHN1cHBsaWVkIGlzIGFjdHVh bGx5IG1hcHBlZCB0byBmcmFtZQorICAgICAqICh3aXRoIGFwcHJvcHJpYXRl IHBlcm1pc3Npb25zKS4KKyAgICAgKi8KKyAgICBpZiAoIHVubGlrZWx5KGwx ZV9nZXRfcGZuKG9sMWUpICE9IGZyYW1lKSB8fAorICAgICAgICAgdW5saWtl bHkoKGwxZV9nZXRfZmxhZ3Mob2wxZSkgXiBncmFudF9wdGVfZmxhZ3MpICYK KyAgICAgICAgICAgICAgICAgIChfUEFHRV9QUkVTRU5UIHwgX1BBR0VfUlcp KSApCisgICAgeworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAorICAg ICAgICAgICAgICAgICAiUFRFICUiUFJJcHRlIiBmb3IgJWx4IGRvZXNuJ3Qg bWF0Y2ggZ3JhbnQgKCUiUFJJcHRlIilcbiIsCisgICAgICAgICAgICAgICAg IGwxZV9nZXRfaW50cHRlKG9sMWUpLCBhZGRyLAorICAgICAgICAgICAgICAg ICBsMWVfZ2V0X2ludHB0ZShsMWVfZnJvbV9wZm4oZnJhbWUsIGdyYW50X3B0 ZV9mbGFncykpKTsKICAgICAgICAgcmMgPSBHTlRTVF9nZW5lcmFsX2Vycm9y OwogICAgICAgICBnb3RvIHVubG9ja19hbmRfb3V0OwogICAgIH0KIAorICAg IGlmICggdW5saWtlbHkoKGwxZV9nZXRfZmxhZ3Mob2wxZSkgXiBncmFudF9w dGVfZmxhZ3MpICYKKyAgICAgICAgICAgICAgICAgIH4oX1BBR0VfQVZBSUwg fCBQQUdFX0NBQ0hFX0FUVFJTKSkgKQorICAgICAgICBnZHByaW50ayhYRU5M T0dfV0FSTklORywKKyAgICAgICAgICAgICAgICAgIlBURSBmbGFncyAleCBm b3IgJSJQUkl4NjQiIGRvbid0IG1hdGNoIGdyYW50ICgleClcbiIsCisgICAg ICAgICAgICAgICAgIGwxZV9nZXRfZmxhZ3Mob2wxZSksIGFkZHIsIGdyYW50 X3B0ZV9mbGFncyk7CisKICAgICAvKiBEZWxldGUgcGFnZXRhYmxlIGVudHJ5 LiAqLwogICAgIGlmICggdW5saWtlbHkoIVVQREFURV9FTlRSWShsMSwgcGwx ZSwgb2wxZSwgbmwxZSwgZ2wxbWZuLCB2LCAwKSkgKQogICAgIHsKLSAgICAg ICAgZ2RwcmludGsoWEVOTE9HX1dBUk5JTkcsICJDYW5ub3QgZGVsZXRlIFBU RSBlbnRyeSBhdCAlcFxuIiwgcGwxZSk7CisgICAgICAgIGdkcHJpbnRrKFhF TkxPR19XQVJOSU5HLCAiQ2Fubm90IGRlbGV0ZSBQVEUgZW50cnkgZm9yICUi UFJJeDY0IlxuIiwKKyAgICAgICAgICAgICAgICAgYWRkcik7CiAgICAgICAg IHJjID0gR05UU1RfZ2VuZXJhbF9lcnJvcjsKICAgICAgICAgZ290byB1bmxv Y2tfYW5kX291dDsKICAgICB9CkBAIC00MDUwLDkgKzQwNzgsMTEgQEAgc3Rh dGljIGludCByZXBsYWNlX2dyYW50X3ZhX21hcHBpbmcoCiB9CiAKIHN0YXRp YyBpbnQgZGVzdHJveV9ncmFudF92YV9tYXBwaW5nKAotICAgIHVuc2lnbmVk IGxvbmcgYWRkciwgdW5zaWduZWQgbG9uZyBmcmFtZSwgc3RydWN0IHZjcHUg KnYpCisgICAgdW5zaWduZWQgbG9uZyBhZGRyLCB1bnNpZ25lZCBsb25nIGZy YW1lLCB1bnNpZ25lZCBpbnQgZ3JhbnRfcHRlX2ZsYWdzLAorICAgIHN0cnVj dCB2Y3B1ICp2KQogewotICAgIHJldHVybiByZXBsYWNlX2dyYW50X3ZhX21h cHBpbmcoYWRkciwgZnJhbWUsIGwxZV9lbXB0eSgpLCB2KTsKKyAgICByZXR1 cm4gcmVwbGFjZV9ncmFudF92YV9tYXBwaW5nKGFkZHIsIGZyYW1lLCBncmFu dF9wdGVfZmxhZ3MsCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICBsMWVfZW1wdHkoKSwgdik7CiB9CiAKIGludCBjcmVhdGVfZ3JhbnRf cHZfbWFwcGluZyh1aW50NjRfdCBhZGRyLCB1bnNpZ25lZCBsb25nIGZyYW1l LApAQCAtNDA5MSwxNyArNDEyMSwzNiBAQCBpbnQgcmVwbGFjZV9ncmFudF9w dl9tYXBwaW5nKAogICAgIHVuc2lnbmVkIGxvbmcgZ2wxbWZuOwogICAgIHN0 cnVjdCBwYWdlX2luZm8gKmwxcGc7CiAgICAgaW50IHJjOworICAgIHVuc2ln bmVkIGludCBncmFudF9wdGVfZmxhZ3M7CiAKKyAgICBncmFudF9wdGVfZmxh Z3MgPQorICAgICAgICBfUEFHRV9QUkVTRU5UIHwgX1BBR0VfQUNDRVNTRUQg fCBfUEFHRV9ESVJUWSB8IF9QQUdFX0dOVFRBQiB8IF9QQUdFX05YOworCisg ICAgaWYgKCBmbGFncyAmIEdOVE1BUF9hcHBsaWNhdGlvbl9tYXAgKQorICAg ICAgICBncmFudF9wdGVfZmxhZ3MgfD0gX1BBR0VfVVNFUjsKKyAgICBpZiAo ICEoZmxhZ3MgJiBHTlRNQVBfcmVhZG9ubHkpICkKKyAgICAgICAgZ3JhbnRf cHRlX2ZsYWdzIHw9IF9QQUdFX1JXOworICAgIC8qCisgICAgICogT24gdG9w IG9mIHRoZSBleHBsaWNpdCBzZXR0aW5ncyBkb25lIGJ5IGNyZWF0ZV9ncmFu dF9ob3N0X21hcHBpbmcoKQorICAgICAqIGFsc28gb3Blbi1jb2RlIHJlbGV2 YW50IHBhcnRzIG9mIGFkanVzdF9ndWVzdF9sMWUoKS4gRG9uJ3QgbWlycm9y CisgICAgICogYXZhaWxhYmxlIGFuZCBjYWNoYWJpbGl0eSBmbGFncywgdGhv dWdoLgorICAgICAqLworICAgIGlmICggIWlzX3B2XzMyYml0X2RvbWFpbihj dXJyLT5kb21haW4pICkKKyAgICAgICAgZ3JhbnRfcHRlX2ZsYWdzIHw9IChn cmFudF9wdGVfZmxhZ3MgJiBfUEFHRV9VU0VSKQorICAgICAgICAgICAgICAg ICAgICAgICAgICAgPyBfUEFHRV9HTE9CQUwKKyAgICAgICAgICAgICAgICAg ICAgICAgICAgIDogX1BBR0VfR1VFU1RfS0VSTkVMIHwgX1BBR0VfVVNFUjsK KwogICAgIGlmICggZmxhZ3MgJiBHTlRNQVBfY29udGFpbnNfcHRlICkKICAg ICB7CiAgICAgICAgIGlmICggIW5ld19hZGRyICkKLSAgICAgICAgICAgIHJl dHVybiBkZXN0cm95X2dyYW50X3B0ZV9tYXBwaW5nKGFkZHIsIGZyYW1lLCBj dXJyLT5kb21haW4pOworICAgICAgICAgICAgcmV0dXJuIGRlc3Ryb3lfZ3Jh bnRfcHRlX21hcHBpbmcoYWRkciwgZnJhbWUsIGdyYW50X3B0ZV9mbGFncywK KyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IGN1cnItPmRvbWFpbik7CiAKICAgICAgICAgcmV0dXJuIEdOVFNUX2dlbmVy YWxfZXJyb3I7CiAgICAgfQogCiAgICAgaWYgKCAhbmV3X2FkZHIgKQotICAg ICAgICByZXR1cm4gZGVzdHJveV9ncmFudF92YV9tYXBwaW5nKGFkZHIsIGZy YW1lLCBjdXJyKTsKKyAgICAgICAgcmV0dXJuIGRlc3Ryb3lfZ3JhbnRfdmFf bWFwcGluZyhhZGRyLCBmcmFtZSwgZ3JhbnRfcHRlX2ZsYWdzLCBjdXJyKTsK IAogICAgIHBsMWUgPSBndWVzdF9tYXBfbDFlKG5ld19hZGRyLCAmZ2wxbWZu KTsKICAgICBpZiAoICFwbDFlICkKQEAgLTQxNDksNyArNDE5OCw3IEBAIGlu dCByZXBsYWNlX2dyYW50X2hvc3RfbWFwcGluZygKICAgICBwdXRfcGFnZShs MXBnKTsKICAgICBndWVzdF91bm1hcF9sMWUocGwxZSk7CiAKLSAgICByYyA9 IHJlcGxhY2VfZ3JhbnRfdmFfbWFwcGluZyhhZGRyLCBmcmFtZSwgb2wxZSwg Y3Vycik7CisgICAgcmMgPSByZXBsYWNlX2dyYW50X3ZhX21hcHBpbmcoYWRk ciwgZnJhbWUsIGdyYW50X3B0ZV9mbGFncywgb2wxZSwgY3Vycik7CiAgICAg aWYgKCByYyApCiAgICAgICAgIHB1dF9wYWdlX2Zyb21fbDFlKG9sMWUsIGN1 cnItPmRvbWFpbik7CiAK --=separator Content-Type: application/octet-stream; name="xsa234-4.5.patch" Content-Disposition: attachment; filename="xsa234-4.5.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiBnbnR0YWI6IGFsc28gdmFsaWRhdGUgUFRFIHBlcm1pc3Npb25zIHVwb24g ZGVzdHJveS9yZXBsYWNlCgpJbiBvcmRlciBmb3IgUFRFIGhhbmRsaW5nIHRv IG1hdGNoIHVwIHdpdGggdGhlIHJlZmVyZW5jZSBjb3VudGluZyBkb25lCmJ5 IGNvbW1vbiBjb2RlLCBwcmVzZW5jZSBhbmQgd3JpdGFiaWxpdHkgb2YgZ3Jh bnQgbWFwcGluZyBQVEVzIG11c3QKYWxzbyBiZSB0YWtlbiBpbnRvIGFjY291 bnQ7IHZhbGlkYXRpbmcganVzdCB0aGUgZnJhbWUgbnVtYmVyIGlzIG5vdApl bm91Z2guIFRoaXMgaXMgaW4gcGFydGljdWxhciByZWxldmFudCBpZiBhIGd1 ZXN0IGZpZGRsZXMgd2l0aCBncmFudApQVEVzIHZpYSBub24tZ3JhbnQgaHlw ZXJjYWxscy4KCk5vdGUgdGhhdCB0aGUgZmxhZ3MgYmVpbmcgcGFzc2VkIHRv IHJlcGxhY2VfZ3JhbnRfaG9zdF9tYXBwaW5nKCkKYWxyZWFkeSBoYXBwZW4g dG8gYmUgdGhvc2Ugb2YgdGhlIGV4aXN0aW5nIG1hcHBpbmcsIHNvIG5vIG5l dyBmdW5jdGlvbgpwYXJhbWV0ZXIgaXMgbmVlZGVkLgoKVGhpcyBpcyBYU0Et MjM0LgoKUmVwb3J0ZWQtYnk6IEFuZHJldyBDb29wZXIgPGFuZHJldy5jb29w ZXIzQGNpdHJpeC5jb20+ClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KUmV2aWV3ZWQtYnk6IEFuZHJldyBDb29wZXIg PGFuZHJldy5jb29wZXIzQGNpdHJpeC5jb20+CgotLS0gYS94ZW4vYXJjaC94 ODYvbW0uYworKysgYi94ZW4vYXJjaC94ODYvbW0uYwpAQCAtMzgzMyw3ICsz ODMzLDggQEAgc3RhdGljIGludCBjcmVhdGVfZ3JhbnRfcHRlX21hcHBpbmco CiB9CiAKIHN0YXRpYyBpbnQgZGVzdHJveV9ncmFudF9wdGVfbWFwcGluZygK LSAgICB1aW50NjRfdCBhZGRyLCB1bnNpZ25lZCBsb25nIGZyYW1lLCBzdHJ1 Y3QgZG9tYWluICpkKQorICAgIHVpbnQ2NF90IGFkZHIsIHVuc2lnbmVkIGxv bmcgZnJhbWUsIHVuc2lnbmVkIGludCBncmFudF9wdGVfZmxhZ3MsCisgICAg c3RydWN0IGRvbWFpbiAqZCkKIHsKICAgICBpbnQgcmMgPSBHTlRTVF9va2F5 OwogICAgIHZvaWQgKnZhOwpAQCAtMzg3OSwxNiArMzg4MCwyNyBAQCBzdGF0 aWMgaW50IGRlc3Ryb3lfZ3JhbnRfcHRlX21hcHBpbmcoCiAKICAgICBvbDFl ID0gKihsMV9wZ2VudHJ5X3QgKil2YTsKICAgICAKLSAgICAvKiBDaGVjayB0 aGF0IHRoZSB2aXJ0dWFsIGFkZHJlc3Mgc3VwcGxpZWQgaXMgYWN0dWFsbHkg bWFwcGVkIHRvIGZyYW1lLiAqLwotICAgIGlmICggdW5saWtlbHkobDFlX2dl dF9wZm4ob2wxZSkgIT0gZnJhbWUpICkKKyAgICAvKgorICAgICAqIENoZWNr IHRoYXQgdGhlIFBURSBzdXBwbGllZCBhY3R1YWxseSBtYXBzIGZyYW1lICh3 aXRoIGFwcHJvcHJpYXRlCisgICAgICogcGVybWlzc2lvbnMpLgorICAgICAq LworICAgIGlmICggdW5saWtlbHkobDFlX2dldF9wZm4ob2wxZSkgIT0gZnJh bWUpIHx8CisgICAgICAgICB1bmxpa2VseSgobDFlX2dldF9mbGFncyhvbDFl KSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAgICAgICAgICAgICAgICAgKF9Q QUdFX1BSRVNFTlQgfCBfUEFHRV9SVykpICkKICAgICB7CiAgICAgICAgIHBh Z2VfdW5sb2NrKHBhZ2UpOwotICAgICAgICBNRU1fTE9HKCJQVEUgZW50cnkg JWx4IGZvciBhZGRyZXNzICUiUFJJeDY0IiBkb2Vzbid0IG1hdGNoIGZyYW1l ICVseCIsCi0gICAgICAgICAgICAgICAgKHVuc2lnbmVkIGxvbmcpbDFlX2dl dF9pbnRwdGUob2wxZSksIGFkZHIsIGZyYW1lKTsKKyAgICAgICAgTUVNX0xP RygiUFRFICUiUFJJcHRlIiBhdCAlIlBSSXg2NCIgZG9lc24ndCBtYXRjaCBn cmFudCAoJSJQUklwdGUiKSIsCisgICAgICAgICAgICAgICAgbDFlX2dldF9p bnRwdGUob2wxZSksIGFkZHIsCisgICAgICAgICAgICAgICAgbDFlX2dldF9p bnRwdGUobDFlX2Zyb21fcGZuKGZyYW1lLCBncmFudF9wdGVfZmxhZ3MpKSk7 CiAgICAgICAgIHJjID0gR05UU1RfZ2VuZXJhbF9lcnJvcjsKICAgICAgICAg Z290byBmYWlsZWQ7CiAgICAgfQogCisgICAgaWYgKCB1bmxpa2VseSgobDFl X2dldF9mbGFncyhvbDFlKSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAgICAg ICAgICAgICAgICAgfihfUEFHRV9BVkFJTCB8IFBBR0VfQ0FDSEVfQVRUUlMp KSApCisgICAgICAgIE1FTV9MT0coIlBURSBmbGFncyAleCBhdCAlIlBSSXg2 NCIgZG9uJ3QgbWF0Y2ggZ3JhbnQgKCV4KVxuIiwKKyAgICAgICAgICAgICAg ICBsMWVfZ2V0X2ZsYWdzKG9sMWUpLCBhZGRyLCBncmFudF9wdGVfZmxhZ3Mp OworCiAgICAgLyogRGVsZXRlIHBhZ2V0YWJsZSBlbnRyeS4gKi8KICAgICBp ZiAoIHVubGlrZWx5KCFVUERBVEVfRU5UUlkKICAgICAgICAgICAgICAgICAg IChsMSwgCkBAIC0zODk3LDcgKzM5MDksNyBAQCBzdGF0aWMgaW50IGRlc3Ry b3lfZ3JhbnRfcHRlX21hcHBpbmcoCiAgICAgICAgICAgICAgICAgICAgMCkp ICkKICAgICB7CiAgICAgICAgIHBhZ2VfdW5sb2NrKHBhZ2UpOwotICAgICAg ICBNRU1fTE9HKCJDYW5ub3QgZGVsZXRlIFBURSBlbnRyeSBhdCAlcCIsIHZh KTsKKyAgICAgICAgTUVNX0xPRygiQ2Fubm90IGRlbGV0ZSBQVEUgZW50cnkg YXQgJSJQUkl4NjQsIGFkZHIpOwogICAgICAgICByYyA9IEdOVFNUX2dlbmVy YWxfZXJyb3I7CiAgICAgICAgIGdvdG8gZmFpbGVkOwogICAgIH0KQEAgLTM5 NjUsNyArMzk3Nyw4IEBAIHN0YXRpYyBpbnQgY3JlYXRlX2dyYW50X3ZhX21h cHBpbmcoCiB9CiAKIHN0YXRpYyBpbnQgcmVwbGFjZV9ncmFudF92YV9tYXBw aW5nKAotICAgIHVuc2lnbmVkIGxvbmcgYWRkciwgdW5zaWduZWQgbG9uZyBm cmFtZSwgbDFfcGdlbnRyeV90IG5sMWUsIHN0cnVjdCB2Y3B1ICp2KQorICAg IHVuc2lnbmVkIGxvbmcgYWRkciwgdW5zaWduZWQgbG9uZyBmcmFtZSwgdW5z aWduZWQgaW50IGdyYW50X3B0ZV9mbGFncywKKyAgICBsMV9wZ2VudHJ5X3Qg bmwxZSwgc3RydWN0IHZjcHUgKnYpCiB7CiAgICAgbDFfcGdlbnRyeV90ICpw bDFlLCBvbDFlOwogICAgIHVuc2lnbmVkIGxvbmcgZ2wxbWZuOwpAQCAtNDAw MSwxOSArNDAxNCwzMCBAQCBzdGF0aWMgaW50IHJlcGxhY2VfZ3JhbnRfdmFf bWFwcGluZygKIAogICAgIG9sMWUgPSAqcGwxZTsKIAotICAgIC8qIENoZWNr IHRoYXQgdGhlIHZpcnR1YWwgYWRkcmVzcyBzdXBwbGllZCBpcyBhY3R1YWxs eSBtYXBwZWQgdG8gZnJhbWUuICovCi0gICAgaWYgKCB1bmxpa2VseShsMWVf Z2V0X3BmbihvbDFlKSAhPSBmcmFtZSkgKQotICAgIHsKLSAgICAgICAgTUVN X0xPRygiUFRFIGVudHJ5ICVseCBmb3IgYWRkcmVzcyAlbHggZG9lc24ndCBt YXRjaCBmcmFtZSAlbHgiLAotICAgICAgICAgICAgICAgIGwxZV9nZXRfcGZu KG9sMWUpLCBhZGRyLCBmcmFtZSk7CisgICAgLyoKKyAgICAgKiBDaGVjayB0 aGF0IHRoZSB2aXJ0dWFsIGFkZHJlc3Mgc3VwcGxpZWQgaXMgYWN0dWFsbHkg bWFwcGVkIHRvIGZyYW1lCisgICAgICogKHdpdGggYXBwcm9wcmlhdGUgcGVy bWlzc2lvbnMpLgorICAgICAqLworICAgIGlmICggdW5saWtlbHkobDFlX2dl dF9wZm4ob2wxZSkgIT0gZnJhbWUpIHx8CisgICAgICAgICB1bmxpa2VseSgo bDFlX2dldF9mbGFncyhvbDFlKSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAg ICAgICAgICAgICAgICAgKF9QQUdFX1BSRVNFTlQgfCBfUEFHRV9SVykpICkK KyAgICB7CisgICAgICAgIE1FTV9MT0coIlBURSAlIlBSSXB0ZSIgZm9yICVs eCBkb2Vzbid0IG1hdGNoIGdyYW50ICglIlBSSXB0ZSIpIiwKKyAgICAgICAg ICAgICAgICBsMWVfZ2V0X2ludHB0ZShvbDFlKSwgYWRkciwKKyAgICAgICAg ICAgICAgICBsMWVfZ2V0X2ludHB0ZShsMWVfZnJvbV9wZm4oZnJhbWUsIGdy YW50X3B0ZV9mbGFncykpKTsKICAgICAgICAgcmMgPSBHTlRTVF9nZW5lcmFs X2Vycm9yOwogICAgICAgICBnb3RvIHVubG9ja19hbmRfb3V0OwogICAgIH0K IAorICAgIGlmICggdW5saWtlbHkoKGwxZV9nZXRfZmxhZ3Mob2wxZSkgXiBn cmFudF9wdGVfZmxhZ3MpICYKKyAgICAgICAgICAgICAgICAgIH4oX1BBR0Vf QVZBSUwgfCBQQUdFX0NBQ0hFX0FUVFJTKSkgKQorICAgICAgICBNRU1fTE9H KCJQVEUgZmxhZ3MgJXggZm9yICUiUFJJeDY0IiBkb24ndCBtYXRjaCBncmFu dCAoJXgpIiwKKyAgICAgICAgICAgICAgICBsMWVfZ2V0X2ZsYWdzKG9sMWUp LCBhZGRyLCBncmFudF9wdGVfZmxhZ3MpOworCiAgICAgLyogRGVsZXRlIHBh Z2V0YWJsZSBlbnRyeS4gKi8KICAgICBpZiAoIHVubGlrZWx5KCFVUERBVEVf RU5UUlkobDEsIHBsMWUsIG9sMWUsIG5sMWUsIGdsMW1mbiwgdiwgMCkpICkK ICAgICB7Ci0gICAgICAgIE1FTV9MT0coIkNhbm5vdCBkZWxldGUgUFRFIGVu dHJ5IGF0ICVwIiwgKHVuc2lnbmVkIGxvbmcgKilwbDFlKTsKKyAgICAgICAg TUVNX0xPRygiQ2Fubm90IGRlbGV0ZSBQVEUgZW50cnkgZm9yICUiUFJJeDY0 LCBhZGRyKTsKICAgICAgICAgcmMgPSBHTlRTVF9nZW5lcmFsX2Vycm9yOwog ICAgICAgICBnb3RvIHVubG9ja19hbmRfb3V0OwogICAgIH0KQEAgLTQwMjcs OSArNDA1MSwxMSBAQCBzdGF0aWMgaW50IHJlcGxhY2VfZ3JhbnRfdmFfbWFw cGluZygKIH0KIAogc3RhdGljIGludCBkZXN0cm95X2dyYW50X3ZhX21hcHBp bmcoCi0gICAgdW5zaWduZWQgbG9uZyBhZGRyLCB1bnNpZ25lZCBsb25nIGZy YW1lLCBzdHJ1Y3QgdmNwdSAqdikKKyAgICB1bnNpZ25lZCBsb25nIGFkZHIs IHVuc2lnbmVkIGxvbmcgZnJhbWUsIHVuc2lnbmVkIGludCBncmFudF9wdGVf ZmxhZ3MsCisgICAgc3RydWN0IHZjcHUgKnYpCiB7Ci0gICAgcmV0dXJuIHJl cGxhY2VfZ3JhbnRfdmFfbWFwcGluZyhhZGRyLCBmcmFtZSwgbDFlX2VtcHR5 KCksIHYpOworICAgIHJldHVybiByZXBsYWNlX2dyYW50X3ZhX21hcHBpbmco YWRkciwgZnJhbWUsIGdyYW50X3B0ZV9mbGFncywKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGwxZV9lbXB0eSgpLCB2KTsKIH0KIAog c3RhdGljIGludCBjcmVhdGVfZ3JhbnRfcDJtX21hcHBpbmcodWludDY0X3Qg YWRkciwgdW5zaWduZWQgbG9uZyBmcmFtZSwKQEAgLTQxMjMsMjEgKzQxNDks NDIgQEAgaW50IHJlcGxhY2VfZ3JhbnRfaG9zdF9tYXBwaW5nKAogICAgIHVu c2lnbmVkIGxvbmcgZ2wxbWZuOwogICAgIHN0cnVjdCBwYWdlX2luZm8gKmwx cGc7CiAgICAgaW50IHJjOworICAgIHVuc2lnbmVkIGludCBncmFudF9wdGVf ZmxhZ3M7CiAgICAgCiAgICAgaWYgKCBwYWdpbmdfbW9kZV9leHRlcm5hbChj dXJyZW50LT5kb21haW4pICkKICAgICAgICAgcmV0dXJuIHJlcGxhY2VfZ3Jh bnRfcDJtX21hcHBpbmcoYWRkciwgZnJhbWUsIG5ld19hZGRyLCBmbGFncyk7 CiAKKyAgICBncmFudF9wdGVfZmxhZ3MgPQorICAgICAgICBfUEFHRV9QUkVT RU5UIHwgX1BBR0VfQUNDRVNTRUQgfCBfUEFHRV9ESVJUWSB8IF9QQUdFX0dO VFRBQjsKKyAgICBpZiAoIGNwdV9oYXNfbnggKQorICAgICAgICBncmFudF9w dGVfZmxhZ3MgfD0gX1BBR0VfTlhfQklUOworCisgICAgaWYgKCBmbGFncyAm IEdOVE1BUF9hcHBsaWNhdGlvbl9tYXAgKQorICAgICAgICBncmFudF9wdGVf ZmxhZ3MgfD0gX1BBR0VfVVNFUjsKKyAgICBpZiAoICEoZmxhZ3MgJiBHTlRN QVBfcmVhZG9ubHkpICkKKyAgICAgICAgZ3JhbnRfcHRlX2ZsYWdzIHw9IF9Q QUdFX1JXOworICAgIC8qCisgICAgICogT24gdG9wIG9mIHRoZSBleHBsaWNp dCBzZXR0aW5ncyBkb25lIGJ5IGNyZWF0ZV9ncmFudF9ob3N0X21hcHBpbmco KQorICAgICAqIGFsc28gb3Blbi1jb2RlIHJlbGV2YW50IHBhcnRzIG9mIGFk anVzdF9ndWVzdF9sMWUoKS4gRG9uJ3QgbWlycm9yCisgICAgICogYXZhaWxh YmxlIGFuZCBjYWNoYWJpbGl0eSBmbGFncywgdGhvdWdoLgorICAgICAqLwor ICAgIGlmICggIWlzX3B2XzMyYml0X2RvbWFpbihjdXJyLT5kb21haW4pICkK KyAgICAgICAgZ3JhbnRfcHRlX2ZsYWdzIHw9IChncmFudF9wdGVfZmxhZ3Mg JiBfUEFHRV9VU0VSKQorICAgICAgICAgICAgICAgICAgICAgICAgICAgPyBf UEFHRV9HTE9CQUwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgIDogX1BB R0VfR1VFU1RfS0VSTkVMIHwgX1BBR0VfVVNFUjsKKwogICAgIGlmICggZmxh Z3MgJiBHTlRNQVBfY29udGFpbnNfcHRlICkKICAgICB7CiAgICAgICAgIGlm ICggIW5ld19hZGRyICkKLSAgICAgICAgICAgIHJldHVybiBkZXN0cm95X2dy YW50X3B0ZV9tYXBwaW5nKGFkZHIsIGZyYW1lLCBjdXJyLT5kb21haW4pOwor ICAgICAgICAgICAgcmV0dXJuIGRlc3Ryb3lfZ3JhbnRfcHRlX21hcHBpbmco YWRkciwgZnJhbWUsIGdyYW50X3B0ZV9mbGFncywKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGN1cnItPmRvbWFpbik7 CiAgICAgICAgIAogICAgICAgICBNRU1fTE9HKCJVbnN1cHBvcnRlZCBncmFu dCB0YWJsZSBvcGVyYXRpb24iKTsKICAgICAgICAgcmV0dXJuIEdOVFNUX2dl bmVyYWxfZXJyb3I7CiAgICAgfQogCiAgICAgaWYgKCAhbmV3X2FkZHIgKQot ICAgICAgICByZXR1cm4gZGVzdHJveV9ncmFudF92YV9tYXBwaW5nKGFkZHIs IGZyYW1lLCBjdXJyKTsKKyAgICAgICAgcmV0dXJuIGRlc3Ryb3lfZ3JhbnRf dmFfbWFwcGluZyhhZGRyLCBmcmFtZSwgZ3JhbnRfcHRlX2ZsYWdzLCBjdXJy KTsKIAogICAgIHBsMWUgPSBndWVzdF9tYXBfbDFlKGN1cnIsIG5ld19hZGRy LCAmZ2wxbWZuKTsKICAgICBpZiAoICFwbDFlICkKQEAgLTQxODUsNyArNDIz Miw3IEBAIGludCByZXBsYWNlX2dyYW50X2hvc3RfbWFwcGluZygKICAgICBw dXRfcGFnZShsMXBnKTsKICAgICBndWVzdF91bm1hcF9sMWUoY3VyciwgcGwx ZSk7CiAKLSAgICByYyA9IHJlcGxhY2VfZ3JhbnRfdmFfbWFwcGluZyhhZGRy LCBmcmFtZSwgb2wxZSwgY3Vycik7CisgICAgcmMgPSByZXBsYWNlX2dyYW50 X3ZhX21hcHBpbmcoYWRkciwgZnJhbWUsIGdyYW50X3B0ZV9mbGFncywgb2wx ZSwgY3Vycik7CiAgICAgaWYgKCByYyAmJiAhcGFnaW5nX21vZGVfcmVmY291 bnRzKGN1cnItPmRvbWFpbikgKQogICAgICAgICBwdXRfcGFnZV9mcm9tX2wx ZShvbDFlLCBjdXJyLT5kb21haW4pOwogCg== --=separator Content-Type: application/octet-stream; name="xsa234-4.6.patch" Content-Disposition: attachment; filename="xsa234-4.6.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiBnbnR0YWI6IGFsc28gdmFsaWRhdGUgUFRFIHBlcm1pc3Npb25zIHVwb24g ZGVzdHJveS9yZXBsYWNlCgpJbiBvcmRlciBmb3IgUFRFIGhhbmRsaW5nIHRv IG1hdGNoIHVwIHdpdGggdGhlIHJlZmVyZW5jZSBjb3VudGluZyBkb25lCmJ5 IGNvbW1vbiBjb2RlLCBwcmVzZW5jZSBhbmQgd3JpdGFiaWxpdHkgb2YgZ3Jh bnQgbWFwcGluZyBQVEVzIG11c3QKYWxzbyBiZSB0YWtlbiBpbnRvIGFjY291 bnQ7IHZhbGlkYXRpbmcganVzdCB0aGUgZnJhbWUgbnVtYmVyIGlzIG5vdApl bm91Z2guIFRoaXMgaXMgaW4gcGFydGljdWxhciByZWxldmFudCBpZiBhIGd1 ZXN0IGZpZGRsZXMgd2l0aCBncmFudApQVEVzIHZpYSBub24tZ3JhbnQgaHlw ZXJjYWxscy4KCk5vdGUgdGhhdCB0aGUgZmxhZ3MgYmVpbmcgcGFzc2VkIHRv IHJlcGxhY2VfZ3JhbnRfaG9zdF9tYXBwaW5nKCkKYWxyZWFkeSBoYXBwZW4g dG8gYmUgdGhvc2Ugb2YgdGhlIGV4aXN0aW5nIG1hcHBpbmcsIHNvIG5vIG5l dyBmdW5jdGlvbgpwYXJhbWV0ZXIgaXMgbmVlZGVkLgoKVGhpcyBpcyBYU0Et MjM0LgoKUmVwb3J0ZWQtYnk6IEFuZHJldyBDb29wZXIgPGFuZHJldy5jb29w ZXIzQGNpdHJpeC5jb20+ClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KUmV2aWV3ZWQtYnk6IEFuZHJldyBDb29wZXIg PGFuZHJldy5jb29wZXIzQGNpdHJpeC5jb20+CgotLS0gYS94ZW4vYXJjaC94 ODYvbW0uYworKysgYi94ZW4vYXJjaC94ODYvbW0uYwpAQCAtMzkzMCw3ICsz OTMwLDggQEAgc3RhdGljIGludCBjcmVhdGVfZ3JhbnRfcHRlX21hcHBpbmco CiB9CiAKIHN0YXRpYyBpbnQgZGVzdHJveV9ncmFudF9wdGVfbWFwcGluZygK LSAgICB1aW50NjRfdCBhZGRyLCB1bnNpZ25lZCBsb25nIGZyYW1lLCBzdHJ1 Y3QgZG9tYWluICpkKQorICAgIHVpbnQ2NF90IGFkZHIsIHVuc2lnbmVkIGxv bmcgZnJhbWUsIHVuc2lnbmVkIGludCBncmFudF9wdGVfZmxhZ3MsCisgICAg c3RydWN0IGRvbWFpbiAqZCkKIHsKICAgICBpbnQgcmMgPSBHTlRTVF9va2F5 OwogICAgIHZvaWQgKnZhOwpAQCAtMzk3NiwxNiArMzk3NywyNyBAQCBzdGF0 aWMgaW50IGRlc3Ryb3lfZ3JhbnRfcHRlX21hcHBpbmcoCiAKICAgICBvbDFl ID0gKihsMV9wZ2VudHJ5X3QgKil2YTsKICAgICAKLSAgICAvKiBDaGVjayB0 aGF0IHRoZSB2aXJ0dWFsIGFkZHJlc3Mgc3VwcGxpZWQgaXMgYWN0dWFsbHkg bWFwcGVkIHRvIGZyYW1lLiAqLwotICAgIGlmICggdW5saWtlbHkobDFlX2dl dF9wZm4ob2wxZSkgIT0gZnJhbWUpICkKKyAgICAvKgorICAgICAqIENoZWNr IHRoYXQgdGhlIFBURSBzdXBwbGllZCBhY3R1YWxseSBtYXBzIGZyYW1lICh3 aXRoIGFwcHJvcHJpYXRlCisgICAgICogcGVybWlzc2lvbnMpLgorICAgICAq LworICAgIGlmICggdW5saWtlbHkobDFlX2dldF9wZm4ob2wxZSkgIT0gZnJh bWUpIHx8CisgICAgICAgICB1bmxpa2VseSgobDFlX2dldF9mbGFncyhvbDFl KSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAgICAgICAgICAgICAgICAgKF9Q QUdFX1BSRVNFTlQgfCBfUEFHRV9SVykpICkKICAgICB7CiAgICAgICAgIHBh Z2VfdW5sb2NrKHBhZ2UpOwotICAgICAgICBNRU1fTE9HKCJQVEUgZW50cnkg JWx4IGZvciBhZGRyZXNzICUiUFJJeDY0IiBkb2Vzbid0IG1hdGNoIGZyYW1l ICVseCIsCi0gICAgICAgICAgICAgICAgKHVuc2lnbmVkIGxvbmcpbDFlX2dl dF9pbnRwdGUob2wxZSksIGFkZHIsIGZyYW1lKTsKKyAgICAgICAgTUVNX0xP RygiUFRFICUiUFJJcHRlIiBhdCAlIlBSSXg2NCIgZG9lc24ndCBtYXRjaCBn cmFudCAoJSJQUklwdGUiKSIsCisgICAgICAgICAgICAgICAgbDFlX2dldF9p bnRwdGUob2wxZSksIGFkZHIsCisgICAgICAgICAgICAgICAgbDFlX2dldF9p bnRwdGUobDFlX2Zyb21fcGZuKGZyYW1lLCBncmFudF9wdGVfZmxhZ3MpKSk7 CiAgICAgICAgIHJjID0gR05UU1RfZ2VuZXJhbF9lcnJvcjsKICAgICAgICAg Z290byBmYWlsZWQ7CiAgICAgfQogCisgICAgaWYgKCB1bmxpa2VseSgobDFl X2dldF9mbGFncyhvbDFlKSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAgICAg ICAgICAgICAgICAgfihfUEFHRV9BVkFJTCB8IFBBR0VfQ0FDSEVfQVRUUlMp KSApCisgICAgICAgIE1FTV9MT0coIlBURSBmbGFncyAleCBhdCAlIlBSSXg2 NCIgZG9uJ3QgbWF0Y2ggZ3JhbnQgKCV4KVxuIiwKKyAgICAgICAgICAgICAg ICBsMWVfZ2V0X2ZsYWdzKG9sMWUpLCBhZGRyLCBncmFudF9wdGVfZmxhZ3Mp OworCiAgICAgLyogRGVsZXRlIHBhZ2V0YWJsZSBlbnRyeS4gKi8KICAgICBp ZiAoIHVubGlrZWx5KCFVUERBVEVfRU5UUlkKICAgICAgICAgICAgICAgICAg IChsMSwgCkBAIC0zOTk0LDcgKzQwMDYsNyBAQCBzdGF0aWMgaW50IGRlc3Ry b3lfZ3JhbnRfcHRlX21hcHBpbmcoCiAgICAgICAgICAgICAgICAgICAgMCkp ICkKICAgICB7CiAgICAgICAgIHBhZ2VfdW5sb2NrKHBhZ2UpOwotICAgICAg ICBNRU1fTE9HKCJDYW5ub3QgZGVsZXRlIFBURSBlbnRyeSBhdCAlcCIsIHZh KTsKKyAgICAgICAgTUVNX0xPRygiQ2Fubm90IGRlbGV0ZSBQVEUgZW50cnkg YXQgJSJQUkl4NjQsIGFkZHIpOwogICAgICAgICByYyA9IEdOVFNUX2dlbmVy YWxfZXJyb3I7CiAgICAgICAgIGdvdG8gZmFpbGVkOwogICAgIH0KQEAgLTQw NjIsNyArNDA3NCw4IEBAIHN0YXRpYyBpbnQgY3JlYXRlX2dyYW50X3ZhX21h cHBpbmcoCiB9CiAKIHN0YXRpYyBpbnQgcmVwbGFjZV9ncmFudF92YV9tYXBw aW5nKAotICAgIHVuc2lnbmVkIGxvbmcgYWRkciwgdW5zaWduZWQgbG9uZyBm cmFtZSwgbDFfcGdlbnRyeV90IG5sMWUsIHN0cnVjdCB2Y3B1ICp2KQorICAg IHVuc2lnbmVkIGxvbmcgYWRkciwgdW5zaWduZWQgbG9uZyBmcmFtZSwgdW5z aWduZWQgaW50IGdyYW50X3B0ZV9mbGFncywKKyAgICBsMV9wZ2VudHJ5X3Qg bmwxZSwgc3RydWN0IHZjcHUgKnYpCiB7CiAgICAgbDFfcGdlbnRyeV90ICpw bDFlLCBvbDFlOwogICAgIHVuc2lnbmVkIGxvbmcgZ2wxbWZuOwpAQCAtNDA5 OCwxOSArNDExMSwzMCBAQCBzdGF0aWMgaW50IHJlcGxhY2VfZ3JhbnRfdmFf bWFwcGluZygKIAogICAgIG9sMWUgPSAqcGwxZTsKIAotICAgIC8qIENoZWNr IHRoYXQgdGhlIHZpcnR1YWwgYWRkcmVzcyBzdXBwbGllZCBpcyBhY3R1YWxs eSBtYXBwZWQgdG8gZnJhbWUuICovCi0gICAgaWYgKCB1bmxpa2VseShsMWVf Z2V0X3BmbihvbDFlKSAhPSBmcmFtZSkgKQotICAgIHsKLSAgICAgICAgTUVN X0xPRygiUFRFIGVudHJ5ICVseCBmb3IgYWRkcmVzcyAlbHggZG9lc24ndCBt YXRjaCBmcmFtZSAlbHgiLAotICAgICAgICAgICAgICAgIGwxZV9nZXRfcGZu KG9sMWUpLCBhZGRyLCBmcmFtZSk7CisgICAgLyoKKyAgICAgKiBDaGVjayB0 aGF0IHRoZSB2aXJ0dWFsIGFkZHJlc3Mgc3VwcGxpZWQgaXMgYWN0dWFsbHkg bWFwcGVkIHRvIGZyYW1lCisgICAgICogKHdpdGggYXBwcm9wcmlhdGUgcGVy bWlzc2lvbnMpLgorICAgICAqLworICAgIGlmICggdW5saWtlbHkobDFlX2dl dF9wZm4ob2wxZSkgIT0gZnJhbWUpIHx8CisgICAgICAgICB1bmxpa2VseSgo bDFlX2dldF9mbGFncyhvbDFlKSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAg ICAgICAgICAgICAgICAgKF9QQUdFX1BSRVNFTlQgfCBfUEFHRV9SVykpICkK KyAgICB7CisgICAgICAgIE1FTV9MT0coIlBURSAlIlBSSXB0ZSIgZm9yICVs eCBkb2Vzbid0IG1hdGNoIGdyYW50ICglIlBSSXB0ZSIpIiwKKyAgICAgICAg ICAgICAgICBsMWVfZ2V0X2ludHB0ZShvbDFlKSwgYWRkciwKKyAgICAgICAg ICAgICAgICBsMWVfZ2V0X2ludHB0ZShsMWVfZnJvbV9wZm4oZnJhbWUsIGdy YW50X3B0ZV9mbGFncykpKTsKICAgICAgICAgcmMgPSBHTlRTVF9nZW5lcmFs X2Vycm9yOwogICAgICAgICBnb3RvIHVubG9ja19hbmRfb3V0OwogICAgIH0K IAorICAgIGlmICggdW5saWtlbHkoKGwxZV9nZXRfZmxhZ3Mob2wxZSkgXiBn cmFudF9wdGVfZmxhZ3MpICYKKyAgICAgICAgICAgICAgICAgIH4oX1BBR0Vf QVZBSUwgfCBQQUdFX0NBQ0hFX0FUVFJTKSkgKQorICAgICAgICBNRU1fTE9H KCJQVEUgZmxhZ3MgJXggZm9yICUiUFJJeDY0IiBkb24ndCBtYXRjaCBncmFu dCAoJXgpIiwKKyAgICAgICAgICAgICAgICBsMWVfZ2V0X2ZsYWdzKG9sMWUp LCBhZGRyLCBncmFudF9wdGVfZmxhZ3MpOworCiAgICAgLyogRGVsZXRlIHBh Z2V0YWJsZSBlbnRyeS4gKi8KICAgICBpZiAoIHVubGlrZWx5KCFVUERBVEVf RU5UUlkobDEsIHBsMWUsIG9sMWUsIG5sMWUsIGdsMW1mbiwgdiwgMCkpICkK ICAgICB7Ci0gICAgICAgIE1FTV9MT0coIkNhbm5vdCBkZWxldGUgUFRFIGVu dHJ5IGF0ICVwIiwgKHVuc2lnbmVkIGxvbmcgKilwbDFlKTsKKyAgICAgICAg TUVNX0xPRygiQ2Fubm90IGRlbGV0ZSBQVEUgZW50cnkgZm9yICUiUFJJeDY0 LCBhZGRyKTsKICAgICAgICAgcmMgPSBHTlRTVF9nZW5lcmFsX2Vycm9yOwog ICAgICAgICBnb3RvIHVubG9ja19hbmRfb3V0OwogICAgIH0KQEAgLTQxMjQs OSArNDE0OCwxMSBAQCBzdGF0aWMgaW50IHJlcGxhY2VfZ3JhbnRfdmFfbWFw cGluZygKIH0KIAogc3RhdGljIGludCBkZXN0cm95X2dyYW50X3ZhX21hcHBp bmcoCi0gICAgdW5zaWduZWQgbG9uZyBhZGRyLCB1bnNpZ25lZCBsb25nIGZy YW1lLCBzdHJ1Y3QgdmNwdSAqdikKKyAgICB1bnNpZ25lZCBsb25nIGFkZHIs IHVuc2lnbmVkIGxvbmcgZnJhbWUsIHVuc2lnbmVkIGludCBncmFudF9wdGVf ZmxhZ3MsCisgICAgc3RydWN0IHZjcHUgKnYpCiB7Ci0gICAgcmV0dXJuIHJl cGxhY2VfZ3JhbnRfdmFfbWFwcGluZyhhZGRyLCBmcmFtZSwgbDFlX2VtcHR5 KCksIHYpOworICAgIHJldHVybiByZXBsYWNlX2dyYW50X3ZhX21hcHBpbmco YWRkciwgZnJhbWUsIGdyYW50X3B0ZV9mbGFncywKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGwxZV9lbXB0eSgpLCB2KTsKIH0KIAog c3RhdGljIGludCBjcmVhdGVfZ3JhbnRfcDJtX21hcHBpbmcodWludDY0X3Qg YWRkciwgdW5zaWduZWQgbG9uZyBmcmFtZSwKQEAgLTQyMTksMjEgKzQyNDUs NDAgQEAgaW50IHJlcGxhY2VfZ3JhbnRfaG9zdF9tYXBwaW5nKAogICAgIHVu c2lnbmVkIGxvbmcgZ2wxbWZuOwogICAgIHN0cnVjdCBwYWdlX2luZm8gKmwx cGc7CiAgICAgaW50IHJjOworICAgIHVuc2lnbmVkIGludCBncmFudF9wdGVf ZmxhZ3M7CiAgICAgCiAgICAgaWYgKCBwYWdpbmdfbW9kZV9leHRlcm5hbChj dXJyZW50LT5kb21haW4pICkKICAgICAgICAgcmV0dXJuIHJlcGxhY2VfZ3Jh bnRfcDJtX21hcHBpbmcoYWRkciwgZnJhbWUsIG5ld19hZGRyLCBmbGFncyk7 CiAKKyAgICBncmFudF9wdGVfZmxhZ3MgPQorICAgICAgICBfUEFHRV9QUkVT RU5UIHwgX1BBR0VfQUNDRVNTRUQgfCBfUEFHRV9ESVJUWSB8IF9QQUdFX0dO VFRBQiB8IF9QQUdFX05YOworCisgICAgaWYgKCBmbGFncyAmIEdOVE1BUF9h cHBsaWNhdGlvbl9tYXAgKQorICAgICAgICBncmFudF9wdGVfZmxhZ3MgfD0g X1BBR0VfVVNFUjsKKyAgICBpZiAoICEoZmxhZ3MgJiBHTlRNQVBfcmVhZG9u bHkpICkKKyAgICAgICAgZ3JhbnRfcHRlX2ZsYWdzIHw9IF9QQUdFX1JXOwor ICAgIC8qCisgICAgICogT24gdG9wIG9mIHRoZSBleHBsaWNpdCBzZXR0aW5n cyBkb25lIGJ5IGNyZWF0ZV9ncmFudF9ob3N0X21hcHBpbmcoKQorICAgICAq IGFsc28gb3Blbi1jb2RlIHJlbGV2YW50IHBhcnRzIG9mIGFkanVzdF9ndWVz dF9sMWUoKS4gRG9uJ3QgbWlycm9yCisgICAgICogYXZhaWxhYmxlIGFuZCBj YWNoYWJpbGl0eSBmbGFncywgdGhvdWdoLgorICAgICAqLworICAgIGlmICgg IWlzX3B2XzMyYml0X2RvbWFpbihjdXJyLT5kb21haW4pICkKKyAgICAgICAg Z3JhbnRfcHRlX2ZsYWdzIHw9IChncmFudF9wdGVfZmxhZ3MgJiBfUEFHRV9V U0VSKQorICAgICAgICAgICAgICAgICAgICAgICAgICAgPyBfUEFHRV9HTE9C QUwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgIDogX1BBR0VfR1VFU1Rf S0VSTkVMIHwgX1BBR0VfVVNFUjsKKwogICAgIGlmICggZmxhZ3MgJiBHTlRN QVBfY29udGFpbnNfcHRlICkKICAgICB7CiAgICAgICAgIGlmICggIW5ld19h ZGRyICkKLSAgICAgICAgICAgIHJldHVybiBkZXN0cm95X2dyYW50X3B0ZV9t YXBwaW5nKGFkZHIsIGZyYW1lLCBjdXJyLT5kb21haW4pOworICAgICAgICAg ICAgcmV0dXJuIGRlc3Ryb3lfZ3JhbnRfcHRlX21hcHBpbmcoYWRkciwgZnJh bWUsIGdyYW50X3B0ZV9mbGFncywKKyAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGN1cnItPmRvbWFpbik7CiAgICAgICAg IAogICAgICAgICBNRU1fTE9HKCJVbnN1cHBvcnRlZCBncmFudCB0YWJsZSBv cGVyYXRpb24iKTsKICAgICAgICAgcmV0dXJuIEdOVFNUX2dlbmVyYWxfZXJy b3I7CiAgICAgfQogCiAgICAgaWYgKCAhbmV3X2FkZHIgKQotICAgICAgICBy ZXR1cm4gZGVzdHJveV9ncmFudF92YV9tYXBwaW5nKGFkZHIsIGZyYW1lLCBj dXJyKTsKKyAgICAgICAgcmV0dXJuIGRlc3Ryb3lfZ3JhbnRfdmFfbWFwcGlu ZyhhZGRyLCBmcmFtZSwgZ3JhbnRfcHRlX2ZsYWdzLCBjdXJyKTsKIAogICAg IHBsMWUgPSBndWVzdF9tYXBfbDFlKGN1cnIsIG5ld19hZGRyLCAmZ2wxbWZu KTsKICAgICBpZiAoICFwbDFlICkKQEAgLTQyODEsNyArNDMyNiw3IEBAIGlu dCByZXBsYWNlX2dyYW50X2hvc3RfbWFwcGluZygKICAgICBwdXRfcGFnZShs MXBnKTsKICAgICBndWVzdF91bm1hcF9sMWUoY3VyciwgcGwxZSk7CiAKLSAg ICByYyA9IHJlcGxhY2VfZ3JhbnRfdmFfbWFwcGluZyhhZGRyLCBmcmFtZSwg b2wxZSwgY3Vycik7CisgICAgcmMgPSByZXBsYWNlX2dyYW50X3ZhX21hcHBp bmcoYWRkciwgZnJhbWUsIGdyYW50X3B0ZV9mbGFncywgb2wxZSwgY3Vycik7 CiAgICAgaWYgKCByYyAmJiAhcGFnaW5nX21vZGVfcmVmY291bnRzKGN1cnIt PmRvbWFpbikgKQogICAgICAgICBwdXRfcGFnZV9mcm9tX2wxZShvbDFlLCBj dXJyLT5kb21haW4pOwogCg== --=separator Content-Type: application/octet-stream; name="xsa234-4.8.patch" Content-Disposition: attachment; filename="xsa234-4.8.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiBnbnR0YWI6IGFsc28gdmFsaWRhdGUgUFRFIHBlcm1pc3Npb25zIHVwb24g ZGVzdHJveS9yZXBsYWNlCgpJbiBvcmRlciBmb3IgUFRFIGhhbmRsaW5nIHRv IG1hdGNoIHVwIHdpdGggdGhlIHJlZmVyZW5jZSBjb3VudGluZyBkb25lCmJ5 IGNvbW1vbiBjb2RlLCBwcmVzZW5jZSBhbmQgd3JpdGFiaWxpdHkgb2YgZ3Jh bnQgbWFwcGluZyBQVEVzIG11c3QKYWxzbyBiZSB0YWtlbiBpbnRvIGFjY291 bnQ7IHZhbGlkYXRpbmcganVzdCB0aGUgZnJhbWUgbnVtYmVyIGlzIG5vdApl bm91Z2guIFRoaXMgaXMgaW4gcGFydGljdWxhciByZWxldmFudCBpZiBhIGd1 ZXN0IGZpZGRsZXMgd2l0aCBncmFudApQVEVzIHZpYSBub24tZ3JhbnQgaHlw ZXJjYWxscy4KCk5vdGUgdGhhdCB0aGUgZmxhZ3MgYmVpbmcgcGFzc2VkIHRv IHJlcGxhY2VfZ3JhbnRfaG9zdF9tYXBwaW5nKCkKYWxyZWFkeSBoYXBwZW4g dG8gYmUgdGhvc2Ugb2YgdGhlIGV4aXN0aW5nIG1hcHBpbmcsIHNvIG5vIG5l dyBmdW5jdGlvbgpwYXJhbWV0ZXIgaXMgbmVlZGVkLgoKVGhpcyBpcyBYU0Et MjM0LgoKUmVwb3J0ZWQtYnk6IEFuZHJldyBDb29wZXIgPGFuZHJldy5jb29w ZXIzQGNpdHJpeC5jb20+ClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KUmV2aWV3ZWQtYnk6IEFuZHJldyBDb29wZXIg PGFuZHJldy5jb29wZXIzQGNpdHJpeC5jb20+CgotLS0gYS94ZW4vYXJjaC94 ODYvbW0uYworKysgYi94ZW4vYXJjaC94ODYvbW0uYwpAQCAtNDAxNyw3ICs0 MDE3LDggQEAgc3RhdGljIGludCBjcmVhdGVfZ3JhbnRfcHRlX21hcHBpbmco CiB9CiAKIHN0YXRpYyBpbnQgZGVzdHJveV9ncmFudF9wdGVfbWFwcGluZygK LSAgICB1aW50NjRfdCBhZGRyLCB1bnNpZ25lZCBsb25nIGZyYW1lLCBzdHJ1 Y3QgZG9tYWluICpkKQorICAgIHVpbnQ2NF90IGFkZHIsIHVuc2lnbmVkIGxv bmcgZnJhbWUsIHVuc2lnbmVkIGludCBncmFudF9wdGVfZmxhZ3MsCisgICAg c3RydWN0IGRvbWFpbiAqZCkKIHsKICAgICBpbnQgcmMgPSBHTlRTVF9va2F5 OwogICAgIHZvaWQgKnZhOwpAQCAtNDA2MywxNiArNDA2NCwyNyBAQCBzdGF0 aWMgaW50IGRlc3Ryb3lfZ3JhbnRfcHRlX21hcHBpbmcoCiAKICAgICBvbDFl ID0gKihsMV9wZ2VudHJ5X3QgKil2YTsKICAgICAKLSAgICAvKiBDaGVjayB0 aGF0IHRoZSB2aXJ0dWFsIGFkZHJlc3Mgc3VwcGxpZWQgaXMgYWN0dWFsbHkg bWFwcGVkIHRvIGZyYW1lLiAqLwotICAgIGlmICggdW5saWtlbHkobDFlX2dl dF9wZm4ob2wxZSkgIT0gZnJhbWUpICkKKyAgICAvKgorICAgICAqIENoZWNr IHRoYXQgdGhlIFBURSBzdXBwbGllZCBhY3R1YWxseSBtYXBzIGZyYW1lICh3 aXRoIGFwcHJvcHJpYXRlCisgICAgICogcGVybWlzc2lvbnMpLgorICAgICAq LworICAgIGlmICggdW5saWtlbHkobDFlX2dldF9wZm4ob2wxZSkgIT0gZnJh bWUpIHx8CisgICAgICAgICB1bmxpa2VseSgobDFlX2dldF9mbGFncyhvbDFl KSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAgICAgICAgICAgICAgICAgKF9Q QUdFX1BSRVNFTlQgfCBfUEFHRV9SVykpICkKICAgICB7CiAgICAgICAgIHBh Z2VfdW5sb2NrKHBhZ2UpOwotICAgICAgICBNRU1fTE9HKCJQVEUgZW50cnkg JWx4IGZvciBhZGRyZXNzICUiUFJJeDY0IiBkb2Vzbid0IG1hdGNoIGZyYW1l ICVseCIsCi0gICAgICAgICAgICAgICAgKHVuc2lnbmVkIGxvbmcpbDFlX2dl dF9pbnRwdGUob2wxZSksIGFkZHIsIGZyYW1lKTsKKyAgICAgICAgTUVNX0xP RygiUFRFICUiUFJJcHRlIiBhdCAlIlBSSXg2NCIgZG9lc24ndCBtYXRjaCBn cmFudCAoJSJQUklwdGUiKSIsCisgICAgICAgICAgICAgICAgbDFlX2dldF9p bnRwdGUob2wxZSksIGFkZHIsCisgICAgICAgICAgICAgICAgbDFlX2dldF9p bnRwdGUobDFlX2Zyb21fcGZuKGZyYW1lLCBncmFudF9wdGVfZmxhZ3MpKSk7 CiAgICAgICAgIHJjID0gR05UU1RfZ2VuZXJhbF9lcnJvcjsKICAgICAgICAg Z290byBmYWlsZWQ7CiAgICAgfQogCisgICAgaWYgKCB1bmxpa2VseSgobDFl X2dldF9mbGFncyhvbDFlKSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAgICAg ICAgICAgICAgICAgfihfUEFHRV9BVkFJTCB8IFBBR0VfQ0FDSEVfQVRUUlMp KSApCisgICAgICAgIE1FTV9MT0coIlBURSBmbGFncyAleCBhdCAlIlBSSXg2 NCIgZG9uJ3QgbWF0Y2ggZ3JhbnQgKCV4KVxuIiwKKyAgICAgICAgICAgICAg ICBsMWVfZ2V0X2ZsYWdzKG9sMWUpLCBhZGRyLCBncmFudF9wdGVfZmxhZ3Mp OworCiAgICAgLyogRGVsZXRlIHBhZ2V0YWJsZSBlbnRyeS4gKi8KICAgICBp ZiAoIHVubGlrZWx5KCFVUERBVEVfRU5UUlkKICAgICAgICAgICAgICAgICAg IChsMSwgCkBAIC00MDgxLDcgKzQwOTMsNyBAQCBzdGF0aWMgaW50IGRlc3Ry b3lfZ3JhbnRfcHRlX21hcHBpbmcoCiAgICAgICAgICAgICAgICAgICAgMCkp ICkKICAgICB7CiAgICAgICAgIHBhZ2VfdW5sb2NrKHBhZ2UpOwotICAgICAg ICBNRU1fTE9HKCJDYW5ub3QgZGVsZXRlIFBURSBlbnRyeSBhdCAlcCIsIHZh KTsKKyAgICAgICAgTUVNX0xPRygiQ2Fubm90IGRlbGV0ZSBQVEUgZW50cnkg YXQgJSJQUkl4NjQsIGFkZHIpOwogICAgICAgICByYyA9IEdOVFNUX2dlbmVy YWxfZXJyb3I7CiAgICAgICAgIGdvdG8gZmFpbGVkOwogICAgIH0KQEAgLTQx NDksNyArNDE2MSw4IEBAIHN0YXRpYyBpbnQgY3JlYXRlX2dyYW50X3ZhX21h cHBpbmcoCiB9CiAKIHN0YXRpYyBpbnQgcmVwbGFjZV9ncmFudF92YV9tYXBw aW5nKAotICAgIHVuc2lnbmVkIGxvbmcgYWRkciwgdW5zaWduZWQgbG9uZyBm cmFtZSwgbDFfcGdlbnRyeV90IG5sMWUsIHN0cnVjdCB2Y3B1ICp2KQorICAg IHVuc2lnbmVkIGxvbmcgYWRkciwgdW5zaWduZWQgbG9uZyBmcmFtZSwgdW5z aWduZWQgaW50IGdyYW50X3B0ZV9mbGFncywKKyAgICBsMV9wZ2VudHJ5X3Qg bmwxZSwgc3RydWN0IHZjcHUgKnYpCiB7CiAgICAgbDFfcGdlbnRyeV90ICpw bDFlLCBvbDFlOwogICAgIHVuc2lnbmVkIGxvbmcgZ2wxbWZuOwpAQCAtNDE4 NSwxOSArNDE5OCwzMCBAQCBzdGF0aWMgaW50IHJlcGxhY2VfZ3JhbnRfdmFf bWFwcGluZygKIAogICAgIG9sMWUgPSAqcGwxZTsKIAotICAgIC8qIENoZWNr IHRoYXQgdGhlIHZpcnR1YWwgYWRkcmVzcyBzdXBwbGllZCBpcyBhY3R1YWxs eSBtYXBwZWQgdG8gZnJhbWUuICovCi0gICAgaWYgKCB1bmxpa2VseShsMWVf Z2V0X3BmbihvbDFlKSAhPSBmcmFtZSkgKQotICAgIHsKLSAgICAgICAgTUVN X0xPRygiUFRFIGVudHJ5ICVseCBmb3IgYWRkcmVzcyAlbHggZG9lc24ndCBt YXRjaCBmcmFtZSAlbHgiLAotICAgICAgICAgICAgICAgIGwxZV9nZXRfcGZu KG9sMWUpLCBhZGRyLCBmcmFtZSk7CisgICAgLyoKKyAgICAgKiBDaGVjayB0 aGF0IHRoZSB2aXJ0dWFsIGFkZHJlc3Mgc3VwcGxpZWQgaXMgYWN0dWFsbHkg bWFwcGVkIHRvIGZyYW1lCisgICAgICogKHdpdGggYXBwcm9wcmlhdGUgcGVy bWlzc2lvbnMpLgorICAgICAqLworICAgIGlmICggdW5saWtlbHkobDFlX2dl dF9wZm4ob2wxZSkgIT0gZnJhbWUpIHx8CisgICAgICAgICB1bmxpa2VseSgo bDFlX2dldF9mbGFncyhvbDFlKSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAg ICAgICAgICAgICAgICAgKF9QQUdFX1BSRVNFTlQgfCBfUEFHRV9SVykpICkK KyAgICB7CisgICAgICAgIE1FTV9MT0coIlBURSAlIlBSSXB0ZSIgZm9yICVs eCBkb2Vzbid0IG1hdGNoIGdyYW50ICglIlBSSXB0ZSIpIiwKKyAgICAgICAg ICAgICAgICBsMWVfZ2V0X2ludHB0ZShvbDFlKSwgYWRkciwKKyAgICAgICAg ICAgICAgICBsMWVfZ2V0X2ludHB0ZShsMWVfZnJvbV9wZm4oZnJhbWUsIGdy YW50X3B0ZV9mbGFncykpKTsKICAgICAgICAgcmMgPSBHTlRTVF9nZW5lcmFs X2Vycm9yOwogICAgICAgICBnb3RvIHVubG9ja19hbmRfb3V0OwogICAgIH0K IAorICAgIGlmICggdW5saWtlbHkoKGwxZV9nZXRfZmxhZ3Mob2wxZSkgXiBn cmFudF9wdGVfZmxhZ3MpICYKKyAgICAgICAgICAgICAgICAgIH4oX1BBR0Vf QVZBSUwgfCBQQUdFX0NBQ0hFX0FUVFJTKSkgKQorICAgICAgICBNRU1fTE9H KCJQVEUgZmxhZ3MgJXggZm9yICUiUFJJeDY0IiBkb24ndCBtYXRjaCBncmFu dCAoJXgpIiwKKyAgICAgICAgICAgICAgICBsMWVfZ2V0X2ZsYWdzKG9sMWUp LCBhZGRyLCBncmFudF9wdGVfZmxhZ3MpOworCiAgICAgLyogRGVsZXRlIHBh Z2V0YWJsZSBlbnRyeS4gKi8KICAgICBpZiAoIHVubGlrZWx5KCFVUERBVEVf RU5UUlkobDEsIHBsMWUsIG9sMWUsIG5sMWUsIGdsMW1mbiwgdiwgMCkpICkK ICAgICB7Ci0gICAgICAgIE1FTV9MT0coIkNhbm5vdCBkZWxldGUgUFRFIGVu dHJ5IGF0ICVwIiwgKHVuc2lnbmVkIGxvbmcgKilwbDFlKTsKKyAgICAgICAg TUVNX0xPRygiQ2Fubm90IGRlbGV0ZSBQVEUgZW50cnkgZm9yICUiUFJJeDY0 LCBhZGRyKTsKICAgICAgICAgcmMgPSBHTlRTVF9nZW5lcmFsX2Vycm9yOwog ICAgICAgICBnb3RvIHVubG9ja19hbmRfb3V0OwogICAgIH0KQEAgLTQyMTEs OSArNDIzNSwxMSBAQCBzdGF0aWMgaW50IHJlcGxhY2VfZ3JhbnRfdmFfbWFw cGluZygKIH0KIAogc3RhdGljIGludCBkZXN0cm95X2dyYW50X3ZhX21hcHBp bmcoCi0gICAgdW5zaWduZWQgbG9uZyBhZGRyLCB1bnNpZ25lZCBsb25nIGZy YW1lLCBzdHJ1Y3QgdmNwdSAqdikKKyAgICB1bnNpZ25lZCBsb25nIGFkZHIs IHVuc2lnbmVkIGxvbmcgZnJhbWUsIHVuc2lnbmVkIGludCBncmFudF9wdGVf ZmxhZ3MsCisgICAgc3RydWN0IHZjcHUgKnYpCiB7Ci0gICAgcmV0dXJuIHJl cGxhY2VfZ3JhbnRfdmFfbWFwcGluZyhhZGRyLCBmcmFtZSwgbDFlX2VtcHR5 KCksIHYpOworICAgIHJldHVybiByZXBsYWNlX2dyYW50X3ZhX21hcHBpbmco YWRkciwgZnJhbWUsIGdyYW50X3B0ZV9mbGFncywKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGwxZV9lbXB0eSgpLCB2KTsKIH0KIAog c3RhdGljIGludCBjcmVhdGVfZ3JhbnRfcDJtX21hcHBpbmcodWludDY0X3Qg YWRkciwgdW5zaWduZWQgbG9uZyBmcmFtZSwKQEAgLTQzMDcsMjEgKzQzMzMs NDAgQEAgaW50IHJlcGxhY2VfZ3JhbnRfaG9zdF9tYXBwaW5nKAogICAgIHVu c2lnbmVkIGxvbmcgZ2wxbWZuOwogICAgIHN0cnVjdCBwYWdlX2luZm8gKmwx cGc7CiAgICAgaW50IHJjOworICAgIHVuc2lnbmVkIGludCBncmFudF9wdGVf ZmxhZ3M7CiAgICAgCiAgICAgaWYgKCBwYWdpbmdfbW9kZV9leHRlcm5hbChj dXJyZW50LT5kb21haW4pICkKICAgICAgICAgcmV0dXJuIHJlcGxhY2VfZ3Jh bnRfcDJtX21hcHBpbmcoYWRkciwgZnJhbWUsIG5ld19hZGRyLCBmbGFncyk7 CiAKKyAgICBncmFudF9wdGVfZmxhZ3MgPQorICAgICAgICBfUEFHRV9QUkVT RU5UIHwgX1BBR0VfQUNDRVNTRUQgfCBfUEFHRV9ESVJUWSB8IF9QQUdFX0dO VFRBQiB8IF9QQUdFX05YOworCisgICAgaWYgKCBmbGFncyAmIEdOVE1BUF9h cHBsaWNhdGlvbl9tYXAgKQorICAgICAgICBncmFudF9wdGVfZmxhZ3MgfD0g X1BBR0VfVVNFUjsKKyAgICBpZiAoICEoZmxhZ3MgJiBHTlRNQVBfcmVhZG9u bHkpICkKKyAgICAgICAgZ3JhbnRfcHRlX2ZsYWdzIHw9IF9QQUdFX1JXOwor ICAgIC8qCisgICAgICogT24gdG9wIG9mIHRoZSBleHBsaWNpdCBzZXR0aW5n cyBkb25lIGJ5IGNyZWF0ZV9ncmFudF9ob3N0X21hcHBpbmcoKQorICAgICAq IGFsc28gb3Blbi1jb2RlIHJlbGV2YW50IHBhcnRzIG9mIGFkanVzdF9ndWVz dF9sMWUoKS4gRG9uJ3QgbWlycm9yCisgICAgICogYXZhaWxhYmxlIGFuZCBj YWNoYWJpbGl0eSBmbGFncywgdGhvdWdoLgorICAgICAqLworICAgIGlmICgg IWlzX3B2XzMyYml0X2RvbWFpbihjdXJyLT5kb21haW4pICkKKyAgICAgICAg Z3JhbnRfcHRlX2ZsYWdzIHw9IChncmFudF9wdGVfZmxhZ3MgJiBfUEFHRV9V U0VSKQorICAgICAgICAgICAgICAgICAgICAgICAgICAgPyBfUEFHRV9HTE9C QUwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgIDogX1BBR0VfR1VFU1Rf S0VSTkVMIHwgX1BBR0VfVVNFUjsKKwogICAgIGlmICggZmxhZ3MgJiBHTlRN QVBfY29udGFpbnNfcHRlICkKICAgICB7CiAgICAgICAgIGlmICggIW5ld19h ZGRyICkKLSAgICAgICAgICAgIHJldHVybiBkZXN0cm95X2dyYW50X3B0ZV9t YXBwaW5nKGFkZHIsIGZyYW1lLCBjdXJyLT5kb21haW4pOworICAgICAgICAg ICAgcmV0dXJuIGRlc3Ryb3lfZ3JhbnRfcHRlX21hcHBpbmcoYWRkciwgZnJh bWUsIGdyYW50X3B0ZV9mbGFncywKKyAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGN1cnItPmRvbWFpbik7CiAgICAgICAg IAogICAgICAgICBNRU1fTE9HKCJVbnN1cHBvcnRlZCBncmFudCB0YWJsZSBv cGVyYXRpb24iKTsKICAgICAgICAgcmV0dXJuIEdOVFNUX2dlbmVyYWxfZXJy b3I7CiAgICAgfQogCiAgICAgaWYgKCAhbmV3X2FkZHIgKQotICAgICAgICBy ZXR1cm4gZGVzdHJveV9ncmFudF92YV9tYXBwaW5nKGFkZHIsIGZyYW1lLCBj dXJyKTsKKyAgICAgICAgcmV0dXJuIGRlc3Ryb3lfZ3JhbnRfdmFfbWFwcGlu ZyhhZGRyLCBmcmFtZSwgZ3JhbnRfcHRlX2ZsYWdzLCBjdXJyKTsKIAogICAg IHBsMWUgPSBndWVzdF9tYXBfbDFlKG5ld19hZGRyLCAmZ2wxbWZuKTsKICAg ICBpZiAoICFwbDFlICkKQEAgLTQzNjksNyArNDQxNCw3IEBAIGludCByZXBs YWNlX2dyYW50X2hvc3RfbWFwcGluZygKICAgICBwdXRfcGFnZShsMXBnKTsK ICAgICBndWVzdF91bm1hcF9sMWUocGwxZSk7CiAKLSAgICByYyA9IHJlcGxh Y2VfZ3JhbnRfdmFfbWFwcGluZyhhZGRyLCBmcmFtZSwgb2wxZSwgY3Vycik7 CisgICAgcmMgPSByZXBsYWNlX2dyYW50X3ZhX21hcHBpbmcoYWRkciwgZnJh bWUsIGdyYW50X3B0ZV9mbGFncywgb2wxZSwgY3Vycik7CiAgICAgaWYgKCBy YyAmJiAhcGFnaW5nX21vZGVfcmVmY291bnRzKGN1cnItPmRvbWFpbikgKQog ICAgICAgICBwdXRfcGFnZV9mcm9tX2wxZShvbDFlLCBjdXJyLT5kb21haW4p OwogCg== --=separator Content-Type: application/octet-stream; name="xsa234-4.9.patch" Content-Disposition: attachment; filename="xsa234-4.9.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiBnbnR0YWI6IGFsc28gdmFsaWRhdGUgUFRFIHBlcm1pc3Npb25zIHVwb24g ZGVzdHJveS9yZXBsYWNlCgpJbiBvcmRlciBmb3IgUFRFIGhhbmRsaW5nIHRv IG1hdGNoIHVwIHdpdGggdGhlIHJlZmVyZW5jZSBjb3VudGluZyBkb25lCmJ5 IGNvbW1vbiBjb2RlLCBwcmVzZW5jZSBhbmQgd3JpdGFiaWxpdHkgb2YgZ3Jh bnQgbWFwcGluZyBQVEVzIG11c3QKYWxzbyBiZSB0YWtlbiBpbnRvIGFjY291 bnQ7IHZhbGlkYXRpbmcganVzdCB0aGUgZnJhbWUgbnVtYmVyIGlzIG5vdApl bm91Z2guIFRoaXMgaXMgaW4gcGFydGljdWxhciByZWxldmFudCBpZiBhIGd1 ZXN0IGZpZGRsZXMgd2l0aCBncmFudApQVEVzIHZpYSBub24tZ3JhbnQgaHlw ZXJjYWxscy4KCk5vdGUgdGhhdCB0aGUgZmxhZ3MgYmVpbmcgcGFzc2VkIHRv IHJlcGxhY2VfZ3JhbnRfaG9zdF9tYXBwaW5nKCkKYWxyZWFkeSBoYXBwZW4g dG8gYmUgdGhvc2Ugb2YgdGhlIGV4aXN0aW5nIG1hcHBpbmcsIHNvIG5vIG5l dyBmdW5jdGlvbgpwYXJhbWV0ZXIgaXMgbmVlZGVkLgoKVGhpcyBpcyBYU0Et MjM0LgoKUmVwb3J0ZWQtYnk6IEFuZHJldyBDb29wZXIgPGFuZHJldy5jb29w ZXIzQGNpdHJpeC5jb20+ClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KUmV2aWV3ZWQtYnk6IEFuZHJldyBDb29wZXIg PGFuZHJldy5jb29wZXIzQGNpdHJpeC5jb20+CgotLS0gYS94ZW4vYXJjaC94 ODYvbW0uYworKysgYi94ZW4vYXJjaC94ODYvbW0uYwpAQCAtNDA1OCw3ICs0 MDU4LDggQEAgc3RhdGljIGludCBjcmVhdGVfZ3JhbnRfcHRlX21hcHBpbmco CiB9CiAKIHN0YXRpYyBpbnQgZGVzdHJveV9ncmFudF9wdGVfbWFwcGluZygK LSAgICB1aW50NjRfdCBhZGRyLCB1bnNpZ25lZCBsb25nIGZyYW1lLCBzdHJ1 Y3QgZG9tYWluICpkKQorICAgIHVpbnQ2NF90IGFkZHIsIHVuc2lnbmVkIGxv bmcgZnJhbWUsIHVuc2lnbmVkIGludCBncmFudF9wdGVfZmxhZ3MsCisgICAg c3RydWN0IGRvbWFpbiAqZCkKIHsKICAgICBpbnQgcmMgPSBHTlRTVF9va2F5 OwogICAgIHZvaWQgKnZhOwpAQCAtNDEwNCwxNyArNDEwNSwyOSBAQCBzdGF0 aWMgaW50IGRlc3Ryb3lfZ3JhbnRfcHRlX21hcHBpbmcoCiAKICAgICBvbDFl ID0gKihsMV9wZ2VudHJ5X3QgKil2YTsKICAgICAKLSAgICAvKiBDaGVjayB0 aGF0IHRoZSB2aXJ0dWFsIGFkZHJlc3Mgc3VwcGxpZWQgaXMgYWN0dWFsbHkg bWFwcGVkIHRvIGZyYW1lLiAqLwotICAgIGlmICggdW5saWtlbHkobDFlX2dl dF9wZm4ob2wxZSkgIT0gZnJhbWUpICkKKyAgICAvKgorICAgICAqIENoZWNr IHRoYXQgdGhlIFBURSBzdXBwbGllZCBhY3R1YWxseSBtYXBzIGZyYW1lICh3 aXRoIGFwcHJvcHJpYXRlCisgICAgICogcGVybWlzc2lvbnMpLgorICAgICAq LworICAgIGlmICggdW5saWtlbHkobDFlX2dldF9wZm4ob2wxZSkgIT0gZnJh bWUpIHx8CisgICAgICAgICB1bmxpa2VseSgobDFlX2dldF9mbGFncyhvbDFl KSBeIGdyYW50X3B0ZV9mbGFncykgJgorICAgICAgICAgICAgICAgICAgKF9Q QUdFX1BSRVNFTlQgfCBfUEFHRV9SVykpICkKICAgICB7CiAgICAgICAgIHBh Z2VfdW5sb2NrKHBhZ2UpOwotICAgICAgICBnZHByaW50ayhYRU5MT0dfV0FS TklORywKLSAgICAgICAgICAgICAgICAgIlBURSBlbnRyeSAlIlBSSXB0ZSIg Zm9yIGFkZHJlc3MgJSJQUkl4NjQiIGRvZXNuJ3QgbWF0Y2ggZnJhbWUgJWx4 XG4iLAotICAgICAgICAgICAgICAgICBsMWVfZ2V0X2ludHB0ZShvbDFlKSwg YWRkciwgZnJhbWUpOworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAor ICAgICAgICAgICAgICAgICAiUFRFICUiUFJJcHRlIiBhdCAlIlBSSXg2NCIg ZG9lc24ndCBtYXRjaCBncmFudCAoJSJQUklwdGUiKVxuIiwKKyAgICAgICAg ICAgICAgICAgbDFlX2dldF9pbnRwdGUob2wxZSksIGFkZHIsCisgICAgICAg ICAgICAgICAgIGwxZV9nZXRfaW50cHRlKGwxZV9mcm9tX3BmbihmcmFtZSwg Z3JhbnRfcHRlX2ZsYWdzKSkpOwogICAgICAgICByYyA9IEdOVFNUX2dlbmVy YWxfZXJyb3I7CiAgICAgICAgIGdvdG8gZmFpbGVkOwogICAgIH0KIAorICAg IGlmICggdW5saWtlbHkoKGwxZV9nZXRfZmxhZ3Mob2wxZSkgXiBncmFudF9w dGVfZmxhZ3MpICYKKyAgICAgICAgICAgICAgICAgIH4oX1BBR0VfQVZBSUwg fCBQQUdFX0NBQ0hFX0FUVFJTKSkgKQorICAgICAgICBnZHByaW50ayhYRU5M T0dfV0FSTklORywKKyAgICAgICAgICAgICAgICAgIlBURSBmbGFncyAleCBh dCAlIlBSSXg2NCIgZG9uJ3QgbWF0Y2ggZ3JhbnQgKCV4KVxuIiwKKyAgICAg ICAgICAgICAgICAgbDFlX2dldF9mbGFncyhvbDFlKSwgYWRkciwgZ3JhbnRf cHRlX2ZsYWdzKTsKKwogICAgIC8qIERlbGV0ZSBwYWdldGFibGUgZW50cnku ICovCiAgICAgaWYgKCB1bmxpa2VseSghVVBEQVRFX0VOVFJZCiAgICAgICAg ICAgICAgICAgICAobDEsIApAQCAtNDEyMyw3ICs0MTM2LDggQEAgc3RhdGlj IGludCBkZXN0cm95X2dyYW50X3B0ZV9tYXBwaW5nKAogICAgICAgICAgICAg ICAgICAgIDApKSApCiAgICAgewogICAgICAgICBwYWdlX3VubG9jayhwYWdl KTsKLSAgICAgICAgZ2RwcmludGsoWEVOTE9HX1dBUk5JTkcsICJDYW5ub3Qg ZGVsZXRlIFBURSBlbnRyeSBhdCAlcFxuIiwgdmEpOworICAgICAgICBnZHBy aW50ayhYRU5MT0dfV0FSTklORywgIkNhbm5vdCBkZWxldGUgUFRFIGVudHJ5 IGF0ICUiUFJJeDY0IlxuIiwKKyAgICAgICAgICAgICAgICAgYWRkcik7CiAg ICAgICAgIHJjID0gR05UU1RfZ2VuZXJhbF9lcnJvcjsKICAgICAgICAgZ290 byBmYWlsZWQ7CiAgICAgfQpAQCAtNDE5MSw3ICs0MjA1LDggQEAgc3RhdGlj IGludCBjcmVhdGVfZ3JhbnRfdmFfbWFwcGluZygKIH0KIAogc3RhdGljIGlu dCByZXBsYWNlX2dyYW50X3ZhX21hcHBpbmcoCi0gICAgdW5zaWduZWQgbG9u ZyBhZGRyLCB1bnNpZ25lZCBsb25nIGZyYW1lLCBsMV9wZ2VudHJ5X3Qgbmwx ZSwgc3RydWN0IHZjcHUgKnYpCisgICAgdW5zaWduZWQgbG9uZyBhZGRyLCB1 bnNpZ25lZCBsb25nIGZyYW1lLCB1bnNpZ25lZCBpbnQgZ3JhbnRfcHRlX2Zs YWdzLAorICAgIGwxX3BnZW50cnlfdCBubDFlLCBzdHJ1Y3QgdmNwdSAqdikK IHsKICAgICBsMV9wZ2VudHJ5X3QgKnBsMWUsIG9sMWU7CiAgICAgdW5zaWdu ZWQgbG9uZyBnbDFtZm47CkBAIC00MjI3LDIwICs0MjQyLDMzIEBAIHN0YXRp YyBpbnQgcmVwbGFjZV9ncmFudF92YV9tYXBwaW5nKAogCiAgICAgb2wxZSA9 ICpwbDFlOwogCi0gICAgLyogQ2hlY2sgdGhhdCB0aGUgdmlydHVhbCBhZGRy ZXNzIHN1cHBsaWVkIGlzIGFjdHVhbGx5IG1hcHBlZCB0byBmcmFtZS4gKi8K LSAgICBpZiAoIHVubGlrZWx5KGwxZV9nZXRfcGZuKG9sMWUpICE9IGZyYW1l KSApCi0gICAgewotICAgICAgICBnZHByaW50ayhYRU5MT0dfV0FSTklORywK LSAgICAgICAgICAgICAgICAgIlBURSBlbnRyeSAlbHggZm9yIGFkZHJlc3Mg JWx4IGRvZXNuJ3QgbWF0Y2ggZnJhbWUgJWx4XG4iLAotICAgICAgICAgICAg ICAgICBsMWVfZ2V0X3BmbihvbDFlKSwgYWRkciwgZnJhbWUpOworICAgIC8q CisgICAgICogQ2hlY2sgdGhhdCB0aGUgdmlydHVhbCBhZGRyZXNzIHN1cHBs aWVkIGlzIGFjdHVhbGx5IG1hcHBlZCB0byBmcmFtZQorICAgICAqICh3aXRo IGFwcHJvcHJpYXRlIHBlcm1pc3Npb25zKS4KKyAgICAgKi8KKyAgICBpZiAo IHVubGlrZWx5KGwxZV9nZXRfcGZuKG9sMWUpICE9IGZyYW1lKSB8fAorICAg ICAgICAgdW5saWtlbHkoKGwxZV9nZXRfZmxhZ3Mob2wxZSkgXiBncmFudF9w dGVfZmxhZ3MpICYKKyAgICAgICAgICAgICAgICAgIChfUEFHRV9QUkVTRU5U IHwgX1BBR0VfUlcpKSApCisgICAgeworICAgICAgICBnZHByaW50ayhYRU5M T0dfRVJSLAorICAgICAgICAgICAgICAgICAiUFRFICUiUFJJcHRlIiBmb3Ig JWx4IGRvZXNuJ3QgbWF0Y2ggZ3JhbnQgKCUiUFJJcHRlIilcbiIsCisgICAg ICAgICAgICAgICAgIGwxZV9nZXRfaW50cHRlKG9sMWUpLCBhZGRyLAorICAg ICAgICAgICAgICAgICBsMWVfZ2V0X2ludHB0ZShsMWVfZnJvbV9wZm4oZnJh bWUsIGdyYW50X3B0ZV9mbGFncykpKTsKICAgICAgICAgcmMgPSBHTlRTVF9n ZW5lcmFsX2Vycm9yOwogICAgICAgICBnb3RvIHVubG9ja19hbmRfb3V0Owog ICAgIH0KIAorICAgIGlmICggdW5saWtlbHkoKGwxZV9nZXRfZmxhZ3Mob2wx ZSkgXiBncmFudF9wdGVfZmxhZ3MpICYKKyAgICAgICAgICAgICAgICAgIH4o X1BBR0VfQVZBSUwgfCBQQUdFX0NBQ0hFX0FUVFJTKSkgKQorICAgICAgICBn ZHByaW50ayhYRU5MT0dfV0FSTklORywKKyAgICAgICAgICAgICAgICAgIlBU RSBmbGFncyAleCBmb3IgJSJQUkl4NjQiIGRvbid0IG1hdGNoIGdyYW50ICgl eClcbiIsCisgICAgICAgICAgICAgICAgIGwxZV9nZXRfZmxhZ3Mob2wxZSks IGFkZHIsIGdyYW50X3B0ZV9mbGFncyk7CisKICAgICAvKiBEZWxldGUgcGFn ZXRhYmxlIGVudHJ5LiAqLwogICAgIGlmICggdW5saWtlbHkoIVVQREFURV9F TlRSWShsMSwgcGwxZSwgb2wxZSwgbmwxZSwgZ2wxbWZuLCB2LCAwKSkgKQog ICAgIHsKLSAgICAgICAgZ2RwcmludGsoWEVOTE9HX1dBUk5JTkcsICJDYW5u b3QgZGVsZXRlIFBURSBlbnRyeSBhdCAlcFxuIiwgcGwxZSk7CisgICAgICAg IGdkcHJpbnRrKFhFTkxPR19XQVJOSU5HLCAiQ2Fubm90IGRlbGV0ZSBQVEUg ZW50cnkgZm9yICUiUFJJeDY0IlxuIiwKKyAgICAgICAgICAgICAgICAgYWRk cik7CiAgICAgICAgIHJjID0gR05UU1RfZ2VuZXJhbF9lcnJvcjsKICAgICAg ICAgZ290byB1bmxvY2tfYW5kX291dDsKICAgICB9CkBAIC00MjU0LDkgKzQy ODIsMTEgQEAgc3RhdGljIGludCByZXBsYWNlX2dyYW50X3ZhX21hcHBpbmco CiB9CiAKIHN0YXRpYyBpbnQgZGVzdHJveV9ncmFudF92YV9tYXBwaW5nKAot ICAgIHVuc2lnbmVkIGxvbmcgYWRkciwgdW5zaWduZWQgbG9uZyBmcmFtZSwg c3RydWN0IHZjcHUgKnYpCisgICAgdW5zaWduZWQgbG9uZyBhZGRyLCB1bnNp Z25lZCBsb25nIGZyYW1lLCB1bnNpZ25lZCBpbnQgZ3JhbnRfcHRlX2ZsYWdz LAorICAgIHN0cnVjdCB2Y3B1ICp2KQogewotICAgIHJldHVybiByZXBsYWNl X2dyYW50X3ZhX21hcHBpbmcoYWRkciwgZnJhbWUsIGwxZV9lbXB0eSgpLCB2 KTsKKyAgICByZXR1cm4gcmVwbGFjZV9ncmFudF92YV9tYXBwaW5nKGFkZHIs IGZyYW1lLCBncmFudF9wdGVfZmxhZ3MsCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICBsMWVfZW1wdHkoKSwgdik7CiB9CiAKIHN0YXRp YyBpbnQgY3JlYXRlX2dyYW50X3AybV9tYXBwaW5nKHVpbnQ2NF90IGFkZHIs IHVuc2lnbmVkIGxvbmcgZnJhbWUsCkBAIC00MzUxLDIwICs0MzgxLDM5IEBA IGludCByZXBsYWNlX2dyYW50X2hvc3RfbWFwcGluZygKICAgICB1bnNpZ25l ZCBsb25nIGdsMW1mbjsKICAgICBzdHJ1Y3QgcGFnZV9pbmZvICpsMXBnOwog ICAgIGludCByYzsKKyAgICB1bnNpZ25lZCBpbnQgZ3JhbnRfcHRlX2ZsYWdz OwogICAgIAogICAgIGlmICggcGFnaW5nX21vZGVfZXh0ZXJuYWwoY3VycmVu dC0+ZG9tYWluKSApCiAgICAgICAgIHJldHVybiByZXBsYWNlX2dyYW50X3Ay bV9tYXBwaW5nKGFkZHIsIGZyYW1lLCBuZXdfYWRkciwgZmxhZ3MpOwogCisg ICAgZ3JhbnRfcHRlX2ZsYWdzID0KKyAgICAgICAgX1BBR0VfUFJFU0VOVCB8 IF9QQUdFX0FDQ0VTU0VEIHwgX1BBR0VfRElSVFkgfCBfUEFHRV9HTlRUQUIg fCBfUEFHRV9OWDsKKworICAgIGlmICggZmxhZ3MgJiBHTlRNQVBfYXBwbGlj YXRpb25fbWFwICkKKyAgICAgICAgZ3JhbnRfcHRlX2ZsYWdzIHw9IF9QQUdF X1VTRVI7CisgICAgaWYgKCAhKGZsYWdzICYgR05UTUFQX3JlYWRvbmx5KSAp CisgICAgICAgIGdyYW50X3B0ZV9mbGFncyB8PSBfUEFHRV9SVzsKKyAgICAv KgorICAgICAqIE9uIHRvcCBvZiB0aGUgZXhwbGljaXQgc2V0dGluZ3MgZG9u ZSBieSBjcmVhdGVfZ3JhbnRfaG9zdF9tYXBwaW5nKCkKKyAgICAgKiBhbHNv IG9wZW4tY29kZSByZWxldmFudCBwYXJ0cyBvZiBhZGp1c3RfZ3Vlc3RfbDFl KCkuIERvbid0IG1pcnJvcgorICAgICAqIGF2YWlsYWJsZSBhbmQgY2FjaGFi aWxpdHkgZmxhZ3MsIHRob3VnaC4KKyAgICAgKi8KKyAgICBpZiAoICFpc19w dl8zMmJpdF9kb21haW4oY3Vyci0+ZG9tYWluKSApCisgICAgICAgIGdyYW50 X3B0ZV9mbGFncyB8PSAoZ3JhbnRfcHRlX2ZsYWdzICYgX1BBR0VfVVNFUikK KyAgICAgICAgICAgICAgICAgICAgICAgICAgID8gX1BBR0VfR0xPQkFMCisg ICAgICAgICAgICAgICAgICAgICAgICAgICA6IF9QQUdFX0dVRVNUX0tFUk5F TCB8IF9QQUdFX1VTRVI7CisKICAgICBpZiAoIGZsYWdzICYgR05UTUFQX2Nv bnRhaW5zX3B0ZSApCiAgICAgewogICAgICAgICBpZiAoICFuZXdfYWRkciAp Ci0gICAgICAgICAgICByZXR1cm4gZGVzdHJveV9ncmFudF9wdGVfbWFwcGlu ZyhhZGRyLCBmcmFtZSwgY3Vyci0+ZG9tYWluKTsKKyAgICAgICAgICAgIHJl dHVybiBkZXN0cm95X2dyYW50X3B0ZV9tYXBwaW5nKGFkZHIsIGZyYW1lLCBn cmFudF9wdGVfZmxhZ3MsCisgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICBjdXJyLT5kb21haW4pOwogICAgICAgICAKICAg ICAgICAgcmV0dXJuIEdOVFNUX2dlbmVyYWxfZXJyb3I7CiAgICAgfQogCiAg ICAgaWYgKCAhbmV3X2FkZHIgKQotICAgICAgICByZXR1cm4gZGVzdHJveV9n cmFudF92YV9tYXBwaW5nKGFkZHIsIGZyYW1lLCBjdXJyKTsKKyAgICAgICAg cmV0dXJuIGRlc3Ryb3lfZ3JhbnRfdmFfbWFwcGluZyhhZGRyLCBmcmFtZSwg Z3JhbnRfcHRlX2ZsYWdzLCBjdXJyKTsKIAogICAgIHBsMWUgPSBndWVzdF9t YXBfbDFlKG5ld19hZGRyLCAmZ2wxbWZuKTsKICAgICBpZiAoICFwbDFlICkK QEAgLTQ0MTIsNyArNDQ2MSw3IEBAIGludCByZXBsYWNlX2dyYW50X2hvc3Rf bWFwcGluZygKICAgICBwdXRfcGFnZShsMXBnKTsKICAgICBndWVzdF91bm1h cF9sMWUocGwxZSk7CiAKLSAgICByYyA9IHJlcGxhY2VfZ3JhbnRfdmFfbWFw cGluZyhhZGRyLCBmcmFtZSwgb2wxZSwgY3Vycik7CisgICAgcmMgPSByZXBs YWNlX2dyYW50X3ZhX21hcHBpbmcoYWRkciwgZnJhbWUsIGdyYW50X3B0ZV9m bGFncywgb2wxZSwgY3Vycik7CiAgICAgaWYgKCByYyAmJiAhcGFnaW5nX21v ZGVfcmVmY291bnRzKGN1cnItPmRvbWFpbikgKQogICAgICAgICBwdXRfcGFn ZV9mcm9tX2wxZShvbDFlLCBjdXJyLT5kb21haW4pOwogCg== --=separator Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KWGVuLWRldmVs IG1haWxpbmcgbGlzdApYZW4tZGV2ZWxAbGlzdHMueGVuLm9yZwpodHRwczovL2xpc3RzLnhlbi5v cmcveGVuLWRldmVsCg== --=separator--