diff options
author | Ned Ludd <solar@gentoo.org> | 2004-08-12 10:28:27 +0000 |
---|---|---|
committer | Ned Ludd <solar@gentoo.org> | 2004-08-12 10:28:27 +0000 |
commit | 16b842595923dc8a0504a3398e66d0cb11130eb9 (patch) | |
tree | e837cc5e8e89a54b09a968dac3c22f49dac8eed5 /sys-apps/net-tools | |
parent | Added [~]s390 (diff) | |
download | historical-16b842595923dc8a0504a3398e66d0cb11130eb9.tar.gz historical-16b842595923dc8a0504a3398e66d0cb11130eb9.tar.bz2 historical-16b842595923dc8a0504a3398e66d0cb11130eb9.zip |
get_name() scans past the first ':' looking for <digit>*: - however if the bytes field has grown far enough to butt right up to the interface name it will cause get_name to parse over the bytes field thinking it may be an alias thus triggering an overflow. bug 58633
Diffstat (limited to 'sys-apps/net-tools')
-rw-r--r-- | sys-apps/net-tools/ChangeLog | 11 | ||||
-rw-r--r-- | sys-apps/net-tools/Manifest | 11 | ||||
-rw-r--r-- | sys-apps/net-tools/files/digest-net-tools-1.60-r9 | 2 | ||||
-rw-r--r-- | sys-apps/net-tools/files/net-tools-1.60-get_name.patch | 58 | ||||
-rw-r--r-- | sys-apps/net-tools/net-tools-1.60-r9.ebuild | 117 |
5 files changed, 194 insertions, 5 deletions
diff --git a/sys-apps/net-tools/ChangeLog b/sys-apps/net-tools/ChangeLog index f93c0e64f4e4..6d1fd73c5096 100644 --- a/sys-apps/net-tools/ChangeLog +++ b/sys-apps/net-tools/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for sys-apps/net-tools # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/net-tools/ChangeLog,v 1.34 2004/07/17 08:37:38 mr_bones_ Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/net-tools/ChangeLog,v 1.35 2004/08/12 10:28:27 solar Exp $ + +*net-tools-1.60-r9 (12 Aug 2004) + + 12 Aug 2004; <solar@gentoo.org> net-tools-1.60-r9.ebuild, + files/net-tools-1.60-get_name.patch: + get_name() scans past the first ':' looking for <digit>*: - however if the + bytes field has grown far enough to butt right up to the interface name it + will cause get_name to parse over the bytes field thinking it may be an alias + thus triggering an overflow. bug 58633 17 Jul 2004; Michael Sterrett <mr_bones_@gentoo.org> net-tools-1.60-r8.ebuild: diff --git a/sys-apps/net-tools/Manifest b/sys-apps/net-tools/Manifest index 6f2790ba3fe8..fd2527e6052e 100644 --- a/sys-apps/net-tools/Manifest +++ b/sys-apps/net-tools/Manifest @@ -1,8 +1,11 @@ -MD5 33abdf4c888e93864579034ae1f0bee3 ChangeLog 5749 +MD5 e10ac87528ea366834cce8754f04f684 net-tools-1.60-r9.ebuild 3264 MD5 14a10c003597e5ff71b26015cec64b4d net-tools-1.60-r8.ebuild 3134 +MD5 70cb448e701bbd2864e0d5b1ab03f985 ChangeLog 6154 MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164 -MD5 b1288e643ec595e07f37d7fd0d755ba5 files/digest-net-tools-1.60-r8 148 -MD5 3d8683073f95e3da2c596bb09c1cbb89 files/1.60-man.patch 737 -MD5 51de6eabe2d6d6dc860f72c41cee636b files/net-tools-1.60-2.6-compilefix.patch 784 +MD5 072d18eb2ee26819f507caf8f47b61fc files/net-tools-1.60-get_name.patch 1606 MD5 e98da89f3a64d4842946223b199fd5c7 files/net-tools-1.60-cleanup-list-handling.patch 1322 MD5 21723cf8906d7431823260022ba2bb12 files/1.60-gcc34.patch 712 +MD5 3d8683073f95e3da2c596bb09c1cbb89 files/1.60-man.patch 737 +MD5 b1288e643ec595e07f37d7fd0d755ba5 files/digest-net-tools-1.60-r8 148 +MD5 b1288e643ec595e07f37d7fd0d755ba5 files/digest-net-tools-1.60-r9 148 +MD5 51de6eabe2d6d6dc860f72c41cee636b files/net-tools-1.60-2.6-compilefix.patch 784 diff --git a/sys-apps/net-tools/files/digest-net-tools-1.60-r9 b/sys-apps/net-tools/files/digest-net-tools-1.60-r9 new file mode 100644 index 000000000000..0a4ac9ee6c4e --- /dev/null +++ b/sys-apps/net-tools/files/digest-net-tools-1.60-r9 @@ -0,0 +1,2 @@ +MD5 888774accab40217dde927e21979c165 net-tools-1.60.tar.bz2 198520 +MD5 d733ef8b0bad3dbd0cf98e14b45fe1a6 net-tools-1.60-gentoo-extra-1.tar.bz2 10370 diff --git a/sys-apps/net-tools/files/net-tools-1.60-get_name.patch b/sys-apps/net-tools/files/net-tools-1.60-get_name.patch new file mode 100644 index 000000000000..fdde46e7ec8b --- /dev/null +++ b/sys-apps/net-tools/files/net-tools-1.60-get_name.patch @@ -0,0 +1,58 @@ +diff -Nrup net-tools-1.60.orig/lib/interface.c net-tools-1.60/lib/interface.c +--- net-tools-1.60.orig/lib/interface.c 2004-08-12 05:54:09.000000000 -0400 ++++ net-tools-1.60/lib/interface.c 2004-08-12 06:03:20.000000000 -0400 +@@ -203,28 +203,34 @@ out: + + static char *get_name(char *name, char *p) + { +- while (isspace(*p)) +- p++; +- while (*p) { +- if (isspace(*p)) +- break; +- if (*p == ':') { /* could be an alias */ +- char *dot = p, *dotname = name; +- *name++ = *p++; +- while (isdigit(*p)) +- *name++ = *p++; +- if (*p != ':') { /* it wasn't, backup */ +- p = dot; +- name = dotname; +- } +- if (*p == '\0') +- return NULL; +- p++; +- break; ++ /* Extract <name>[:<alias>] from nul-terminated p where p matches ++ <name>[:<alias>]: after leading whitespace. ++ If match is not made, set name empty and return unchanged p */ ++ int namestart=0, nameend=0, aliasend; ++ while (isspace(p[namestart])) ++ namestart++; ++ nameend=namestart; ++ while (p[nameend] && p[nameend]!=':' && !isspace(p[nameend])) ++ nameend++; ++ if (p[nameend]==':') { ++ aliasend=nameend+1; ++ while (p[aliasend] && isdigit(p[aliasend])) ++ aliasend++; ++ if (p[aliasend]==':') { ++ nameend=aliasend; ++ } ++ if ((nameend-namestart)<IFNAMSIZ) { ++ memcpy(name,&p[namestart],nameend-namestart); ++ name[nameend-namestart]='\0'; ++ p=&p[nameend]; ++ } else { ++ /* Interface name too large */ ++ name[0]='\0'; + } +- *name++ = *p++; ++ } else { ++ /* first ':' not found - return empty */ ++ name[0]='\0'; + } +- *name++ = '\0'; + return p; + } + diff --git a/sys-apps/net-tools/net-tools-1.60-r9.ebuild b/sys-apps/net-tools/net-tools-1.60-r9.ebuild new file mode 100644 index 000000000000..2408f1d87a20 --- /dev/null +++ b/sys-apps/net-tools/net-tools-1.60-r9.ebuild @@ -0,0 +1,117 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/net-tools/net-tools-1.60-r9.ebuild,v 1.1 2004/08/12 10:28:27 solar Exp $ + +inherit flag-o-matic gcc eutils + +DESCRIPTION="Standard Linux networking tools" +HOMEPAGE="http://sites.inka.de/lina/linux/NetTools/" +SRC_URI="http://www.tazenda.demon.co.uk/phil/net-tools/${P}.tar.bz2 + mirror://gentoo/${P}-gentoo-extra-1.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64 ~ia64 ~ppc64 ~s390" +IUSE="nls build static uclibc" + +DEPEND="nls? ( sys-devel/gettext ) + >=sys-apps/sed-4" + +src_unpack() { + if use static ; then + append-flags -static + append-ldflags -static + fi + + PATCHDIR=${WORKDIR}/${P}-gentoo + + unpack ${A} + cd ${S} + + # Compile fix for 2.6 kernels + epatch ${FILESDIR}/net-tools-1.60-2.6-compilefix.patch + epatch ${FILESDIR}/${PV}-gcc34.patch #48167 + epatch ${FILESDIR}/net-tools-1.60-cleanup-list-handling.patch + + # Stack smashing attack in if_readlist_proc() from ifconfig - bug #58633 + epatch ${FILESDIR}/net-tools-1.60-get_name.patch + + # some redhat patches + epatch ${PATCHDIR}/net-tools-1.54-ipvs.patch + epatch ${PATCHDIR}/net-tools-1.57-bug22040.patch + epatch ${PATCHDIR}/net-tools-1.60-manydevs.patch + epatch ${PATCHDIR}/net-tools-1.60-miiioctl.patch + epatch ${PATCHDIR}/net-tools-1.60-virtualname.patch + epatch ${PATCHDIR}/net-tools-1.60-cycle.patch + + # GCC-3.3 Compile Fix + epatch ${PATCHDIR}/${P}-multiline-string.patch + + # manpage fix #29677 + epatch ${FILESDIR}/${PV}-man.patch + + cp ${PATCHDIR}/net-tools-1.60-config.h config.h + cp ${PATCHDIR}/net-tools-1.60-config.make config.make + + sed -i \ + -e 's/^libdir:/libdir: version.h/' \ + -e "s:-O2 -Wall -g:${CFLAGS}:" \ + -e "/^LOPTS =/ s/\$/${CFLAGS}/" Makefile \ + || die "sed Makefile failed" + + sed -i -e "s:/usr/man:/usr/share/man:" man/Makefile \ + || die "sed man/Makefile failed" + + if ! use uclibc ; then + cp -f ${PATCHDIR}/ether-wake.c ${S} + cp -f ${PATCHDIR}/ether-wake.8 ${S}/man/en_US + fi + + if ! use nls ; then + sed -i -e 's:\(#define I18N\) 1:\1 0:' config.h || \ + die "sed config.h failed" + + sed -i -e 's:I18N=1:I18N=0:' config.make || + die "sed config.make failed" + fi + + touch config.{h,make} # sync timestamps +} + +src_compile() { + #configure shouldn't run anymore so bug #820 shouldn't apply... + emake libdir || die "emake libdir failed" + emake || die "emake failed" + + if use nls ; then + emake i18ndir || die "emake i18ndir failed" + fi + + if ! use uclibc ; then + $(gcc-getCC) ${CFLAGS} -o ether-wake ether-wake.c || die "ether-wake failed to build" + fi +} + +src_install() { + make BASEDIR="${D}" install || die "make install failed" + + if ! use uclibc ; then + dosbin ether-wake || die "dosbin failed" + fi + mv ${D}/bin/* ${D}/sbin || die "mv failed" + mv ${D}/sbin/{hostname,domainname,netstat,dnsdomainname,ypdomainname,nisdomainname} ${D}/bin \ + || die "mv failed" + use uclibc && rm -f ${D}/bin/{yp,nis}domainname + dodir /usr/bin + dosym /bin/hostname /usr/bin/hostname + + if ! use build + then + dodoc README README.ipv6 TODO + else + #only install /bin/hostname + rm -rf ${D}/usr ${D}/sbin + rm -f ${D}/bin/{domainname,netstat,dnsdomainname} + rm -f ${D}/bin/{ypdomainname,nisdomainname} + fi +} |