rpms/conntrack-tools
5
0
Fork 0
Code Issues Pull Requests Releases Activity

conntrack-tools-1.4.7-3

Browse Source 
- conntrack: Fix potential array out of bounds access

Resolves: RHEL-28513
This commit is contained in:
Phil Sutter 2024-06-20 17:55:31 +02:00
parent cc2609de27
commit 55b81bb642
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
0005-conntrack-Fix-potential-array-out-of-bounds-access.patch Normal file
View File

@ -0,0 +1,28 @@
From db7004f40134c4e51607df8ff2e83f8b1f8bca82 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Tue, 20 Dec 2022 15:02:16 +0100
Subject: [PATCH] conntrack: Fix potential array out of bounds access
If the link target length exceeds 'sizeof(tmp)' bytes, readlink() will
return 'sizeof(tmp)'. Using this value as index is illegal.
Fixes: b031cd2102d9b ("conntrack: pretty-print the portid")
Signed-off-by: Phil Sutter <phil@nwl.cc>
(cherry picked from commit 3514a72f5a03ee7c6c268c31446b7a6994d4569d)
---
src/conntrack.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/conntrack.c b/src/conntrack.c
index 859a4835580b0..aa6323dfbd1b1 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -1769,7 +1769,7 @@ static char *portid2name(pid_t pid, uint32_t portid, unsigned long inode)
continue;
rl = readlink(procname, tmp, sizeof(tmp));
- if (rl <= 0 || rl > (ssize_t)sizeof(tmp))
+ if (rl <= 0 || rl >= (ssize_t)sizeof(tmp))
continue;
tmp[rl] = 0;

6
conntrack-tools.spec
View File

@ -1,6 +1,6 @@
Name: conntrack-tools Name: conntrack-tools
Version: 1.4.7 Version: 1.4.7
Release: 2%{?dist} Release: 3%{?dist}
Summary: Manipulate netfilter connection tracking table and run High Availability Summary: Manipulate netfilter connection tracking table and run High Availability
License: GPLv2 License: GPLv2
URL: http://conntrack-tools.netfilter.org/ URL: http://conntrack-tools.netfilter.org/
@ -12,6 +12,7 @@ Patch01: 0001-build-conntrack-tools-requires-libnetfilter_conntrac.patch
Patch02: 0002-build-don-t-suppress-various-warnings.patch Patch02: 0002-build-don-t-suppress-various-warnings.patch
Patch03: 0003-network-Fix-Wstrict-prototypes.patch Patch03: 0003-network-Fix-Wstrict-prototypes.patch
Patch04: 0004-config-Fix-Wimplicit-function-declaration.patch Patch04: 0004-config-Fix-Wimplicit-function-declaration.patch
Patch05: 0005-conntrack-Fix-potential-array-out-of-bounds-access.patch
BuildRequires: gcc BuildRequires: gcc
BuildRequires: libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.9 BuildRequires: libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.9
@ -93,6 +94,9 @@ install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/conntrackd/
%systemd_postun conntrackd.service %systemd_postun conntrackd.service
%changelog %changelog
* Thu Jun 20 2024 Phil Sutter <psutter@redhat.com> - 1.4.7-3
- conntrack: Fix potential array out of bounds access
* Wed Dec 14 2022 Phil Sutter <psutter@redhat.com> - 1.4.7-2 * Wed Dec 14 2022 Phil Sutter <psutter@redhat.com> - 1.4.7-2
- Explicitly depend on libnetfilter_conntrack-1.0.9 - Explicitly depend on libnetfilter_conntrack-1.0.9