import iproute-5.15.0-4.el8_6.1
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
9bc5f8a379
commit
790b7f9d66
|
|
@ -0,0 +1,48 @@
|
|||
From 1b3f8332696651e4843b0419425480f134c8347f Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <1b3f8332696651e4843b0419425480f134c8347f.1657569892.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <b30268eda844bdebbb8e5e4f5735e3b1bb666368.1657569892.git.aclaudi@redhat.com>
|
||||
References: <b30268eda844bdebbb8e5e4f5735e3b1bb666368.1657569892.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Mon, 11 Jul 2022 17:57:52 +0200
|
||||
Subject: [PATCH] tc: flower: Fix buffer overflow on large labels
|
||||
|
||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2099364
|
||||
Upstream Status: unknown commit 73590d95
|
||||
|
||||
commit 73590d9573148804034a88ceb2f6b7ca1545561f
|
||||
Author: Paul Blakey <paulb@nvidia.com>
|
||||
Date: Sun Dec 5 15:20:25 2021 +0200
|
||||
|
||||
tc: flower: Fix buffer overflow on large labels
|
||||
|
||||
Buffer is 64bytes, but label printing can take 66bytes printing
|
||||
in hex, and will overflow when setting the string delimiter ('\0').
|
||||
|
||||
Fix that by increasing the print buffer size.
|
||||
|
||||
Example of overflowing ct_label:
|
||||
ct_label 11111111111111111111111111111111/11111111111111111111111111111111
|
||||
|
||||
Fixes: 2fffb1c03056 ("tc: flower: Add matching on conntrack info")
|
||||
Signed-off-by: Paul Blakey <paulb@nvidia.com>
|
||||
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
||||
---
|
||||
tc/f_flower.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tc/f_flower.c b/tc/f_flower.c
|
||||
index 7f78195f..6d70b92a 100644
|
||||
--- a/tc/f_flower.c
|
||||
+++ b/tc/f_flower.c
|
||||
@@ -2195,7 +2195,7 @@ static void flower_print_ct_label(struct rtattr *attr,
|
||||
const unsigned char *str;
|
||||
bool print_mask = false;
|
||||
int data_len, i;
|
||||
- SPRINT_BUF(out);
|
||||
+ char out[128];
|
||||
char *p;
|
||||
|
||||
if (!attr)
|
||||
--
|
||||
2.36.1
|
||||
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
Summary: Advanced IP routing and network device configuration tools
|
||||
Name: iproute
|
||||
Version: 5.15.0
|
||||
Release: 4%{?dist}%{?buildid}
|
||||
Release: 4%{?dist}.1%{?buildid}
|
||||
%if 0%{?rhel}
|
||||
Group: Applications/System
|
||||
%endif
|
||||
|
|
@ -28,6 +28,7 @@ Patch16: 0017-vdpa-Allow-for-printing-negotiated-features-of-a-dev.pa
|
|||
Patch17: 0018-vdpa-Support-for-configuring-max-VQ-pairs-for-a-devi.patch
|
||||
Patch18: 0019-vdpa-Support-reading-device-features.patch
|
||||
Patch19: 0020-vdpa-Update-man-page-with-added-support-to-configure.patch
|
||||
Patch20: 0021-tc-flower-Fix-buffer-overflow-on-large-labels.patch
|
||||
|
||||
License: GPLv2+ and Public Domain
|
||||
BuildRequires: bison
|
||||
|
|
@ -42,6 +43,11 @@ BuildRequires: libmnl-devel
|
|||
BuildRequires: libselinux-devel
|
||||
BuildRequires: make
|
||||
BuildRequires: pkgconfig
|
||||
%if ! 0%{?_module_build}
|
||||
%if 0%{?fedora}
|
||||
BuildRequires: linux-atm-libs-devel
|
||||
%endif
|
||||
%endif
|
||||
Requires: libbpf
|
||||
Requires: psmisc
|
||||
Provides: /sbin/ip
|
||||
|
|
@ -53,7 +59,9 @@ kernel.
|
|||
|
||||
%package tc
|
||||
Summary: Linux Traffic Control utility
|
||||
%if 0%{?rhel}
|
||||
Group: Applications/System
|
||||
%endif
|
||||
License: GPLv2+
|
||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||
Provides: /sbin/tc
|
||||
|
|
@ -66,7 +74,9 @@ Linux.
|
|||
%if ! 0%{?_module_build}
|
||||
%package doc
|
||||
Summary: Documentation for iproute2 utilities with examples
|
||||
%if 0%{?rhel}
|
||||
Group: Applications/System
|
||||
%endif
|
||||
License: GPLv2+
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
|
||||
|
|
@ -76,7 +86,9 @@ The iproute documentation contains howtos and examples of settings.
|
|||
|
||||
%package devel
|
||||
Summary: iproute development files
|
||||
%if 0%{?rhel}
|
||||
Group: Development/Libraries
|
||||
%endif
|
||||
License: GPLv2+
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
Provides: iproute-static = %{version}-%{release}
|
||||
|
|
@ -106,7 +118,9 @@ install -D -m644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a
|
|||
rm -rf '%{buildroot}%{_docdir}'
|
||||
|
||||
# append deprecated values to rt_dsfield for compatibility reasons
|
||||
%if ! 0%{?fedora}
|
||||
cat %{SOURCE1} >>%{buildroot}%{_sysconfdir}/iproute2/rt_dsfield
|
||||
%endif
|
||||
|
||||
%files
|
||||
%dir %{_sysconfdir}/iproute2
|
||||
|
|
@ -146,6 +160,9 @@ cat %{SOURCE1} >>%{buildroot}%{_sysconfdir}/iproute2/rt_dsfield
|
|||
%{_includedir}/iproute2/bpf_elf.h
|
||||
|
||||
%changelog
|
||||
* Mon Jul 11 2022 Andrea Claudi <aclaudi@redhat.com> - 5.15.0-4.el8_6.1
|
||||
- tc: flower: Fix buffer overflow on large labels (Andrea Claudi) [2099364]
|
||||
|
||||
* Mon Mar 21 2022 Andrea Claudi <aclaudi@redhat.com> - 5.15.0-4.el8
|
||||
- vdpa: Update man page with added support to configure max vq pair (Andrea Claudi) [2056827]
|
||||
- vdpa: Support reading device features (Andrea Claudi) [2056827]
|
||||
|
|
|
|||
Loading…
Reference in New Issue