From 790b7f9d660fe0695046b12a799f3e4a9b65198a Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 13 Sep 2022 03:39:32 -0400 Subject: [PATCH] import iproute-5.15.0-4.el8_6.1 --- ...-Fix-buffer-overflow-on-large-labels.patch | 48 +++++++++++++++++++ SPECS/iproute.spec | 19 +++++++- 2 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 SOURCES/0021-tc-flower-Fix-buffer-overflow-on-large-labels.patch diff --git a/SOURCES/0021-tc-flower-Fix-buffer-overflow-on-large-labels.patch b/SOURCES/0021-tc-flower-Fix-buffer-overflow-on-large-labels.patch new file mode 100644 index 0000000..c51aec4 --- /dev/null +++ b/SOURCES/0021-tc-flower-Fix-buffer-overflow-on-large-labels.patch @@ -0,0 +1,48 @@ +From 1b3f8332696651e4843b0419425480f134c8347f Mon Sep 17 00:00:00 2001 +Message-Id: <1b3f8332696651e4843b0419425480f134c8347f.1657569892.git.aclaudi@redhat.com> +In-Reply-To: +References: +From: Andrea Claudi +Date: Mon, 11 Jul 2022 17:57:52 +0200 +Subject: [PATCH] tc: flower: Fix buffer overflow on large labels + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2099364 +Upstream Status: unknown commit 73590d95 + +commit 73590d9573148804034a88ceb2f6b7ca1545561f +Author: Paul Blakey +Date: Sun Dec 5 15:20:25 2021 +0200 + + tc: flower: Fix buffer overflow on large labels + + Buffer is 64bytes, but label printing can take 66bytes printing + in hex, and will overflow when setting the string delimiter ('\0'). + + Fix that by increasing the print buffer size. + + Example of overflowing ct_label: + ct_label 11111111111111111111111111111111/11111111111111111111111111111111 + + Fixes: 2fffb1c03056 ("tc: flower: Add matching on conntrack info") + Signed-off-by: Paul Blakey + Signed-off-by: Stephen Hemminger +--- + tc/f_flower.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tc/f_flower.c b/tc/f_flower.c +index 7f78195f..6d70b92a 100644 +--- a/tc/f_flower.c ++++ b/tc/f_flower.c +@@ -2195,7 +2195,7 @@ static void flower_print_ct_label(struct rtattr *attr, + const unsigned char *str; + bool print_mask = false; + int data_len, i; +- SPRINT_BUF(out); ++ char out[128]; + char *p; + + if (!attr) +-- +2.36.1 + diff --git a/SPECS/iproute.spec b/SPECS/iproute.spec index 24de250..3fe36ce 100644 --- a/SPECS/iproute.spec +++ b/SPECS/iproute.spec @@ -1,7 +1,7 @@ Summary: Advanced IP routing and network device configuration tools Name: iproute Version: 5.15.0 -Release: 4%{?dist}%{?buildid} +Release: 4%{?dist}.1%{?buildid} %if 0%{?rhel} Group: Applications/System %endif @@ -28,6 +28,7 @@ Patch16: 0017-vdpa-Allow-for-printing-negotiated-features-of-a-dev.pa Patch17: 0018-vdpa-Support-for-configuring-max-VQ-pairs-for-a-devi.patch Patch18: 0019-vdpa-Support-reading-device-features.patch Patch19: 0020-vdpa-Update-man-page-with-added-support-to-configure.patch +Patch20: 0021-tc-flower-Fix-buffer-overflow-on-large-labels.patch License: GPLv2+ and Public Domain BuildRequires: bison @@ -42,6 +43,11 @@ BuildRequires: libmnl-devel BuildRequires: libselinux-devel BuildRequires: make BuildRequires: pkgconfig +%if ! 0%{?_module_build} +%if 0%{?fedora} +BuildRequires: linux-atm-libs-devel +%endif +%endif Requires: libbpf Requires: psmisc Provides: /sbin/ip @@ -53,7 +59,9 @@ kernel. %package tc Summary: Linux Traffic Control utility +%if 0%{?rhel} Group: Applications/System +%endif License: GPLv2+ Requires: %{name}%{?_isa} = %{version}-%{release} Provides: /sbin/tc @@ -66,7 +74,9 @@ Linux. %if ! 0%{?_module_build} %package doc Summary: Documentation for iproute2 utilities with examples +%if 0%{?rhel} Group: Applications/System +%endif License: GPLv2+ Requires: %{name} = %{version}-%{release} @@ -76,7 +86,9 @@ The iproute documentation contains howtos and examples of settings. %package devel Summary: iproute development files +%if 0%{?rhel} Group: Development/Libraries +%endif License: GPLv2+ Requires: %{name} = %{version}-%{release} Provides: iproute-static = %{version}-%{release} @@ -106,7 +118,9 @@ install -D -m644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a rm -rf '%{buildroot}%{_docdir}' # append deprecated values to rt_dsfield for compatibility reasons +%if ! 0%{?fedora} cat %{SOURCE1} >>%{buildroot}%{_sysconfdir}/iproute2/rt_dsfield +%endif %files %dir %{_sysconfdir}/iproute2 @@ -146,6 +160,9 @@ cat %{SOURCE1} >>%{buildroot}%{_sysconfdir}/iproute2/rt_dsfield %{_includedir}/iproute2/bpf_elf.h %changelog +* Mon Jul 11 2022 Andrea Claudi - 5.15.0-4.el8_6.1 +- tc: flower: Fix buffer overflow on large labels (Andrea Claudi) [2099364] + * Mon Mar 21 2022 Andrea Claudi - 5.15.0-4.el8 - vdpa: Update man page with added support to configure max vq pair (Andrea Claudi) [2056827] - vdpa: Support reading device features (Andrea Claudi) [2056827]