rpms/iproute
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import iproute-5.15.0-4.el8_6.1

Browse Source
This commit is contained in:
CentOS Sources 2022-09-13 03:39:32 -04:00 committed by Stepan Oksanichenko
parent 9bc5f8a379
commit 790b7f9d66
2 changed files with 66 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
SOURCES/0021-tc-flower-Fix-buffer-overflow-on-large-labels.patch Normal file
View File

@ -0,0 +1,48 @@
From 1b3f8332696651e4843b0419425480f134c8347f Mon Sep 17 00:00:00 2001
Message-Id: <1b3f8332696651e4843b0419425480f134c8347f.1657569892.git.aclaudi@redhat.com>
In-Reply-To: <b30268eda844bdebbb8e5e4f5735e3b1bb666368.1657569892.git.aclaudi@redhat.com>
References: <b30268eda844bdebbb8e5e4f5735e3b1bb666368.1657569892.git.aclaudi@redhat.com>
From: Andrea Claudi <aclaudi@redhat.com>
Date: Mon, 11 Jul 2022 17:57:52 +0200
Subject: [PATCH] tc: flower: Fix buffer overflow on large labels
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2099364
Upstream Status: unknown commit 73590d95
commit 73590d9573148804034a88ceb2f6b7ca1545561f
Author: Paul Blakey <paulb@nvidia.com>
Date: Sun Dec 5 15:20:25 2021 +0200
tc: flower: Fix buffer overflow on large labels
Buffer is 64bytes, but label printing can take 66bytes printing
in hex, and will overflow when setting the string delimiter ('\0').
Fix that by increasing the print buffer size.
Example of overflowing ct_label:
ct_label 11111111111111111111111111111111/11111111111111111111111111111111
Fixes: 2fffb1c03056 ("tc: flower: Add matching on conntrack info")
Signed-off-by: Paul Blakey <paulb@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
tc/f_flower.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/f_flower.c b/tc/f_flower.c
index 7f78195f..6d70b92a 100644
--- a/tc/f_flower.c
+++ b/tc/f_flower.c
@@ -2195,7 +2195,7 @@ static void flower_print_ct_label(struct rtattr *attr,
const unsigned char *str;
bool print_mask = false;
int data_len, i;
- SPRINT_BUF(out);
+ char out[128];
char *p;
if (!attr)
--
2.36.1

19
SPECS/iproute.spec
View File

@ -1,7 +1,7 @@
Summary: Advanced IP routing and network device configuration tools Summary: Advanced IP routing and network device configuration tools
Name: iproute Name: iproute
Version: 5.15.0 Version: 5.15.0
Release: 4%{?dist}%{?buildid} Release: 4%{?dist}.1%{?buildid}
%if 0%{?rhel} %if 0%{?rhel}
Group: Applications/System Group: Applications/System
%endif %endif
@ -28,6 +28,7 @@ Patch16: 0017-vdpa-Allow-for-printing-negotiated-features-of-a-dev.pa
Patch17: 0018-vdpa-Support-for-configuring-max-VQ-pairs-for-a-devi.patch Patch17: 0018-vdpa-Support-for-configuring-max-VQ-pairs-for-a-devi.patch
Patch18: 0019-vdpa-Support-reading-device-features.patch Patch18: 0019-vdpa-Support-reading-device-features.patch
Patch19: 0020-vdpa-Update-man-page-with-added-support-to-configure.patch Patch19: 0020-vdpa-Update-man-page-with-added-support-to-configure.patch
Patch20: 0021-tc-flower-Fix-buffer-overflow-on-large-labels.patch
License: GPLv2+ and Public Domain License: GPLv2+ and Public Domain
BuildRequires: bison BuildRequires: bison
@ -42,6 +43,11 @@ BuildRequires: libmnl-devel
BuildRequires: libselinux-devel BuildRequires: libselinux-devel
BuildRequires: make BuildRequires: make
BuildRequires: pkgconfig BuildRequires: pkgconfig
%if ! 0%{?_module_build}
%if 0%{?fedora}
BuildRequires: linux-atm-libs-devel
%endif
%endif
Requires: libbpf Requires: libbpf
Requires: psmisc Requires: psmisc
Provides: /sbin/ip Provides: /sbin/ip
@ -53,7 +59,9 @@ kernel.
%package tc %package tc
Summary: Linux Traffic Control utility Summary: Linux Traffic Control utility
%if 0%{?rhel}
Group: Applications/System Group: Applications/System
%endif
License: GPLv2+ License: GPLv2+
Requires: %{name}%{?_isa} = %{version}-%{release} Requires: %{name}%{?_isa} = %{version}-%{release}
Provides: /sbin/tc Provides: /sbin/tc
@ -66,7 +74,9 @@ Linux.
%if ! 0%{?_module_build} %if ! 0%{?_module_build}
%package doc %package doc
Summary: Documentation for iproute2 utilities with examples Summary: Documentation for iproute2 utilities with examples
%if 0%{?rhel}
Group: Applications/System Group: Applications/System
%endif
License: GPLv2+ License: GPLv2+
Requires: %{name} = %{version}-%{release} Requires: %{name} = %{version}-%{release}
@ -76,7 +86,9 @@ The iproute documentation contains howtos and examples of settings.
%package devel %package devel
Summary: iproute development files Summary: iproute development files
%if 0%{?rhel}
Group: Development/Libraries Group: Development/Libraries
%endif
License: GPLv2+ License: GPLv2+
Requires: %{name} = %{version}-%{release} Requires: %{name} = %{version}-%{release}
Provides: iproute-static = %{version}-%{release} Provides: iproute-static = %{version}-%{release}
@ -106,7 +118,9 @@ install -D -m644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a
rm -rf '%{buildroot}%{_docdir}' rm -rf '%{buildroot}%{_docdir}'
# append deprecated values to rt_dsfield for compatibility reasons # append deprecated values to rt_dsfield for compatibility reasons
%if ! 0%{?fedora}
cat %{SOURCE1} >>%{buildroot}%{_sysconfdir}/iproute2/rt_dsfield cat %{SOURCE1} >>%{buildroot}%{_sysconfdir}/iproute2/rt_dsfield
%endif
%files %files
%dir %{_sysconfdir}/iproute2 %dir %{_sysconfdir}/iproute2
@ -146,6 +160,9 @@ cat %{SOURCE1} >>%{buildroot}%{_sysconfdir}/iproute2/rt_dsfield
%{_includedir}/iproute2/bpf_elf.h %{_includedir}/iproute2/bpf_elf.h
%changelog %changelog
* Mon Jul 11 2022 Andrea Claudi <aclaudi@redhat.com> - 5.15.0-4.el8_6.1
- tc: flower: Fix buffer overflow on large labels (Andrea Claudi) [2099364]
* Mon Mar 21 2022 Andrea Claudi <aclaudi@redhat.com> - 5.15.0-4.el8 * Mon Mar 21 2022 Andrea Claudi <aclaudi@redhat.com> - 5.15.0-4.el8
- vdpa: Update man page with added support to configure max vq pair (Andrea Claudi) [2056827] - vdpa: Update man page with added support to configure max vq pair (Andrea Claudi) [2056827]
- vdpa: Support reading device features (Andrea Claudi) [2056827] - vdpa: Support reading device features (Andrea Claudi) [2056827]