rpms/iptables
7
0
Fork 0
Code Issues Pull Requests Releases Activity

[tw] - fixed autoload problem in iptables and ip6tables (CAN-2004-0986)

Browse Source
This commit is contained in:
Thomas Woerner 2004-11-11 11:55:39 +00:00
parent 17fd75cb18
commit f8486dc1c5
2 changed files with 54 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
iptables-1.2.11-autoload.patch Normal file
View File

@ -0,0 +1,48 @@
--- iptables-1.2.11/ip6tables.c.autoload 2004-11-11 12:03:35.221306429 +0100
+++ iptables-1.2.11/ip6tables.c 2004-11-11 12:04:43.382900379 +0100
@@ -1595,15 +1595,18 @@
int procfile;
char *ret;
+#define PROCFILE_BUFSIZ 1024
+
procfile = open(PROC_SYS_MODPROBE, O_RDONLY);
if (procfile < 0)
return NULL;
- ret = malloc(1024);
+ ret = malloc(PROCFILE_BUFSIZ);
if (ret) {
- switch (read(procfile, ret, 1024)) {
+ memset(ret, 0, PROCFILE_BUFSIZ);
+ switch (read(procfile, ret, PROCFILE_BUFSIZ)) {
case -1: goto fail;
- case 1024: goto fail; /* Partial read. Wierd */
+ case PROCFILE_BUFSIZ: goto fail; /* Partial read. Wierd */
}
if (ret[strlen(ret)-1]=='\n')
ret[strlen(ret)-1]=0;
--- iptables-1.2.11/iptables.c.autoload 2004-11-11 12:01:35.601815606 +0100
+++ iptables-1.2.11/iptables.c 2004-11-11 12:02:50.496478760 +0100
@@ -1593,15 +1593,18 @@
int procfile;
char *ret;
+#define PROCFILE_BUFSIZ 1024
+
procfile = open(PROC_SYS_MODPROBE, O_RDONLY);
if (procfile < 0)
return NULL;
- ret = malloc(1024);
+ ret = malloc(PROCFILE_BUFSIZ);
if (ret) {
- switch (read(procfile, ret, 1024)) {
+ memset(ret, 0, PROCFILE_BUFSIZ);
+ switch (read(procfile, ret, PROCFILE_BUFSIZ)) {
case -1: goto fail;
- case 1024: goto fail; /* Partial read. Wierd */
+ case PROCFILE_BUFSIZ: goto fail; /* Partial read. Wierd */
}
if (ret[strlen(ret)-1]=='\n')
ret[strlen(ret)-1]=0;

7
iptables.spec
View File

@ -4,7 +4,7 @@
Name: iptables Name: iptables
Summary: Tools for managing Linux kernel packet filtering capabilities. Summary: Tools for managing Linux kernel packet filtering capabilities.
Version: 1.2.11 Version: 1.2.11
Release: 3.1 Release: 3.2
Source: http://www.netfilter.org/%{name}-%{version}.tar.bz2 Source: http://www.netfilter.org/%{name}-%{version}.tar.bz2
Source1: iptables.init Source1: iptables.init
Source2: iptables-config Source2: iptables-config
@ -17,6 +17,7 @@ Patch5: iptables-1.2.9-selinux.patch
Patch6: iptables-1.2.10-counters.patch Patch6: iptables-1.2.10-counters.patch
Patch7: iptables-1.2.11-free.patch Patch7: iptables-1.2.11-free.patch
Patch8: iptables-1.2.11-cleanup.patch Patch8: iptables-1.2.11-cleanup.patch
Patch9: iptables-1.2.11-autoload.patch
Group: System Environment/Base Group: System Environment/Base
URL: http://www.netfilter.org/ URL: http://www.netfilter.org/
BuildRoot: %{_tmppath}/%{name}-buildroot BuildRoot: %{_tmppath}/%{name}-buildroot
@ -74,6 +75,7 @@ cd ..
%patch6 -p1 -b .counters %patch6 -p1 -b .counters
%patch7 -p1 -b .free %patch7 -p1 -b .free
%patch8 -p1 -b .cleanup %patch8 -p1 -b .cleanup
%patch9 -p1 -b .autoload
# Put it to a reasonable place # Put it to a reasonable place
find . -type f -exec perl -pi -e "s,/usr/local,%{prefix},g" {} \; find . -type f -exec perl -pi -e "s,/usr/local,%{prefix},g" {} \;
@ -148,6 +150,9 @@ fi
%endif %endif
%changelog %changelog
* Thu Nov 11 2004 Thomas Woerner <twoerner@redhat.com> 1.2.11-3.2
- fixed autoload problem in iptables and ip6tables (CAN-2004-0986)
* Fri Sep 17 2004 Thomas Woerner <twoerner@redhat.com> 1.2.11-3.1 * Fri Sep 17 2004 Thomas Woerner <twoerner@redhat.com> 1.2.11-3.1
- changed default behaviour for IPTABLES_STATUS_NUMERIC to "yes" (#129731) - changed default behaviour for IPTABLES_STATUS_NUMERIC to "yes" (#129731)
- modified config file to match this change and un-commented variables with - modified config file to match this change and un-commented variables with