Merged update from upstream sources
This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/iputils.git#4e18e21dfd8d801514bf3ecb01bda616665b1071
This commit is contained in:
DistroBaker
parent
c369d300e6
commit
40c068882a
88
iputils-ifenslave-CWE-170.patch
Normal file
88
iputils-ifenslave-CWE-170.patch
Normal file
@ -0,0 +1,88 @@
|
||||
From a38091c8eb0c515441080806975856ee09d2edc7 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Macku <jamacku@redhat.com>
|
||||
Date: Tue, 23 Mar 2021 08:10:10 +0100
|
||||
Subject: [PATCH] ifenslave: fix CWE-170: Improper Null Termination
|
||||
|
||||
---
|
||||
ifenslave.c | 24 ++++++++++++++++--------
|
||||
1 file changed, 16 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/ifenslave.c b/ifenslave.c
|
||||
index ddd82ec..1efe4f1 100644
|
||||
--- a/ifenslave.c
|
||||
+++ b/ifenslave.c
|
||||
@@ -509,21 +509,24 @@ static int if_getconfig(char *ifname)
|
||||
struct sockaddr dstaddr, broadaddr, netmask;
|
||||
unsigned char *hwaddr;
|
||||
|
||||
- strcpy(ifr.ifr_name, ifname);
|
||||
+ memset(&ifr, 0, sizeof(ifr));
|
||||
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
||||
if (ioctl(skfd, SIOCGIFFLAGS, &ifr) < 0)
|
||||
return -1;
|
||||
mif_flags = ifr.ifr_flags;
|
||||
printf("The result of SIOCGIFFLAGS on %s is %x.\n",
|
||||
ifname, ifr.ifr_flags);
|
||||
|
||||
- strcpy(ifr.ifr_name, ifname);
|
||||
+ memset(&ifr, 0, sizeof(ifr));
|
||||
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
||||
if (ioctl(skfd, SIOCGIFADDR, &ifr) < 0)
|
||||
return -1;
|
||||
printf("The result of SIOCGIFADDR is %2.2x.%2.2x.%2.2x.%2.2x.\n",
|
||||
ifr.ifr_addr.sa_data[2], ifr.ifr_addr.sa_data[3],
|
||||
ifr.ifr_addr.sa_data[4], ifr.ifr_addr.sa_data[5]);
|
||||
|
||||
- strcpy(ifr.ifr_name, ifname);
|
||||
+ memset(&ifr, 0, sizeof(ifr));
|
||||
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
||||
if (ioctl(skfd, SIOCGIFHWADDR, &ifr) < 0)
|
||||
return -1;
|
||||
|
||||
@@ -534,33 +537,38 @@ static int if_getconfig(char *ifname)
|
||||
ifr.ifr_hwaddr.sa_family, hwaddr[0], hwaddr[1],
|
||||
hwaddr[2], hwaddr[3], hwaddr[4], hwaddr[5]);
|
||||
|
||||
- strcpy(ifr.ifr_name, ifname);
|
||||
+ memset(&ifr, 0, sizeof(ifr));
|
||||
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
||||
if (ioctl(skfd, SIOCGIFMETRIC, &ifr) < 0) {
|
||||
metric = 0;
|
||||
} else
|
||||
metric = ifr.ifr_metric;
|
||||
printf("The result of SIOCGIFMETRIC is %d\n", metric);
|
||||
|
||||
- strcpy(ifr.ifr_name, ifname);
|
||||
+ memset(&ifr, 0, sizeof(ifr));
|
||||
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
||||
if (ioctl(skfd, SIOCGIFMTU, &ifr) < 0)
|
||||
mtu = 0;
|
||||
else
|
||||
mtu = ifr.ifr_mtu;
|
||||
printf("The result of SIOCGIFMTU is %d\n", mtu);
|
||||
|
||||
- strcpy(ifr.ifr_name, ifname);
|
||||
+ memset(&ifr, 0, sizeof(ifr));
|
||||
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
||||
if (ioctl(skfd, SIOCGIFDSTADDR, &ifr) < 0) {
|
||||
memset(&dstaddr, 0, sizeof(struct sockaddr));
|
||||
} else
|
||||
dstaddr = ifr.ifr_dstaddr;
|
||||
|
||||
- strcpy(ifr.ifr_name, ifname);
|
||||
+ memset(&ifr, 0, sizeof(ifr));
|
||||
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
||||
if (ioctl(skfd, SIOCGIFBRDADDR, &ifr) < 0) {
|
||||
memset(&broadaddr, 0, sizeof(struct sockaddr));
|
||||
} else
|
||||
broadaddr = ifr.ifr_broadaddr;
|
||||
|
||||
- strcpy(ifr.ifr_name, ifname);
|
||||
+ memset(&ifr, 0, sizeof(ifr));
|
||||
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
||||
if (ioctl(skfd, SIOCGIFNETMASK, &ifr) < 0) {
|
||||
memset(&netmask, 0, sizeof(struct sockaddr));
|
||||
} else
|
||||
--
|
||||
2.29.2
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
Summary: Network monitoring tools including ping
|
||||
Name: iputils
|
||||
Version: 20210202
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
# some parts are under the original BSD (ping.c)
|
||||
# some are under GPLv2+ (tracepath.c)
|
||||
License: BSD and GPLv2+
|
||||
@ -18,6 +18,7 @@ Source4: bsd.txt
|
||||
Source5: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
|
||||
|
||||
Patch100: iputils-ifenslave.patch
|
||||
Patch101: iputils-ifenslave-CWE-170.patch
|
||||
|
||||
BuildRequires: gcc
|
||||
BuildRequires: meson
|
||||
@ -54,6 +55,7 @@ Queries.
|
||||
cp %{SOURCE4} %{SOURCE5} .
|
||||
|
||||
%patch100 -p1
|
||||
%patch101 -p1
|
||||
|
||||
%build
|
||||
%ifarch s390 s390x
|
||||
@ -130,6 +132,9 @@ install -cp ifenslave.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/
|
||||
%attr(644,root,root) %{_mandir}/man8/ninfod.8.gz
|
||||
|
||||
%changelog
|
||||
* Tue Mar 23 2021 Jan Macku <jamacku@redhat.com> - 20210202-2
|
||||
- ifenslave: fix CWE-170 (related to rhbz#1938746)
|
||||
|
||||
* Tue Feb 02 2021 Kevin Fenzi <kevin@scrye.com> - 20210202-1
|
||||
- Update to 20210202. Fixes rhbz#1923917
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user