diff --git a/SOURCES/0001-New-utility-slirp_ether_ntoa.patch b/SOURCES/0001-New-utility-slirp_ether_ntoa.patch new file mode 100644 index 0000000..823785b --- /dev/null +++ b/SOURCES/0001-New-utility-slirp_ether_ntoa.patch @@ -0,0 +1,186 @@ +From c6fcedf4f53e070dfcb7a6910624705cdcc0a027 Mon Sep 17 00:00:00 2001 +From: Doug Evans +Date: Tue, 23 Feb 2021 15:23:19 -0800 +Subject: [PATCH 1/2] New utility slirp_ether_ntoa + +... and call it everywhere a macaddr is pretty-printed. + +Signed-off-by: Doug Evans +(cherry picked from commit ac00ba460e101bbce0a167b4f0517378a0fbe6b8) +--- + src/arp_table.c | 12 +++++++----- + src/ndp_table.c | 18 ++++++++++-------- + src/slirp.c | 11 +++++------ + src/util.c | 11 +++++++++++ + src/util.h | 8 ++++++++ + 5 files changed, 41 insertions(+), 19 deletions(-) + +diff --git a/src/arp_table.c b/src/arp_table.c +index 959e5b9ec0af..ba8c8a4eee88 100644 +--- a/src/arp_table.c ++++ b/src/arp_table.c +@@ -34,11 +34,12 @@ void arp_table_add(Slirp *slirp, uint32_t ip_addr, + ~slirp->vnetwork_mask.s_addr | slirp->vnetwork_addr.s_addr; + ArpTable *arptbl = &slirp->arp_table; + int i; ++ char ethaddr_str[ETH_ADDRSTRLEN]; + + DEBUG_CALL("arp_table_add"); + DEBUG_ARG("ip = %s", inet_ntoa((struct in_addr){ .s_addr = ip_addr })); +- DEBUG_ARG("hw addr = %02x:%02x:%02x:%02x:%02x:%02x", ethaddr[0], ethaddr[1], +- ethaddr[2], ethaddr[3], ethaddr[4], ethaddr[5]); ++ DEBUG_ARG("hw addr = %s", slirp_ether_ntoa(ethaddr, ethaddr_str, ++ sizeof(ethaddr_str))); + + if (ip_addr == 0 || ip_addr == 0xffffffff || ip_addr == broadcast_addr) { + /* Do not register broadcast addresses */ +@@ -67,6 +68,7 @@ bool arp_table_search(Slirp *slirp, uint32_t ip_addr, + ~slirp->vnetwork_mask.s_addr | slirp->vnetwork_addr.s_addr; + ArpTable *arptbl = &slirp->arp_table; + int i; ++ char ethaddr_str[ETH_ADDRSTRLEN]; + + DEBUG_CALL("arp_table_search"); + DEBUG_ARG("ip = %s", inet_ntoa((struct in_addr){ .s_addr = ip_addr })); +@@ -81,9 +83,9 @@ bool arp_table_search(Slirp *slirp, uint32_t ip_addr, + for (i = 0; i < ARP_TABLE_SIZE; i++) { + if (arptbl->table[i].ar_sip == ip_addr) { + memcpy(out_ethaddr, arptbl->table[i].ar_sha, ETH_ALEN); +- DEBUG_ARG("found hw addr = %02x:%02x:%02x:%02x:%02x:%02x", +- out_ethaddr[0], out_ethaddr[1], out_ethaddr[2], +- out_ethaddr[3], out_ethaddr[4], out_ethaddr[5]); ++ DEBUG_ARG("found hw addr = %s", ++ slirp_ether_ntoa(out_ethaddr, ethaddr_str, ++ sizeof(ethaddr_str))); + return 1; + } + } +diff --git a/src/ndp_table.c b/src/ndp_table.c +index 110d6ea0e43f..61ae8e0468fc 100644 +--- a/src/ndp_table.c ++++ b/src/ndp_table.c +@@ -12,13 +12,14 @@ void ndp_table_add(Slirp *slirp, struct in6_addr ip_addr, + char addrstr[INET6_ADDRSTRLEN]; + NdpTable *ndp_table = &slirp->ndp_table; + int i; ++ char ethaddr_str[ETH_ADDRSTRLEN]; + + inet_ntop(AF_INET6, &(ip_addr), addrstr, INET6_ADDRSTRLEN); + + DEBUG_CALL("ndp_table_add"); + DEBUG_ARG("ip = %s", addrstr); +- DEBUG_ARG("hw addr = %02x:%02x:%02x:%02x:%02x:%02x", ethaddr[0], ethaddr[1], +- ethaddr[2], ethaddr[3], ethaddr[4], ethaddr[5]); ++ DEBUG_ARG("hw addr = %s", slirp_ether_ntoa(ethaddr, ethaddr_str, ++ sizeof(ethaddr_str))); + + if (IN6_IS_ADDR_MULTICAST(&ip_addr) || in6_zero(&ip_addr)) { + /* Do not register multicast or unspecified addresses */ +@@ -50,6 +51,7 @@ bool ndp_table_search(Slirp *slirp, struct in6_addr ip_addr, + char addrstr[INET6_ADDRSTRLEN]; + NdpTable *ndp_table = &slirp->ndp_table; + int i; ++ char ethaddr_str[ETH_ADDRSTRLEN]; + + inet_ntop(AF_INET6, &(ip_addr), addrstr, INET6_ADDRSTRLEN); + +@@ -66,18 +68,18 @@ bool ndp_table_search(Slirp *slirp, struct in6_addr ip_addr, + out_ethaddr[3] = ip_addr.s6_addr[13]; + out_ethaddr[4] = ip_addr.s6_addr[14]; + out_ethaddr[5] = ip_addr.s6_addr[15]; +- DEBUG_ARG("multicast addr = %02x:%02x:%02x:%02x:%02x:%02x", +- out_ethaddr[0], out_ethaddr[1], out_ethaddr[2], +- out_ethaddr[3], out_ethaddr[4], out_ethaddr[5]); ++ DEBUG_ARG("multicast addr = %s", ++ slirp_ether_ntoa(out_ethaddr, ethaddr_str, ++ sizeof(ethaddr_str))); + return 1; + } + + for (i = 0; i < NDP_TABLE_SIZE; i++) { + if (in6_equal(&ndp_table->table[i].ip_addr, &ip_addr)) { + memcpy(out_ethaddr, ndp_table->table[i].eth_addr, ETH_ALEN); +- DEBUG_ARG("found hw addr = %02x:%02x:%02x:%02x:%02x:%02x", +- out_ethaddr[0], out_ethaddr[1], out_ethaddr[2], +- out_ethaddr[3], out_ethaddr[4], out_ethaddr[5]); ++ DEBUG_ARG("found hw addr = %s", ++ slirp_ether_ntoa(out_ethaddr, ethaddr_str, ++ sizeof(ethaddr_str))); + return 1; + } + } +diff --git a/src/slirp.c b/src/slirp.c +index abb6f9a966d8..1f2513a9e1a4 100644 +--- a/src/slirp.c ++++ b/src/slirp.c +@@ -1054,6 +1054,7 @@ int if_encap(Slirp *slirp, struct mbuf *ifm) + uint8_t ethaddr[ETH_ALEN]; + const struct ip *iph = (const struct ip *)ifm->m_data; + int ret; ++ char ethaddr_str[ETH_ADDRSTRLEN]; + + if (ifm->m_len + ETH_HLEN > sizeof(buf)) { + return 1; +@@ -1079,12 +1080,10 @@ int if_encap(Slirp *slirp, struct mbuf *ifm) + } + + memcpy(eh->h_dest, ethaddr, ETH_ALEN); +- DEBUG_ARG("src = %02x:%02x:%02x:%02x:%02x:%02x", eh->h_source[0], +- eh->h_source[1], eh->h_source[2], eh->h_source[3], +- eh->h_source[4], eh->h_source[5]); +- DEBUG_ARG("dst = %02x:%02x:%02x:%02x:%02x:%02x", eh->h_dest[0], +- eh->h_dest[1], eh->h_dest[2], eh->h_dest[3], eh->h_dest[4], +- eh->h_dest[5]); ++ DEBUG_ARG("src = %s", slirp_ether_ntoa(eh->h_source, ethaddr_str, ++ sizeof(ethaddr_str))); ++ DEBUG_ARG("dst = %s", slirp_ether_ntoa(eh->h_dest, ethaddr_str, ++ sizeof(ethaddr_str))); + memcpy(buf + sizeof(struct ethhdr), ifm->m_data, ifm->m_len); + slirp_send_packet_all(slirp, buf, ifm->m_len + ETH_HLEN); + return 1; +diff --git a/src/util.c b/src/util.c +index 2d8fb9642e76..67ef66786f54 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -427,3 +427,14 @@ int slirp_fmt0(char *str, size_t size, const char *format, ...) + + return rv; + } ++ ++const char *slirp_ether_ntoa(const uint8_t *addr, char *out_str, ++ size_t out_str_size) ++{ ++ assert(out_str_size >= ETH_ADDRSTRLEN); ++ ++ slirp_fmt0(out_str, out_str_size, "%02x:%02x:%02x:%02x:%02x:%02x", ++ addr[0], addr[1], addr[2], addr[3], addr[4], addr[5]); ++ ++ return out_str; ++} +diff --git a/src/util.h b/src/util.h +index d67b3d0de9aa..8134db961779 100644 +--- a/src/util.h ++++ b/src/util.h +@@ -84,6 +84,7 @@ struct iovec { + #define SCALE_MS 1000000 + + #define ETH_ALEN 6 ++#define ETH_ADDRSTRLEN 18 /* "xx:xx:xx:xx:xx:xx", with trailing NUL */ + #define ETH_HLEN 14 + #define ETH_P_IP (0x0800) /* Internet Protocol packet */ + #define ETH_P_ARP (0x0806) /* Address Resolution packet */ +@@ -186,4 +187,11 @@ void slirp_pstrcpy(char *buf, int buf_size, const char *str); + int slirp_fmt(char *str, size_t size, const char *format, ...) G_GNUC_PRINTF(3, 4); + int slirp_fmt0(char *str, size_t size, const char *format, ...) G_GNUC_PRINTF(3, 4); + ++/* ++ * Pretty print a MAC address into out_str. ++ * As a convenience returns out_str. ++ */ ++const char *slirp_ether_ntoa(const uint8_t *addr, char *out_str, ++ size_t out_str_len); ++ + #endif +-- +2.34.1.428.gdcc0cd074f0c + diff --git a/SOURCES/0002-Replace-inet_ntoa-with-safer-inet_ntop.patch b/SOURCES/0002-Replace-inet_ntoa-with-safer-inet_ntop.patch new file mode 100644 index 0000000..908b144 --- /dev/null +++ b/SOURCES/0002-Replace-inet_ntoa-with-safer-inet_ntop.patch @@ -0,0 +1,173 @@ +From 849c972aa16a85c860f67d7e7f1fbe58e45187d2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= +Date: Wed, 9 Feb 2022 22:15:08 +0400 +Subject: [PATCH 2/2] Replace inet_ntoa() with safer inet_ntop() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +inet_ntoa() returns a static pointer which is subject to safety issues. +Use the recommended alternative. + +Signed-off-by: Marc-André Lureau +--- + src/arp_table.c | 8 ++++++-- + src/ip_icmp.c | 10 ++++++---- + src/misc.c | 22 +++++++++++++--------- + src/socket.c | 5 +++-- + src/udp.c | 5 +++-- + 5 files changed, 31 insertions(+), 19 deletions(-) + +diff --git a/src/arp_table.c b/src/arp_table.c +index ba8c8a4eee88..3cf2ecc238bc 100644 +--- a/src/arp_table.c ++++ b/src/arp_table.c +@@ -35,9 +35,11 @@ void arp_table_add(Slirp *slirp, uint32_t ip_addr, + ArpTable *arptbl = &slirp->arp_table; + int i; + char ethaddr_str[ETH_ADDRSTRLEN]; ++ char addr[INET_ADDRSTRLEN]; + + DEBUG_CALL("arp_table_add"); +- DEBUG_ARG("ip = %s", inet_ntoa((struct in_addr){ .s_addr = ip_addr })); ++ DEBUG_ARG("ip = %s", inet_ntop(AF_INET, &(struct in_addr){ .s_addr = ip_addr }, ++ addr, sizeof(addr))); + DEBUG_ARG("hw addr = %s", slirp_ether_ntoa(ethaddr, ethaddr_str, + sizeof(ethaddr_str))); + +@@ -69,9 +71,11 @@ bool arp_table_search(Slirp *slirp, uint32_t ip_addr, + ArpTable *arptbl = &slirp->arp_table; + int i; + char ethaddr_str[ETH_ADDRSTRLEN]; ++ char addr[INET_ADDRSTRLEN]; + + DEBUG_CALL("arp_table_search"); +- DEBUG_ARG("ip = %s", inet_ntoa((struct in_addr){ .s_addr = ip_addr })); ++ DEBUG_ARG("ip = %s", inet_ntop(AF_INET, &(struct in_addr){ .s_addr = ip_addr }, ++ addr, sizeof(addr))); + + /* If broadcast address */ + if (ip_addr == 0 || ip_addr == 0xffffffff || ip_addr == broadcast_addr) { +diff --git a/src/ip_icmp.c b/src/ip_icmp.c +index f4d686b0222d..26e44a3fd49c 100644 +--- a/src/ip_icmp.c ++++ b/src/ip_icmp.c +@@ -291,10 +291,12 @@ void icmp_forward_error(struct mbuf *msrc, uint8_t type, uint8_t code, int minsi + goto end_error; + ip = mtod(msrc, struct ip *); + if (slirp_debug & DBG_MISC) { +- char bufa[20], bufb[20]; +- slirp_pstrcpy(bufa, sizeof(bufa), inet_ntoa(ip->ip_src)); +- slirp_pstrcpy(bufb, sizeof(bufb), inet_ntoa(ip->ip_dst)); +- DEBUG_MISC(" %.16s to %.16s", bufa, bufb); ++ char addr_src[INET_ADDRSTRLEN]; ++ char addr_dst[INET_ADDRSTRLEN]; ++ ++ inet_ntop(AF_INET, &ip->ip_src, addr_src, sizeof(addr_src)); ++ inet_ntop(AF_INET, &ip->ip_dst, addr_dst, sizeof(addr_dst)); ++ DEBUG_MISC(" %.16s to %.16s", addr_src, addr_dst); + } + if (ip->ip_off & IP_OFFMASK) + goto end_error; /* Only reply to fragment 0 */ +diff --git a/src/misc.c b/src/misc.c +index e6bc0a207d0b..1306f68eb539 100644 +--- a/src/misc.c ++++ b/src/misc.c +@@ -293,6 +293,7 @@ char *slirp_connection_info(Slirp *slirp) + uint16_t dst_port; + struct socket *so; + const char *state; ++ char addr[INET_ADDRSTRLEN]; + char buf[20]; + + g_string_append_printf(str, +@@ -322,10 +323,11 @@ char *slirp_connection_info(Slirp *slirp) + } + slirp_fmt0(buf, sizeof(buf), " TCP[%s]", state); + g_string_append_printf(str, "%-19s %3d %15s %5d ", buf, so->s, +- src.sin_addr.s_addr ? inet_ntoa(src.sin_addr) : +- "*", ++ src.sin_addr.s_addr ? ++ inet_ntop(AF_INET, &src.sin_addr, addr, sizeof(addr)) : "*", + ntohs(src.sin_port)); +- g_string_append_printf(str, "%15s %5d %5d %5d\n", inet_ntoa(dst_addr), ++ g_string_append_printf(str, "%15s %5d %5d %5d\n", ++ inet_ntop(AF_INET, &dst_addr, addr, sizeof(addr)), + ntohs(dst_port), so->so_rcv.sb_cc, + so->so_snd.sb_cc); + } +@@ -346,10 +348,11 @@ char *slirp_connection_info(Slirp *slirp) + dst_port = so->so_fport; + } + g_string_append_printf(str, "%-19s %3d %15s %5d ", buf, so->s, +- src.sin_addr.s_addr ? inet_ntoa(src.sin_addr) : +- "*", ++ src.sin_addr.s_addr ? ++ inet_ntop(AF_INET, &src.sin_addr, addr, sizeof(addr)) : "*", + ntohs(src.sin_port)); +- g_string_append_printf(str, "%15s %5d %5d %5d\n", inet_ntoa(dst_addr), ++ g_string_append_printf(str, "%15s %5d %5d %5d\n", ++ inet_ntop(AF_INET, &dst_addr, addr, sizeof(addr)), + ntohs(dst_port), so->so_rcv.sb_cc, + so->so_snd.sb_cc); + } +@@ -360,9 +363,10 @@ char *slirp_connection_info(Slirp *slirp) + src.sin_addr = so->so_laddr; + dst_addr = so->so_faddr; + g_string_append_printf(str, "%-19s %3d %15s - ", buf, so->s, +- src.sin_addr.s_addr ? inet_ntoa(src.sin_addr) : +- "*"); +- g_string_append_printf(str, "%15s - %5d %5d\n", inet_ntoa(dst_addr), ++ src.sin_addr.s_addr ? ++ inet_ntop(AF_INET, &src.sin_addr, addr, sizeof(addr)) : "*"); ++ g_string_append_printf(str, "%15s - %5d %5d\n", ++ inet_ntop(AF_INET, &dst_addr, addr, sizeof(addr)), + so->so_rcv.sb_cc, so->so_snd.sb_cc); + } + +diff --git a/src/socket.c b/src/socket.c +index c0b02ad131f3..6607e319ad6c 100644 +--- a/src/socket.c ++++ b/src/socket.c +@@ -743,13 +743,14 @@ struct socket *tcp_listen(Slirp *slirp, uint32_t haddr, unsigned hport, + struct sockaddr_in addr; + struct socket *so; + int s, opt = 1; ++ char inet_addr[INET_ADDRSTRLEN]; + socklen_t addrlen = sizeof(addr); + memset(&addr, 0, addrlen); + + DEBUG_CALL("tcp_listen"); +- DEBUG_ARG("haddr = %s", inet_ntoa((struct in_addr){ .s_addr = haddr })); ++ DEBUG_ARG("haddr = %s", inet_ntop(AF_INET, &(struct in_addr){ .s_addr = haddr }, inet_addr, sizeof(inet_addr))); + DEBUG_ARG("hport = %d", ntohs(hport)); +- DEBUG_ARG("laddr = %s", inet_ntoa((struct in_addr){ .s_addr = laddr })); ++ DEBUG_ARG("laddr = %s", inet_ntop(AF_INET, &(struct in_addr){ .s_addr = laddr }, inet_addr, sizeof(inet_addr))); + DEBUG_ARG("lport = %d", ntohs(lport)); + DEBUG_ARG("flags = %x", flags); + +diff --git a/src/udp.c b/src/udp.c +index e4578aa94ed5..0547cd6fc5c3 100644 +--- a/src/udp.c ++++ b/src/udp.c +@@ -248,14 +248,15 @@ bad: + int udp_output(struct socket *so, struct mbuf *m, struct sockaddr_in *saddr, + struct sockaddr_in *daddr, int iptos) + { ++ char addr[INET_ADDRSTRLEN]; + register struct udpiphdr *ui; + int error = 0; + + DEBUG_CALL("udp_output"); + DEBUG_ARG("so = %p", so); + DEBUG_ARG("m = %p", m); +- DEBUG_ARG("saddr = %s", inet_ntoa(saddr->sin_addr)); +- DEBUG_ARG("daddr = %s", inet_ntoa(daddr->sin_addr)); ++ DEBUG_ARG("saddr = %s", inet_ntop(AF_INET, &saddr->sin_addr, addr, sizeof(addr))); ++ DEBUG_ARG("daddr = %s", inet_ntop(AF_INET, &daddr->sin_addr, addr, sizeof(addr))); + + /* + * Adjust for header +-- +2.34.1.428.gdcc0cd074f0c + diff --git a/SPECS/libslirp.spec b/SPECS/libslirp.spec index f19c930..e5e5776 100644 --- a/SPECS/libslirp.spec +++ b/SPECS/libslirp.spec @@ -1,6 +1,6 @@ Name: libslirp Version: 4.4.0 -Release: 4%{?dist} +Release: 7%{?dist} Summary: A general purpose TCP-IP emulator # check the SPDX tags in source files for details @@ -15,6 +15,8 @@ Patch0005: 0005-tftp-check-tftp_input-buffer-size.patch Patch0006: 0006-tftp-introduce-a-header-structure.patch Patch0007: 0007-udp-check-upd_input-buffer-size.patch Patch0008: 0001-Fix-DHCP-broken-in-libslirp-v4.6.0.patch +Patch0009: 0001-New-utility-slirp_ether_ntoa.patch +Patch00010: 0002-Replace-inet_ntoa-with-safer-inet_ntop.patch BuildRequires: git-core @@ -61,6 +63,18 @@ developing applications that use %{name}. %changelog +* Fri Feb 11 2022 Jindrich Novy - 4.4.0-7 +- fix also socket.c, thanks to Marc-André Lureau +- Related: #2000051 + +* Fri Feb 11 2022 Jindrich Novy - 4.4.0-6 +- add patches fixing gating tests from Marc-André Lureau +- Related: #2000051 + +* Wed Feb 09 2022 Jindrich Novy - 4.4.0-5 +- add gating.yaml +- Related: #2000051 + * Mon Aug 09 2021 Mohan Boddu - 4.4.0-4 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688