rpms
/
nmap
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import nmap-7.70-6.el8

This commit is contained in:
CentOS Sources 2021-08-24 22:34:14 +00:00 committed by Andrew Lukoshko
parent 404dc13548
commit 094308f9f1
2 changed files with 375 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

369
SOURCES/nmap-safe_fd_functions.patch Normal file
View File

@ -0,0 +1,369 @@
diff --git a/ncat/ncat_core.c b/ncat/ncat_core.c
index 649e478..21eca9e 100644
--- a/ncat/ncat_core.c
+++ b/ncat/ncat_core.c
@@ -458,7 +458,7 @@ int ncat_broadcast(fd_set *fds, const fd_list_t *fdlist, const char *msg, size_t
ret = 0;
for (i = 0; i <= fdlist->fdmax; i++) {
- if (!FD_ISSET(i, fds))
+ if (!checked_fd_isset(i, fds))
continue;
fdn = get_fdinfo(fdlist, i);
diff --git a/ncat/ncat_listen.c b/ncat/ncat_listen.c
index 5c4bb33..bb779cf 100644
--- a/ncat/ncat_listen.c
+++ b/ncat/ncat_listen.c
@@ -312,10 +312,10 @@ static int ncat_listen_stream(int proto)
unblock_socket(listen_socket[num_sockets]);
/* setup select sets and max fd */
- FD_SET(listen_socket[num_sockets], &master_readfds);
+ checked_fd_set(listen_socket[num_sockets], &master_readfds);
add_fd(&client_fdlist, listen_socket[num_sockets]);
- FD_SET(listen_socket[num_sockets], &listen_fds);
+ checked_fd_set(listen_socket[num_sockets], &listen_fds);
num_sockets++;
}
@@ -368,7 +368,7 @@ static int ncat_listen_stream(int proto)
*/
for (i = 0; i <= client_fdlist.fdmax && fds_ready > 0; i++) {
/* Loop through descriptors until there's something to read */
- if (!FD_ISSET(i, &readfds) && !FD_ISSET(i, &writefds))
+ if (!checked_fd_isset(i, &readfds) && !checked_fd_isset(i, &writefds))
continue;
if (o.debug > 1)
@@ -376,30 +376,30 @@ static int ncat_listen_stream(int proto)
#ifdef HAVE_OPENSSL
/* Is this an ssl socket pending a handshake? If so handle it. */
- if (o.ssl && FD_ISSET(i, &sslpending_fds)) {
+ if (o.ssl && checked_fd_isset(i, &sslpending_fds)) {
struct fdinfo *fdi = NULL;
- FD_CLR(i, &master_readfds);
- FD_CLR(i, &master_writefds);
+ checked_fd_clr(i, &master_readfds);
+ checked_fd_clr(i, &master_writefds);
fdi = get_fdinfo(&client_fdlist, i);
ncat_assert(fdi != NULL);
switch (ssl_handshake(fdi)) {
case NCAT_SSL_HANDSHAKE_COMPLETED:
/* Clear from sslpending_fds once ssl is established */
- FD_CLR(i, &sslpending_fds);
+ checked_fd_clr(i, &sslpending_fds);
post_handle_connection(*fdi);
break;
case NCAT_SSL_HANDSHAKE_PENDING_WRITE:
- FD_SET(i, &master_writefds);
+ checked_fd_set(i, &master_writefds);
break;
case NCAT_SSL_HANDSHAKE_PENDING_READ:
- FD_SET(i, &master_readfds);
+ checked_fd_set(i, &master_readfds);
break;
case NCAT_SSL_HANDSHAKE_FAILED:
default:
SSL_free(fdi->ssl);
Close(fdi->fd);
- FD_CLR(i, &sslpending_fds);
- FD_CLR(i, &master_readfds);
+ checked_fd_clr(i, &sslpending_fds);
+ checked_fd_clr(i, &master_readfds);
rm_fd(&client_fdlist, i);
/* Are we in single listening mode(without -k)? If so
then we should quit also. */
@@ -410,7 +410,7 @@ static int ncat_listen_stream(int proto)
}
} else
#endif
- if (FD_ISSET(i, &listen_fds)) {
+ if (checked_fd_isset(i, &listen_fds)) {
/* we have a new connection request */
handle_connection(i);
} else if (i == STDIN_FILENO) {
@@ -490,7 +490,7 @@ static void handle_connection(int socket_accept)
int i;
for (i = 0; i < num_listenaddrs; i++) {
Close(listen_socket[i]);
- FD_CLR(listen_socket[i], &master_readfds);
+ checked_fd_clr(listen_socket[i], &master_readfds);
rm_fd(&client_fdlist, listen_socket[i]);
}
}
@@ -528,9 +528,9 @@ static void handle_connection(int socket_accept)
#ifdef HAVE_OPENSSL
if (o.ssl) {
/* Add the socket to the necessary descriptor lists. */
- FD_SET(s.fd, &sslpending_fds);
- FD_SET(s.fd, &master_readfds);
- FD_SET(s.fd, &master_writefds);
+ checked_fd_set(s.fd, &sslpending_fds);
+ checked_fd_set(s.fd, &master_readfds);
+ checked_fd_set(s.fd, &master_writefds);
/* Add it to our list of fds too for maintaining maxfd. */
if (add_fdinfo(&client_fdlist, &s) < 0)
bye("add_fdinfo() failed.");
@@ -563,10 +563,10 @@ static void post_handle_connection(struct fdinfo sinfo)
} else {
/* Now that a client is connected, pay attention to stdin. */
if (!stdin_eof)
- FD_SET(STDIN_FILENO, &master_readfds);
+ checked_fd_set(STDIN_FILENO, &master_readfds);
if (!o.sendonly) {
/* add to our lists */
- FD_SET(sinfo.fd, &master_readfds);
+ checked_fd_set(sinfo.fd, &master_readfds);
/* add it to our list of fds for maintaining maxfd */
#ifdef HAVE_OPENSSL
/* Don't add it twice (see handle_connection above) */
@@ -578,7 +578,7 @@ static void post_handle_connection(struct fdinfo sinfo)
}
#endif
}
- FD_SET(sinfo.fd, &master_broadcastfds);
+ checked_fd_set(sinfo.fd, &master_broadcastfds);
if (add_fdinfo(&broadcast_fdlist, &sinfo) < 0)
bye("add_fdinfo() failed.");
@@ -603,7 +603,7 @@ int read_stdin(void)
logdebug("EOF on stdin\n");
/* Don't close the file because that allows a socket to be fd 0. */
- FD_CLR(STDIN_FILENO, &master_readfds);
+ checked_fd_clr(STDIN_FILENO, &master_readfds);
/* Buf mark that we've seen EOF so it doesn't get re-added to the
select list. */
stdin_eof = 1;
@@ -656,14 +656,14 @@ int read_socket(int recv_fd)
}
#endif
close(recv_fd);
- FD_CLR(recv_fd, &master_readfds);
+ checked_fd_clr(recv_fd, &master_readfds);
rm_fd(&client_fdlist, recv_fd);
- FD_CLR(recv_fd, &master_broadcastfds);
+ checked_fd_clr(recv_fd, &master_broadcastfds);
rm_fd(&broadcast_fdlist, recv_fd);
conn_inc--;
if (get_conn_count() == 0)
- FD_CLR(STDIN_FILENO, &master_readfds);
+ checked_fd_clr(STDIN_FILENO, &master_readfds);
return n;
}
@@ -753,7 +753,7 @@ static int ncat_listen_dgram(int proto)
logdebug("do_listen(\"%s\"): %s\n", inet_ntop_ez(&listenaddrs[i].storage, sizeof(listenaddrs[i].storage)), socket_strerror(socket_errno()));
continue;
}
- FD_SET(sockfd[num_sockets].fd, &listen_fds);
+ checked_fd_set(sockfd[num_sockets].fd, &listen_fds);
add_fd(&listen_fdlist, sockfd[num_sockets].fd);
sockfd[num_sockets].addr = listenaddrs[i];
num_sockets++;
@@ -773,14 +773,14 @@ static int ncat_listen_dgram(int proto)
if (fdn != -1) {
/*remove socket descriptor which is burnt */
- FD_CLR(sockfd[fdn].fd, &listen_fds);
+ checked_fd_clr(sockfd[fdn].fd, &listen_fds);
rm_fd(&listen_fdlist, sockfd[fdn].fd);
/* Rebuild the udp socket which got burnt */
sockfd[fdn].fd = do_listen(SOCK_DGRAM, proto, &sockfd[fdn].addr);
if (sockfd[fdn].fd == -1)
bye("do_listen: %s", socket_strerror(socket_errno()));
- FD_SET(sockfd[fdn].fd, &listen_fds);
+ checked_fd_set(sockfd[fdn].fd, &listen_fds);
add_fd(&listen_fdlist, sockfd[fdn].fd);
}
@@ -818,7 +818,7 @@ static int ncat_listen_dgram(int proto)
*/
for (i = 0; i <= listen_fdlist.fdmax && fds_ready > 0; i++) {
/* Loop through descriptors until there is something ready */
- if (!FD_ISSET(i, &fds))
+ if (!checked_fd_isset(i, &fds))
continue;
/* Check each listening socket */
@@ -905,8 +905,8 @@ static int ncat_listen_dgram(int proto)
continue;
}
- FD_SET(socket_n, &read_fds);
- FD_SET(STDIN_FILENO, &read_fds);
+ checked_fd_set(socket_n, &read_fds);
+ checked_fd_set(STDIN_FILENO, &read_fds);
fdmax = socket_n;
/* stdin -> socket and socket -> stdout */
@@ -926,7 +926,7 @@ static int ncat_listen_dgram(int proto)
if (fds_ready == 0)
bye("Idle timeout expired (%d ms).", o.idletimeout);
- if (FD_ISSET(STDIN_FILENO, &fds)) {
+ if (checked_fd_isset(STDIN_FILENO, &fds)) {
nbytes = Read(STDIN_FILENO, buf, sizeof(buf));
if (nbytes <= 0) {
if (nbytes < 0 && o.verbose) {
@@ -934,7 +934,7 @@ static int ncat_listen_dgram(int proto)
} else if (nbytes == 0 && o.debug) {
logdebug("EOF on stdin\n");
}
- FD_CLR(STDIN_FILENO, &read_fds);
+ checked_fd_clr(STDIN_FILENO, &read_fds);
if (nbytes < 0)
return 1;
continue;
@@ -958,7 +958,7 @@ static int ncat_listen_dgram(int proto)
tempbuf = NULL;
}
}
- if (FD_ISSET(socket_n, &fds)) {
+ if (checked_fd_isset(socket_n, &fds)) {
nbytes = recv(socket_n, buf, sizeof(buf), 0);
if (nbytes < 0) {
loguser("%s.\n", socket_strerror(socket_errno()));
@@ -1034,7 +1034,7 @@ static void read_and_broadcast(int recv_fd)
/* Don't close the file because that allows a socket to be
fd 0. */
- FD_CLR(recv_fd, &master_readfds);
+ checked_fd_clr(recv_fd, &master_readfds);
/* But mark that we've seen EOF so it doesn't get re-added to
the select list. */
stdin_eof = 1;
@@ -1061,14 +1061,14 @@ static void read_and_broadcast(int recv_fd)
}
#endif
close(recv_fd);
- FD_CLR(recv_fd, &master_readfds);
+ checked_fd_clr(recv_fd, &master_readfds);
rm_fd(&client_fdlist, recv_fd);
- FD_CLR(recv_fd, &master_broadcastfds);
+ checked_fd_clr(recv_fd, &master_broadcastfds);
rm_fd(&broadcast_fdlist, recv_fd);
conn_inc--;
if (conn_inc == 0)
- FD_CLR(STDIN_FILENO, &master_readfds);
+ checked_fd_clr(STDIN_FILENO, &master_readfds);
if (o.chat)
chat_announce_disconnect(recv_fd);
@@ -1099,7 +1099,7 @@ static void read_and_broadcast(int recv_fd)
/* Send to everyone except the one who sent this message. */
broadcastfds = master_broadcastfds;
- FD_CLR(recv_fd, &broadcastfds);
+ checked_fd_clr(recv_fd, &broadcastfds);
ncat_broadcast(&broadcastfds, &broadcast_fdlist, outbuf, n);
free(chatbuf);
@@ -1114,7 +1114,7 @@ static void shutdown_sockets(int how)
int i;
for (i = 0; i <= broadcast_fdlist.fdmax; i++) {
- if (!FD_ISSET(i, &master_broadcastfds))
+ if (!checked_fd_isset(i, &master_broadcastfds))
continue;
fdn = get_fdinfo(&broadcast_fdlist, i);
@@ -1139,7 +1139,7 @@ static int chat_announce_connect(int fd, const union sockaddr_u *su)
union sockaddr_u su;
socklen_t len = sizeof(su.storage);
- if (i == fd || !FD_ISSET(i, &master_broadcastfds))
+ if (i == fd || !checked_fd_isset(i, &master_broadcastfds))
continue;
if (getpeername(i, &su.sockaddr, &len) == -1)
diff --git a/ncat/ncat_posix.c b/ncat/ncat_posix.c
index 3b01936..59e801e 100644
--- a/ncat/ncat_posix.c
+++ b/ncat/ncat_posix.c
@@ -273,8 +273,8 @@ void netexec(struct fdinfo *info, char *cmdexec)
int r, n_r;
FD_ZERO(&fds);
- FD_SET(info->fd, &fds);
- FD_SET(child_stdout[0], &fds);
+ checked_fd_set(info->fd, &fds);
+ checked_fd_set(child_stdout[0], &fds);
r = fselect(maxfd + 1, &fds, NULL, NULL, NULL);
if (r == -1) {
@@ -283,7 +283,7 @@ void netexec(struct fdinfo *info, char *cmdexec)
else
break;
}
- if (FD_ISSET(info->fd, &fds)) {
+ if (checked_fd_isset(info->fd, &fds)) {
int pending;
do {
@@ -293,7 +293,7 @@ void netexec(struct fdinfo *info, char *cmdexec)
write_loop(child_stdin[1], buf, n_r);
} while (pending);
}
- if (FD_ISSET(child_stdout[0], &fds)) {
+ if (checked_fd_isset(child_stdout[0], &fds)) {
char *crlf = NULL, *wbuf;
n_r = read(child_stdout[0], buf, sizeof(buf));
if (n_r <= 0)
diff --git a/ncat/ncat_proxy.c b/ncat/ncat_proxy.c
index d7227fc..e060e3e 100644
--- a/ncat/ncat_proxy.c
+++ b/ncat/ncat_proxy.c
@@ -234,7 +234,7 @@ int ncat_http_server(void)
unblock_socket(listen_socket[num_sockets]);
/* setup select sets and max fd */
- FD_SET(listen_socket[num_sockets], &listen_fds);
+ checked_fd_set(listen_socket[num_sockets], &listen_fds);
add_fd(&listen_fdlist, listen_socket[num_sockets]);
num_sockets++;
@@ -267,7 +267,7 @@ int ncat_http_server(void)
for (i = 0; i <= listen_fdlist.fdmax && fds_ready > 0; i++) {
/* Loop through descriptors until there is something ready */
- if (!FD_ISSET(i, &read_fds))
+ if (!checked_fd_isset(i, &read_fds))
continue;
/* Check each listening socket */
@@ -525,8 +525,8 @@ static int handle_connect(struct socket_buffer *client_sock,
maxfd = client_sock->fdn.fd < s ? s : client_sock->fdn.fd;
FD_ZERO(&m);
- FD_SET(client_sock->fdn.fd, &m);
- FD_SET(s, &m);
+ checked_fd_set(client_sock->fdn.fd, &m);
+ checked_fd_set(s, &m);
errno = 0;
@@ -540,7 +540,7 @@ static int handle_connect(struct socket_buffer *client_sock,
zmem(buf, sizeof(buf));
- if (FD_ISSET(client_sock->fdn.fd, &r)) {
+ if (checked_fd_isset(client_sock->fdn.fd, &r)) {
do {
do {
len = fdinfo_recv(&client_sock->fdn, buf, sizeof(buf));
@@ -556,7 +556,7 @@ static int handle_connect(struct socket_buffer *client_sock,
} while (fdinfo_pending(&client_sock->fdn));
}
- if (FD_ISSET(s, &r)) {
+ if (checked_fd_isset(s, &r)) {
do {
len = recv(s, buf, sizeof(buf), 0);
} while (len == -1 && socket_errno() == EINTR);

13
SPECS/nmap.spec
View File

@ -13,7 +13,7 @@ Name: nmap
Epoch: 2
Version: 7.70
#global prerelease TEST5
Release: 5%{?dist}
Release: 6%{?dist}
# Uses combination of licenses based on GPL license, but with extra modification
# so it got its own license tag rhbz#1055861
License: Nmap
@ -35,7 +35,7 @@ Patch2: nmap-4.52-noms.patch
# upstream provided patch for rhbz#845005, not yet in upstream repository
Patch5: ncat_reg_stdin.diff
Patch6: nmap-6.25-displayerror.patch
Patch7: nmap-safe_fd_functions.patch
URL: http://nmap.org/
@ -112,11 +112,7 @@ Requires(postun): %{_sbindir}/update-alternatives
%prep
%setup -q -n %{name}-%{version}%{?prerelease}
%patch1 -p1 -b .mktemp
%patch2 -p1 -b .noms
%patch5 -p1 -b .ncat_reg_stdin
%patch6 -p1 -b .displayerror
%autosetup -p1 -n %{name}-%{version}%{?prerelease}
#be sure we're not using tarballed copies of some libraries
#rm -rf liblua libpcap libpcre macosx mswin32 ###TODO###
@ -274,6 +270,9 @@ fi
%endif
%changelog
* Wed Jul 21 2021 Pavel Zhukov <pzhukov@redhat.com> - 2:7.70-6
- Use safe variants of FD_ functions (#1914733)
* Thu Mar 28 2019 Pavel Zhukov <pzhukov@redhat.com> - 2:7.70-5
- Resolves: #1653119 - Manage nc symlink using alternatives