From ab61883910ca8bbf294ee8f13e21f3202d0331d8 Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Wed, 13 Jan 2021 07:32:20 +0000 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/nmap.git#967a8ef81374a0a210a6d97482a0617f424228c3 --- nmap-safe_fd_functions.patch | 369 +++++++++++++++++++++++++++++++++++ nmap.spec | 8 +- 2 files changed, 375 insertions(+), 2 deletions(-) create mode 100644 nmap-safe_fd_functions.patch diff --git a/nmap-safe_fd_functions.patch b/nmap-safe_fd_functions.patch new file mode 100644 index 0000000..546d599 --- /dev/null +++ b/nmap-safe_fd_functions.patch @@ -0,0 +1,369 @@ +diff --git a/ncat/ncat_core.c b/ncat/ncat_core.c +index f734247..b76d5ea 100644 +--- a/ncat/ncat_core.c ++++ b/ncat/ncat_core.c +@@ -498,7 +498,7 @@ int ncat_broadcast(fd_set *fds, const fd_list_t *fdlist, const char *msg, size_t + + ret = 0; + for (i = 0; i <= fdlist->fdmax; i++) { +- if (!FD_ISSET(i, fds)) ++ if (!checked_fd_isset(i, fds)) + continue; + + fdn = get_fdinfo(fdlist, i); +diff --git a/ncat/ncat_listen.c b/ncat/ncat_listen.c +index 1e0c22f..bf4d54f 100644 +--- a/ncat/ncat_listen.c ++++ b/ncat/ncat_listen.c +@@ -312,10 +312,10 @@ static int ncat_listen_stream(int proto) + unblock_socket(listen_socket[num_sockets]); + + /* setup select sets and max fd */ +- FD_SET(listen_socket[num_sockets], &master_readfds); ++ checked_fd_set(listen_socket[num_sockets], &master_readfds); + add_fd(&client_fdlist, listen_socket[num_sockets]); + +- FD_SET(listen_socket[num_sockets], &listen_fds); ++ checked_fd_set(listen_socket[num_sockets], &listen_fds); + + num_sockets++; + } +@@ -368,7 +368,7 @@ static int ncat_listen_stream(int proto) + */ + for (i = 0; i <= client_fdlist.fdmax && fds_ready > 0; i++) { + /* Loop through descriptors until there's something to read */ +- if (!FD_ISSET(i, &readfds) && !FD_ISSET(i, &writefds)) ++ if (!checked_fd_isset(i, &readfds) && !checked_fd_isset(i, &writefds)) + continue; + + if (o.debug > 1) +@@ -376,30 +376,30 @@ static int ncat_listen_stream(int proto) + + #ifdef HAVE_OPENSSL + /* Is this an ssl socket pending a handshake? If so handle it. */ +- if (o.ssl && FD_ISSET(i, &sslpending_fds)) { ++ if (o.ssl && checked_fd_isset(i, &sslpending_fds)) { + struct fdinfo *fdi = NULL; +- FD_CLR(i, &master_readfds); +- FD_CLR(i, &master_writefds); ++ checked_fd_clr(i, &master_readfds); ++ checked_fd_clr(i, &master_writefds); + fdi = get_fdinfo(&client_fdlist, i); + ncat_assert(fdi != NULL); + switch (ssl_handshake(fdi)) { + case NCAT_SSL_HANDSHAKE_COMPLETED: + /* Clear from sslpending_fds once ssl is established */ +- FD_CLR(i, &sslpending_fds); ++ checked_fd_clr(i, &sslpending_fds); + post_handle_connection(*fdi); + break; + case NCAT_SSL_HANDSHAKE_PENDING_WRITE: +- FD_SET(i, &master_writefds); ++ checked_fd_set(i, &master_writefds); + break; + case NCAT_SSL_HANDSHAKE_PENDING_READ: +- FD_SET(i, &master_readfds); ++ checked_fd_set(i, &master_readfds); + break; + case NCAT_SSL_HANDSHAKE_FAILED: + default: + SSL_free(fdi->ssl); + Close(fdi->fd); +- FD_CLR(i, &sslpending_fds); +- FD_CLR(i, &master_readfds); ++ checked_fd_clr(i, &sslpending_fds); ++ checked_fd_clr(i, &master_readfds); + rm_fd(&client_fdlist, i); + /* Are we in single listening mode(without -k)? If so + then we should quit also. */ +@@ -410,7 +410,7 @@ static int ncat_listen_stream(int proto) + } + } else + #endif +- if (FD_ISSET(i, &listen_fds)) { ++ if (checked_fd_isset(i, &listen_fds)) { + /* we have a new connection request */ + handle_connection(i); + } else if (i == STDIN_FILENO) { +@@ -490,7 +490,7 @@ static void handle_connection(int socket_accept) + int i; + for (i = 0; i < num_listenaddrs; i++) { + Close(listen_socket[i]); +- FD_CLR(listen_socket[i], &master_readfds); ++ checked_fd_clr(listen_socket[i], &master_readfds); + rm_fd(&client_fdlist, listen_socket[i]); + } + } +@@ -528,9 +528,9 @@ static void handle_connection(int socket_accept) + #ifdef HAVE_OPENSSL + if (o.ssl) { + /* Add the socket to the necessary descriptor lists. */ +- FD_SET(s.fd, &sslpending_fds); +- FD_SET(s.fd, &master_readfds); +- FD_SET(s.fd, &master_writefds); ++ checked_fd_set(s.fd, &sslpending_fds); ++ checked_fd_set(s.fd, &master_readfds); ++ checked_fd_set(s.fd, &master_writefds); + /* Add it to our list of fds too for maintaining maxfd. */ + if (add_fdinfo(&client_fdlist, &s) < 0) + bye("add_fdinfo() failed."); +@@ -563,10 +563,10 @@ static void post_handle_connection(struct fdinfo sinfo) + } else { + /* Now that a client is connected, pay attention to stdin. */ + if (!stdin_eof) +- FD_SET(STDIN_FILENO, &master_readfds); ++ checked_fd_set(STDIN_FILENO, &master_readfds); + if (!o.sendonly) { + /* add to our lists */ +- FD_SET(sinfo.fd, &master_readfds); ++ checked_fd_set(sinfo.fd, &master_readfds); + /* add it to our list of fds for maintaining maxfd */ + #ifdef HAVE_OPENSSL + /* Don't add it twice (see handle_connection above) */ +@@ -578,7 +578,7 @@ static void post_handle_connection(struct fdinfo sinfo) + } + #endif + } +- FD_SET(sinfo.fd, &master_broadcastfds); ++ checked_fd_set(sinfo.fd, &master_broadcastfds); + if (add_fdinfo(&broadcast_fdlist, &sinfo) < 0) + bye("add_fdinfo() failed."); + +@@ -603,7 +603,7 @@ int read_stdin(void) + logdebug("EOF on stdin\n"); + + /* Don't close the file because that allows a socket to be fd 0. */ +- FD_CLR(STDIN_FILENO, &master_readfds); ++ checked_fd_clr(STDIN_FILENO, &master_readfds); + /* Buf mark that we've seen EOF so it doesn't get re-added to the + select list. */ + stdin_eof = 1; +@@ -656,14 +656,14 @@ int read_socket(int recv_fd) + } + #endif + close(recv_fd); +- FD_CLR(recv_fd, &master_readfds); ++ checked_fd_clr(recv_fd, &master_readfds); + rm_fd(&client_fdlist, recv_fd); +- FD_CLR(recv_fd, &master_broadcastfds); ++ checked_fd_clr(recv_fd, &master_broadcastfds); + rm_fd(&broadcast_fdlist, recv_fd); + + conn_inc--; + if (get_conn_count() == 0) +- FD_CLR(STDIN_FILENO, &master_readfds); ++ checked_fd_clr(STDIN_FILENO, &master_readfds); + + return n; + } +@@ -753,7 +753,7 @@ static int ncat_listen_dgram(int proto) + logdebug("do_listen(\"%s\"): %s\n", inet_ntop_ez(&listenaddrs[i].storage, sizeof(listenaddrs[i].storage)), socket_strerror(socket_errno())); + continue; + } +- FD_SET(sockfd[num_sockets].fd, &listen_fds); ++ checked_fd_set(sockfd[num_sockets].fd, &listen_fds); + add_fd(&listen_fdlist, sockfd[num_sockets].fd); + sockfd[num_sockets].addr = listenaddrs[i]; + num_sockets++; +@@ -773,14 +773,14 @@ static int ncat_listen_dgram(int proto) + + if (fdn != -1) { + /*remove socket descriptor which is burnt */ +- FD_CLR(sockfd[fdn].fd, &listen_fds); ++ checked_fd_clr(sockfd[fdn].fd, &listen_fds); + rm_fd(&listen_fdlist, sockfd[fdn].fd); + + /* Rebuild the udp socket which got burnt */ + sockfd[fdn].fd = do_listen(SOCK_DGRAM, proto, &sockfd[fdn].addr); + if (sockfd[fdn].fd == -1) + bye("do_listen: %s", socket_strerror(socket_errno())); +- FD_SET(sockfd[fdn].fd, &listen_fds); ++ checked_fd_set(sockfd[fdn].fd, &listen_fds); + add_fd(&listen_fdlist, sockfd[fdn].fd); + + } +@@ -818,7 +818,7 @@ static int ncat_listen_dgram(int proto) + */ + for (i = 0; i <= listen_fdlist.fdmax && fds_ready > 0; i++) { + /* Loop through descriptors until there is something ready */ +- if (!FD_ISSET(i, &fds)) ++ if (!checked_fd_isset(i, &fds)) + continue; + + /* Check each listening socket */ +@@ -911,8 +911,8 @@ static int ncat_listen_dgram(int proto) + continue; + } + +- FD_SET(socket_n, &read_fds); +- FD_SET(STDIN_FILENO, &read_fds); ++ checked_fd_set(socket_n, &read_fds); ++ checked_fd_set(STDIN_FILENO, &read_fds); + fdmax = socket_n; + + /* stdin -> socket and socket -> stdout */ +@@ -932,7 +932,7 @@ static int ncat_listen_dgram(int proto) + if (fds_ready == 0) + bye("Idle timeout expired (%d ms).", o.idletimeout); + +- if (FD_ISSET(STDIN_FILENO, &fds)) { ++ if (checked_fd_isset(STDIN_FILENO, &fds)) { + nbytes = Read(STDIN_FILENO, buf, sizeof(buf)); + if (nbytes <= 0) { + if (nbytes < 0 && o.verbose) { +@@ -940,7 +940,7 @@ static int ncat_listen_dgram(int proto) + } else if (nbytes == 0 && o.debug) { + logdebug("EOF on stdin\n"); + } +- FD_CLR(STDIN_FILENO, &read_fds); ++ checked_fd_clr(STDIN_FILENO, &read_fds); + if (nbytes < 0) + return 1; + continue; +@@ -964,7 +964,7 @@ static int ncat_listen_dgram(int proto) + tempbuf = NULL; + } + } +- if (FD_ISSET(socket_n, &fds)) { ++ if (checked_fd_isset(socket_n, &fds)) { + nbytes = recv(socket_n, buf, sizeof(buf), 0); + if (nbytes < 0) { + loguser("%s.\n", socket_strerror(socket_errno())); +@@ -1048,7 +1048,7 @@ static void read_and_broadcast(int recv_fd) + + /* Don't close the file because that allows a socket to be + fd 0. */ +- FD_CLR(recv_fd, &master_readfds); ++ checked_fd_clr(recv_fd, &master_readfds); + /* But mark that we've seen EOF so it doesn't get re-added to + the select list. */ + stdin_eof = 1; +@@ -1075,14 +1075,14 @@ static void read_and_broadcast(int recv_fd) + } + #endif + close(recv_fd); +- FD_CLR(recv_fd, &master_readfds); ++ checked_fd_clr(recv_fd, &master_readfds); + rm_fd(&client_fdlist, recv_fd); +- FD_CLR(recv_fd, &master_broadcastfds); ++ checked_fd_clr(recv_fd, &master_broadcastfds); + rm_fd(&broadcast_fdlist, recv_fd); + + conn_inc--; + if (conn_inc == 0) +- FD_CLR(STDIN_FILENO, &master_readfds); ++ checked_fd_clr(STDIN_FILENO, &master_readfds); + + if (o.chat) + chat_announce_disconnect(recv_fd); +@@ -1113,7 +1113,7 @@ static void read_and_broadcast(int recv_fd) + + /* Send to everyone except the one who sent this message. */ + broadcastfds = master_broadcastfds; +- FD_CLR(recv_fd, &broadcastfds); ++ checked_fd_clr(recv_fd, &broadcastfds); + ncat_broadcast(&broadcastfds, &broadcast_fdlist, outbuf, n); + + free(chatbuf); +@@ -1128,7 +1128,7 @@ static void shutdown_sockets(int how) + int i; + + for (i = 0; i <= broadcast_fdlist.fdmax; i++) { +- if (!FD_ISSET(i, &master_broadcastfds)) ++ if (!checked_fd_isset(i, &master_broadcastfds)) + continue; + + fdn = get_fdinfo(&broadcast_fdlist, i); +@@ -1153,7 +1153,7 @@ static int chat_announce_connect(int fd, const union sockaddr_u *su) + union sockaddr_u su; + socklen_t len = sizeof(su.storage); + +- if (i == fd || !FD_ISSET(i, &master_broadcastfds)) ++ if (i == fd || !checked_fd_isset(i, &master_broadcastfds)) + continue; + + if (getpeername(i, &su.sockaddr, &len) == -1) +diff --git a/ncat/ncat_posix.c b/ncat/ncat_posix.c +index 12207c0..9709e63 100644 +--- a/ncat/ncat_posix.c ++++ b/ncat/ncat_posix.c +@@ -273,8 +273,8 @@ void netexec(struct fdinfo *info, char *cmdexec) + int r, n_r; + + FD_ZERO(&fds); +- FD_SET(info->fd, &fds); +- FD_SET(child_stdout[0], &fds); ++ checked_fd_set(info->fd, &fds); ++ checked_fd_set(child_stdout[0], &fds); + + r = fselect(maxfd + 1, &fds, NULL, NULL, NULL); + if (r == -1) { +@@ -283,7 +283,7 @@ void netexec(struct fdinfo *info, char *cmdexec) + else + break; + } +- if (FD_ISSET(info->fd, &fds)) { ++ if (checked_fd_isset(info->fd, &fds)) { + int pending; + + do { +@@ -293,7 +293,7 @@ void netexec(struct fdinfo *info, char *cmdexec) + write_loop(child_stdin[1], buf, n_r); + } while (pending); + } +- if (FD_ISSET(child_stdout[0], &fds)) { ++ if (checked_fd_isset(child_stdout[0], &fds)) { + char *crlf = NULL, *wbuf; + n_r = read(child_stdout[0], buf, sizeof(buf)); + if (n_r <= 0) +diff --git a/ncat/ncat_proxy.c b/ncat/ncat_proxy.c +index 72fe2ea..51ad9c4 100644 +--- a/ncat/ncat_proxy.c ++++ b/ncat/ncat_proxy.c +@@ -234,7 +234,7 @@ int ncat_http_server(void) + unblock_socket(listen_socket[num_sockets]); + + /* setup select sets and max fd */ +- FD_SET(listen_socket[num_sockets], &listen_fds); ++ checked_fd_set(listen_socket[num_sockets], &listen_fds); + add_fd(&listen_fdlist, listen_socket[num_sockets]); + + num_sockets++; +@@ -267,7 +267,7 @@ int ncat_http_server(void) + + for (i = 0; i <= listen_fdlist.fdmax && fds_ready > 0; i++) { + /* Loop through descriptors until there is something ready */ +- if (!FD_ISSET(i, &read_fds)) ++ if (!checked_fd_isset(i, &read_fds)) + continue; + + /* Check each listening socket */ +@@ -525,8 +525,8 @@ static int handle_connect(struct socket_buffer *client_sock, + + maxfd = client_sock->fdn.fd < s ? s : client_sock->fdn.fd; + FD_ZERO(&m); +- FD_SET(client_sock->fdn.fd, &m); +- FD_SET(s, &m); ++ checked_fd_set(client_sock->fdn.fd, &m); ++ checked_fd_set(s, &m); + + errno = 0; + +@@ -540,7 +540,7 @@ static int handle_connect(struct socket_buffer *client_sock, + + zmem(buf, sizeof(buf)); + +- if (FD_ISSET(client_sock->fdn.fd, &r)) { ++ if (checked_fd_isset(client_sock->fdn.fd, &r)) { + do { + do { + len = fdinfo_recv(&client_sock->fdn, buf, sizeof(buf)); +@@ -556,7 +556,7 @@ static int handle_connect(struct socket_buffer *client_sock, + } while (fdinfo_pending(&client_sock->fdn)); + } + +- if (FD_ISSET(s, &r)) { ++ if (checked_fd_isset(s, &r)) { + do { + len = recv(s, buf, sizeof(buf), 0); + } while (len == -1 && socket_errno() == EINTR); diff --git a/nmap.spec b/nmap.spec index bb2cf2b..5362f33 100644 --- a/nmap.spec +++ b/nmap.spec @@ -7,7 +7,7 @@ Name: nmap Epoch: 3 Version: 7.80 #global prerelease TEST5 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Network exploration tool and security scanner URL: http://nmap.org/ # Uses combination of licenses based on GPL license, but with extra modification @@ -30,6 +30,7 @@ Patch3: ncat_reg_stdin.diff Patch4: nmap-6.25-displayerror.patch # https://github.com/nmap/nmap/commit/33f421fd6e68fcb8ed50071661d9704717c81b2b.patch Patch5: nmap-unsolicited_arp_assert.patch +Patch6: nmap-safe_fd_functions.patch BuildRequires: automake make @@ -142,7 +143,10 @@ ln -s ncat %{buildroot}%{_bindir}/nc %{_mandir}/man1/ncat.1.gz %changelog -* Sun Jan 10 2021 Pavel Zhukov - 3:7.80-7 +* Wed Jan 13 2021 Pavel Zhukov - 3:7.80-8 +- Replace FD_ functions with safe implementation (#1914734) + +* Sun Jan 10 2021 Pavel Zhukov - 3:7.80-7 - Drop nmap >= 7.90 * Thu Aug 20 2020 Pavel Zhukov - 2:7.80-6