.gitignore

@@ -1 +1 @@
-SOURCES/slirp4netns-c4e1bc5.tar.gz
+SOURCES/v1.2.3.tar.gz

.slirp4netns.metadata

@@ -1 +1 @@
-c80717510d48cfe56eec27e93a4fe92182faca0b SOURCES/slirp4netns-c4e1bc5.tar.gz
+58ff0e5c7cf857d4fab48f44c531962999918128 SOURCES/v1.2.3.tar.gz

SOURCES/slirp4netns-CVE-2019-14378.patch

@@ -1,34 +0,0 @@
-From 126c04acbabd7ad32c2b018fe10dfac2a3bc1210 Mon Sep 17 00:00:00 2001
-From: Samuel Thibault <samuel.thibault@ens-lyon.org>
-Date: Sun, 28 Jul 2019 19:11:24 +0200
-Subject: [PATCH] Fix heap overflow in ip_reass on big packet input
-
-When the first fragment does not fit in the preallocated buffer, q will
-already be pointing to the ext buffer, so we mustn't try to update it.
-
-Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
----
- src/ip_input.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff -up ./slirp4netns-c4e1bc5a5e6987f3a352ca524f13320a2d483398/qemu/slirp/ip_input.c.CVE-2019-14378 ./slirp4netns-c4e1bc5a5e6987f3a352ca524f13320a2d483398/qemu/slirp/ip_input.c
---- slirp4netns-c4e1bc5a5e6987f3a352ca524f13320a2d483398/qemu/slirp/ip_input.c.CVE-2019-14378	2019-09-27 11:04:30.215413671 +0200
-+++ slirp4netns-c4e1bc5a5e6987f3a352ca524f13320a2d483398/qemu/slirp/ip_input.c	2019-09-27 11:04:30.216413682 +0200
-@@ -333,6 +333,8 @@ insert:
-     q = fp->frag_link.next;
- 	m = dtom(slirp, q);
- 
-+	int was_ext = m->m_flags & M_EXT;
-+
- 	q = (struct ipasfrag *) q->ipf_next;
- 	while (q != (struct ipasfrag*)&fp->frag_link) {
- 	  struct mbuf *t = dtom(slirp, q);
-@@ -355,7 +357,7 @@ insert:
- 	 * the old buffer (in the mbuf), so we must point ip
- 	 * into the new buffer.
- 	 */
--	if (m->m_flags & M_EXT) {
-+	if (!was_ext && m->m_flags & M_EXT) {
- 	  int delta = (char *)q - m->m_dat;
- 	  q = (struct ipasfrag *)(m->m_ext + delta);
- 	}

SOURCES/slirp4netns-CVE-2020-7039.patch

@@ -1,123 +0,0 @@
-From 2655fffed7a9e765bcb4701dd876e9dab975f289 Mon Sep 17 00:00:00 2001
-From: Samuel Thibault <samuel.thibault@ens-lyon.org>
-Date: Wed, 8 Jan 2020 00:58:48 +0100
-Subject: [PATCH] tcp_emu: Fix oob access
-
-The main loop only checks for one available byte, while we sometimes
-need two bytes.
-
-2.24.1
-
-From 82ebe9c370a0e2970fb5695aa19aa5214a6a1c80 Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Thu, 9 Jan 2020 15:12:28 +0530
-Subject: [PATCH] slirp: use correct size while emulating commands
-
-While emulating services in tcp_emu(), it uses 'mbuf' size
-'m->m_size' to write commands via snprintf(3). Use M_FREEROOM(m)
-size to avoid possible OOB access.
-
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
-Message-Id: <20200109094228.79764-3-ppandit@redhat.com>
-
-2.24.1
-
-From ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9 Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Thu, 9 Jan 2020 15:12:27 +0530
-Subject: [PATCH] slirp: use correct size while emulating IRC commands
-
-While emulating IRC DCC commands, tcp_emu() uses 'mbuf' size
-'m->m_size' to write DCC commands via snprintf(3). This may
-lead to OOB write access, because 'bptr' points somewhere in
-the middle of 'mbuf' buffer, not at the start. Use M_FREEROOM(m)
-size to avoid OOB access.
-
-Reported-by: Vishnu Dev TJ <vishnudevtj@gmail.com>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
-Message-Id: <20200109094228.79764-2-ppandit@redhat.com>
-
----
- CHANGELOG.md   | 1 +
- src/tcp_subr.c | 7 +++++++
- 2 files changed, 8 insertions(+)
-
-diff -up slirp4netns-c4e1bc5a5e6987f3a352ca524f13320a2d483398/qemu/slirp/tcp_subr.c.CVE-2020-7039 slirp4netns-c4e1bc5a5e6987f3a352ca524f13320a2d483398/qemu/slirp/tcp_subr.c
---- slirp4netns-c4e1bc5a5e6987f3a352ca524f13320a2d483398/qemu/slirp/tcp_subr.c.CVE-2020-7039	2020-01-16 11:13:39.558653385 +0100
-+++ slirp4netns-c4e1bc5a5e6987f3a352ca524f13320a2d483398/qemu/slirp/tcp_subr.c	2020-01-16 14:23:54.027184429 +0100
-@@ -704,7 +704,7 @@ tcp_emu(struct socket *so, struct mbuf *
- 			n4 =  (laddr & 0xff);
- 
- 			m->m_len = bptr - m->m_data; /* Adjust length */
--                        m->m_len += snprintf(bptr, m->m_size - m->m_len,
-+                        m->m_len += snprintf(bptr, M_FREEROOM(m),
-                                              "ORT %d,%d,%d,%d,%d,%d\r\n%s",
-                                              n1, n2, n3, n4, n5, n6, x==7?buff:"");
- 			return 1;
-@@ -737,7 +737,7 @@ tcp_emu(struct socket *so, struct mbuf *
- 			n4 =  (laddr & 0xff);
- 
- 			m->m_len = bptr - m->m_data; /* Adjust length */
--			m->m_len += snprintf(bptr, m->m_size - m->m_len,
-+			m->m_len += snprintf(bptr, M_FREEROOM(m),
-                                              "27 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n%s",
-                                              n1, n2, n3, n4, n5, n6, x==7?buff:"");
- 
-@@ -763,7 +763,7 @@ tcp_emu(struct socket *so, struct mbuf *
- 		if (m->m_data[m->m_len-1] == '\0' && lport != 0 &&
- 		    (so = tcp_listen(slirp, INADDR_ANY, 0, so->so_laddr.s_addr,
- 		                     htons(lport), SS_FACCEPTONCE)) != NULL)
--                    m->m_len = snprintf(m->m_data, m->m_size, "%d",
-+                    m->m_len = snprintf(m->m_data, M_ROOM(m), "%d",
-                                         ntohs(so->so_fport)) + 1;
- 		return 1;
- 
-@@ -783,7 +783,7 @@ tcp_emu(struct socket *so, struct mbuf *
- 				return 1;
- 			}
- 			m->m_len = bptr - m->m_data; /* Adjust length */
--                        m->m_len += snprintf(bptr, m->m_size,
-+                        m->m_len += snprintf(bptr, M_FREEROOM(m),
-                                              "DCC CHAT chat %lu %u%c\n",
-                                              (unsigned long)ntohl(so->so_faddr.s_addr),
-                                              ntohs(so->so_fport), 1);
-@@ -794,7 +794,7 @@ tcp_emu(struct socket *so, struct mbuf *
- 				return 1;
- 			}
- 			m->m_len = bptr - m->m_data; /* Adjust length */
--                        m->m_len += snprintf(bptr, m->m_size,
-+                        m->m_len += snprintf(bptr, M_FREEROOM(m),
-                                              "DCC SEND %s %lu %u %u%c\n", buff,
-                                              (unsigned long)ntohl(so->so_faddr.s_addr),
-                                              ntohs(so->so_fport), n1, 1);
-@@ -805,7 +805,7 @@ tcp_emu(struct socket *so, struct mbuf *
- 				return 1;
- 			}
- 			m->m_len = bptr - m->m_data; /* Adjust length */
--                        m->m_len += snprintf(bptr, m->m_size,
-+                        m->m_len += snprintf(bptr, M_FREEROOM(m),
-                                              "DCC MOVE %s %lu %u %u%c\n", buff,
-                                              (unsigned long)ntohl(so->so_faddr.s_addr),
-                                              ntohs(so->so_fport), n1, 1);
-@@ -892,6 +892,9 @@ tcp_emu(struct socket *so, struct mbuf *
- 				break;
- 
- 			 case 5:
-+				if (bptr == m->m_data + m->m_len - 1)
-+				    return 1; /* We need two bytes */
-+
- 				/*
- 				 * The difference between versions 1.0 and
- 				 * 2.0 is here. For future versions of
-@@ -907,6 +910,9 @@ tcp_emu(struct socket *so, struct mbuf *
- 				/* This is the field containing the port
- 				 * number that RA-player is listening to.
- 				 */
-+				if (bptr == m->m_data + m->m_len - 1)
-+				    return 1; /* We need two bytes */
-+
- 				lport = (((u_char*)bptr)[0] << 8)
- 				+ ((u_char *)bptr)[1];
- 				if (lport < 6970)

SPECS/slirp4netns.spec

@@ -1,27 +1,27 @@
 %global git0 https://github.com/rootless-containers/%{name}
-%global commit0 c4e1bc5a5e6987f3a352ca524f13320a2d483398
-%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 Name: slirp4netns
-Version: 0.1
-Release: 5.dev.git%{shortcommit0}%{?dist}
-# no go-md2man in ix86 and ppc64
-ExcludeArch: %{ix86} ppc64
+Version: 1.2.3
+Release: 1%{?dist}
 Summary: slirp for network namespaces
 License: GPLv2
 URL: %{git0}
-Source0: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
-Patch0: slirp4netns-CVE-2019-14378.patch
-Patch1: slirp4netns-CVE-2020-7039.patch
+# build fails on i686 with: No matching package to install: 'go-md2man'
+ExcludeArch: i686
+Source0: %{git0}/archive/v%{version}.tar.gz
 BuildRequires: autoconf
 BuildRequires: automake
 BuildRequires: gcc
+BuildRequires: glib2-devel
 BuildRequires: git
-BuildRequires: go-md2man
+BuildRequires: /usr/bin/go-md2man
+BuildRequires: libcap-devel
+BuildRequires: libseccomp-devel
 BuildRequires: make
+BuildRequires: libslirp-devel
 
 %description
-User-mode networking for unprivileged network namespaces.
+slirp for network namespaces, without copying buffers across the namespaces.
 
 %package devel
 Summary: %{summary}
@@ -35,9 +35,11 @@ building other packages which use import path with
 %{import_path} prefix.
 
 %prep
-%autosetup -Sgit -n %{name}-%{commit0}
+%autosetup -Sgit
 
 %build
+export CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
+export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
 ./autogen.sh
 ./configure --prefix=%{_usr} --libdir=%{_libdir}
 %{__make} generate-man
@@ -57,16 +59,83 @@ make DESTDIR=%{buildroot} install install-man
 %{_mandir}/man1/%{name}.1.gz
 
 %changelog
-* Thu Jan 16 2020 Jindrich Novy <jnovy@redhat.com> - 0.1-5.dev.gitc4e1bc5
-- backport fix for CVE-2020-7039
-- Resolves: #1791578
+* Fri Feb 09 2024 Jindrich Novy <jnovy@redhat.com> - 1.2.3-1
+- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.3
+- Related: RHEL-2112
 
-* Thu Nov 28 2019 Jindrich Novy <jnovy@redhat.com> - 0.1-4.dev.gitc4e1bc5
-- actually add CVE-2019-14378 patch to dist-git
-- Related: RHELPLAN-25139
+* Fri Sep 15 2023 Jindrich Novy <jnovy@redhat.com> - 1.2.2-1
+- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.2
+- Related: Jira:RHEL-2112
 
-* Fri Sep 27 2019 Jindrich Novy <jnovy@redhat.com> - 0.1-3.dev.gitc4e1bc5
-- Fix CVE-2019-14378 (#1768394).
+* Mon Aug 21 2023 Jindrich Novy <jnovy@redhat.com> - 1.2.1-1
+- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.1
+- Related: #2176063
+
+* Thu Feb 16 2023 Jindrich Novy <jnovy@redhat.com> - 1.2.0-3
+- rebuild
+- Resolves: #2129078
+
+* Wed May 11 2022 Jindrich Novy <jnovy@redhat.com> - 1.2.0-2
+- BuildRequires: /usr/bin/go-md2man
+- Related: #2061316
+
+* Mon May 02 2022 Jindrich Novy <jnovy@redhat.com> - 1.2.0-1
+- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.0
+- Related: #2061316
+
+* Thu Feb 17 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.12-4
+- update gating.yaml as we have no local tests in dist-git
+- Related: #2000051
+
+* Tue Feb 15 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.12-3
+- fix gating - don't use insecure functions - thanks to Marc-André Lureau
+- Related: #2000051
+
+* Tue Feb 15 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.12-2
+- add gating.yaml
+- Related: #2000051
+
+* Thu Nov 11 2021 Jindrich Novy <jnovy@redhat.com> - 1.1.12-1
+- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.12
+- Related: #2000051
+
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.1.8-3
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.1.8-2
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Fri Dec 04 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.8-1
+- update to
+  https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8
+
+* Thu Dec 03 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.7-2
+- exclude i686 because of build failures
+- Related: #1883490
+
+* Thu Nov 26 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.7-1
+- update to
+  https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.7
+
+* Mon Nov 09 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.6-2
+- - be sure to harden the linked binary
+
+* Thu Nov 05 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.6-1
+- update to
+  https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.6
+
+* Wed Nov 04 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.5-1
+- update to
+  https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.5
+
+* Thu Sep 17 2020 Jindrich Novy <jnovy@redhat.com> - 1.1.4-2
+- sync with rhel8-8.3.0
+- use proper CFLAGS
+- Related: #1821193
+
+* Thu Feb 28 2019 Lokesh Mandvekar <lsm5@redhat.com> - 0.3.0-1.alpha.2.git30883b5
+- bump to v0.3.0-alpha.2
 
 * Fri Nov 16 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.1-2.dev.gitc4e1bc5
 - changed summary