From 61120120a09c6832bc7360c4a7564308be58b75c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 27 Jun 2017 17:31:48 -0400 Subject: [PATCH] Tweak the patches a bit more --- ...-includes.patch => 0076-fix-includes.patch | 4 +- ...cket-add-a-simple-test-for-our-alloc.patch | 7 +-- ...lved-simplify-alloc-size-calculation.patch | 6 ++- ...t-allocate-packets-with-minimum-size.patch | 16 ++++-- ...ine-various-packet-sizes-as-unsigned.patch | 51 +++++++++++++++++++ systemd.spec | 9 ++-- 6 files changed, 78 insertions(+), 15 deletions(-) rename 0079-fix-includes.patch => 0076-fix-includes.patch (88%) rename 0076-test-resolved-packet-add-a-simple-test-for-our-alloc.patch => 0077-test-resolved-packet-add-a-simple-test-for-our-alloc.patch (93%) rename 0077-resolved-simplify-alloc-size-calculation.patch => 0078-resolved-simplify-alloc-size-calculation.patch (89%) rename 0078-resolved-do-not-allocate-packets-with-minimum-size.patch => 0079-resolved-do-not-allocate-packets-with-minimum-size.patch (68%) create mode 100644 0080-resolved-define-various-packet-sizes-as-unsigned.patch diff --git a/0079-fix-includes.patch b/0076-fix-includes.patch similarity index 88% rename from 0079-fix-includes.patch rename to 0076-fix-includes.patch index 69b4091..8d2ce21 100644 --- a/0079-fix-includes.patch +++ b/0076-fix-includes.patch @@ -1,4 +1,4 @@ -From 284d1cd0a12cad96a5ea61d1afb0dd677dbd147e Mon Sep 17 00:00:00 2001 +From 93dc6dbed1ee66619f5005f6209920ea051474a8 Mon Sep 17 00:00:00 2001 From: Matija Skala Date: Wed, 15 Mar 2017 13:21:10 +0100 Subject: [PATCH] fix includes @@ -7,6 +7,8 @@ linux/sockios.h is needed for the SIOCGSTAMPNS macro xlocale.h is included indirectly in glibc and doesn't even exist in other libcs + +(cherry picked from commit 284d1cd0a12cad96a5ea61d1afb0dd677dbd147e) --- src/basic/parse-util.c | 1 - src/libsystemd-network/sd-lldp.c | 1 + diff --git a/0076-test-resolved-packet-add-a-simple-test-for-our-alloc.patch b/0077-test-resolved-packet-add-a-simple-test-for-our-alloc.patch similarity index 93% rename from 0076-test-resolved-packet-add-a-simple-test-for-our-alloc.patch rename to 0077-test-resolved-packet-add-a-simple-test-for-our-alloc.patch index 227075c..a01a330 100644 --- a/0076-test-resolved-packet-add-a-simple-test-for-our-alloc.patch +++ b/0077-test-resolved-packet-add-a-simple-test-for-our-alloc.patch @@ -1,9 +1,10 @@ -From cc3e26e6de62c793ac869d219dd8aa7757249893 Mon Sep 17 00:00:00 2001 +From 7586bc7e5006fd7df55199283de4766b2775f60f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sun, 18 Jun 2017 15:53:15 -0400 -Subject: [PATCH 1/2] test-resolved-packet: add a simple test for our - allocation functions +Subject: [PATCH] test-resolved-packet: add a simple test for our allocation + functions +(cherry picked from commit 751ca3f1de316ca79b60001334dbdf54077e1d01) --- .gitignore | 1 + Makefile.am | 14 ++++++++++++ diff --git a/0077-resolved-simplify-alloc-size-calculation.patch b/0078-resolved-simplify-alloc-size-calculation.patch similarity index 89% rename from 0077-resolved-simplify-alloc-size-calculation.patch rename to 0078-resolved-simplify-alloc-size-calculation.patch index ba73087..a602ad4 100644 --- a/0077-resolved-simplify-alloc-size-calculation.patch +++ b/0078-resolved-simplify-alloc-size-calculation.patch @@ -1,7 +1,7 @@ -From d2a286714f136404d05c8981a2e0820c1dd6e0a9 Mon Sep 17 00:00:00 2001 +From fa30043f5a3e4eaff50a72bad95601d582ac045d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sun, 18 Jun 2017 16:07:57 -0400 -Subject: [PATCH 2/2] resolved: simplify alloc size calculation +Subject: [PATCH] resolved: simplify alloc size calculation The allocation size was calculated in a complicated way, and for values close to the page size we would actually allocate less than requested. @@ -9,6 +9,8 @@ close to the page size we would actually allocate less than requested. Reported by Chris Coulson . CVE-2017-9445 + +(cherry picked from commit db848813bae4d28c524b3b6a7dad135e426659ce) --- src/resolve/resolved-dns-packet.c | 8 +------- src/resolve/resolved-dns-packet.h | 2 -- diff --git a/0078-resolved-do-not-allocate-packets-with-minimum-size.patch b/0079-resolved-do-not-allocate-packets-with-minimum-size.patch similarity index 68% rename from 0078-resolved-do-not-allocate-packets-with-minimum-size.patch rename to 0079-resolved-do-not-allocate-packets-with-minimum-size.patch index f25b516..cab08e2 100644 --- a/0078-resolved-do-not-allocate-packets-with-minimum-size.patch +++ b/0079-resolved-do-not-allocate-packets-with-minimum-size.patch @@ -1,4 +1,4 @@ -From 9d279d91c16b527fed9a09d96e5b984244222828 Mon Sep 17 00:00:00 2001 +From b38575cb49041e586b0732d759a06801e587bb90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 27 Jun 2017 14:20:00 -0400 Subject: [PATCH] resolved: do not allocate packets with minimum size @@ -9,12 +9,14 @@ otherwise we have to resize immediately again after appending the first data to the packet. This partially reverts the previous commit. + +(cherry picked from commit 88795538726a5bbfd9efc13d441cb05e1d7fc139) --- - src/resolve/resolved-dns-packet.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) + src/resolve/resolved-dns-packet.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c -index 821b66e266..08c48f0442 100644 +index 821b66e266..d1f0f760a4 100644 --- a/src/resolve/resolved-dns-packet.c +++ b/src/resolve/resolved-dns-packet.c @@ -28,6 +28,9 @@ @@ -27,11 +29,15 @@ index 821b66e266..08c48f0442 100644 typedef struct DnsPacketRewinder { DnsPacket *packet; size_t saved_rindex; -@@ -47,7 +50,10 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) { +@@ -47,7 +50,14 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) { assert(ret); - a = MAX(mtu, DNS_PACKET_HEADER_SIZE); ++ /* When dns_packet_new() is called with mtu == 0, allocate more than the ++ * absolute minimum (which is the dns packet header size), to avoid ++ * resizing immediately again after appending the first data to the packet. ++ */ + if (mtu < UDP_PACKET_HEADER_SIZE) + a = DNS_PACKET_SIZE_START; + else diff --git a/0080-resolved-define-various-packet-sizes-as-unsigned.patch b/0080-resolved-define-various-packet-sizes-as-unsigned.patch new file mode 100644 index 0000000..a762f82 --- /dev/null +++ b/0080-resolved-define-various-packet-sizes-as-unsigned.patch @@ -0,0 +1,51 @@ +From d0553ece1ec2b4c586ac033ae2cb9baf22d0af33 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 27 Jun 2017 16:59:06 -0400 +Subject: [PATCH] resolved: define various packet sizes as unsigned + +This seems like the right thing to do, and apparently at least some compilers +warn about signed/unsigned comparisons with DNS_PACKET_SIZE_MAX. + +(cherry picked from commit 64a21fdaca7c93f1c30b21f6fdbd2261798b161a) +--- + src/resolve/resolved-dns-packet.c | 2 +- + src/resolve/resolved-dns-packet.h | 6 +++--- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c +index d1f0f760a4..a486216d68 100644 +--- a/src/resolve/resolved-dns-packet.c ++++ b/src/resolve/resolved-dns-packet.c +@@ -28,7 +28,7 @@ + + #define EDNS0_OPT_DO (1<<15) + +-#define DNS_PACKET_SIZE_START 512 ++#define DNS_PACKET_SIZE_START 512u + assert_cc(DNS_PACKET_SIZE_START > UDP_PACKET_HEADER_SIZE) + + typedef struct DnsPacketRewinder { +diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h +index 3abcaf8cf3..5dff272fd9 100644 +--- a/src/resolve/resolved-dns-packet.h ++++ b/src/resolve/resolved-dns-packet.h +@@ -58,13 +58,13 @@ struct DnsPacketHeader { + /* The various DNS protocols deviate in how large a packet can grow, + but the TCP transport has a 16bit size field, hence that appears to + be the absolute maximum. */ +-#define DNS_PACKET_SIZE_MAX 0xFFFF ++#define DNS_PACKET_SIZE_MAX 0xFFFFu + + /* RFC 1035 say 512 is the maximum, for classic unicast DNS */ +-#define DNS_PACKET_UNICAST_SIZE_MAX 512 ++#define DNS_PACKET_UNICAST_SIZE_MAX 512u + + /* With EDNS0 we can use larger packets, default to 4096, which is what is commonly used */ +-#define DNS_PACKET_UNICAST_SIZE_LARGE_MAX 4096 ++#define DNS_PACKET_UNICAST_SIZE_LARGE_MAX 4096u + + struct DnsPacket { + int n_ref; +-- +2.13.0 + diff --git a/systemd.spec b/systemd.spec index 2c4e24e..4c1bc62 100644 --- a/systemd.spec +++ b/systemd.spec @@ -121,10 +121,11 @@ Patch0072: 0072-zsh-add-completion-for-add-wants-and-add-requires-60.patch Patch0073: 0073-udev-stop-freeing-value-after-using-it-for-setting-s.patch Patch0074: 0074-core-mount-pass-c-flag-to-bin-umount-6093.patch Patch0075: 0075-man-systemd-timesyncd.service-8-6109.patch -Patch0076: 0076-test-resolved-packet-add-a-simple-test-for-our-alloc.patch -Patch0077: 0077-resolved-simplify-alloc-size-calculation.patch -Patch0078: 0078-resolved-do-not-allocate-packets-with-minimum-size.patch -Patch0079: 0079-fix-includes.patch +Patch0076: 0076-fix-includes.patch +Patch0077: 0077-test-resolved-packet-add-a-simple-test-for-our-alloc.patch +Patch0078: 0078-resolved-simplify-alloc-size-calculation.patch +Patch0079: 0079-resolved-do-not-allocate-packets-with-minimum-size.patch +Patch0080: 0080-resolved-define-various-packet-sizes-as-unsigned.patch Source0990: hwdb.patch