Tweak the patches a bit more
This commit is contained in:
Zbigniew Jędrzejewski-Szmek
parent
acc114f21c
commit
61120120a0
@ -1,4 +1,4 @@
|
||||
From 284d1cd0a12cad96a5ea61d1afb0dd677dbd147e Mon Sep 17 00:00:00 2001
|
||||
From 93dc6dbed1ee66619f5005f6209920ea051474a8 Mon Sep 17 00:00:00 2001
|
||||
From: Matija Skala <mskala@gmx.com>
|
||||
Date: Wed, 15 Mar 2017 13:21:10 +0100
|
||||
Subject: [PATCH] fix includes
|
||||
@ -7,6 +7,8 @@ linux/sockios.h is needed for the SIOCGSTAMPNS macro
|
||||
|
||||
xlocale.h is included indirectly in glibc and doesn't even exist in
|
||||
other libcs
|
||||
|
||||
(cherry picked from commit 284d1cd0a12cad96a5ea61d1afb0dd677dbd147e)
|
||||
---
|
||||
src/basic/parse-util.c | 1 -
|
||||
src/libsystemd-network/sd-lldp.c | 1 +
|
||||
@ -1,9 +1,10 @@
|
||||
From cc3e26e6de62c793ac869d219dd8aa7757249893 Mon Sep 17 00:00:00 2001
|
||||
From 7586bc7e5006fd7df55199283de4766b2775f60f Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sun, 18 Jun 2017 15:53:15 -0400
|
||||
Subject: [PATCH 1/2] test-resolved-packet: add a simple test for our
|
||||
allocation functions
|
||||
Subject: [PATCH] test-resolved-packet: add a simple test for our allocation
|
||||
functions
|
||||
|
||||
(cherry picked from commit 751ca3f1de316ca79b60001334dbdf54077e1d01)
|
||||
---
|
||||
.gitignore | 1 +
|
||||
Makefile.am | 14 ++++++++++++
|
||||
@ -1,7 +1,7 @@
|
||||
From d2a286714f136404d05c8981a2e0820c1dd6e0a9 Mon Sep 17 00:00:00 2001
|
||||
From fa30043f5a3e4eaff50a72bad95601d582ac045d Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sun, 18 Jun 2017 16:07:57 -0400
|
||||
Subject: [PATCH 2/2] resolved: simplify alloc size calculation
|
||||
Subject: [PATCH] resolved: simplify alloc size calculation
|
||||
|
||||
The allocation size was calculated in a complicated way, and for values
|
||||
close to the page size we would actually allocate less than requested.
|
||||
@ -9,6 +9,8 @@ close to the page size we would actually allocate less than requested.
|
||||
Reported by Chris Coulson <chris.coulson@canonical.com>.
|
||||
|
||||
CVE-2017-9445
|
||||
|
||||
(cherry picked from commit db848813bae4d28c524b3b6a7dad135e426659ce)
|
||||
---
|
||||
src/resolve/resolved-dns-packet.c | 8 +-------
|
||||
src/resolve/resolved-dns-packet.h | 2 --
|
||||
@ -1,4 +1,4 @@
|
||||
From 9d279d91c16b527fed9a09d96e5b984244222828 Mon Sep 17 00:00:00 2001
|
||||
From b38575cb49041e586b0732d759a06801e587bb90 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 27 Jun 2017 14:20:00 -0400
|
||||
Subject: [PATCH] resolved: do not allocate packets with minimum size
|
||||
@ -9,12 +9,14 @@ otherwise we have to resize immediately again after appending the first data to
|
||||
the packet.
|
||||
|
||||
This partially reverts the previous commit.
|
||||
|
||||
(cherry picked from commit 88795538726a5bbfd9efc13d441cb05e1d7fc139)
|
||||
---
|
||||
src/resolve/resolved-dns-packet.c | 8 +++++++-
|
||||
1 file changed, 7 insertions(+), 1 deletion(-)
|
||||
src/resolve/resolved-dns-packet.c | 12 +++++++++++-
|
||||
1 file changed, 11 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
|
||||
index 821b66e266..08c48f0442 100644
|
||||
index 821b66e266..d1f0f760a4 100644
|
||||
--- a/src/resolve/resolved-dns-packet.c
|
||||
+++ b/src/resolve/resolved-dns-packet.c
|
||||
@@ -28,6 +28,9 @@
|
||||
@ -27,11 +29,15 @@ index 821b66e266..08c48f0442 100644
|
||||
typedef struct DnsPacketRewinder {
|
||||
DnsPacket *packet;
|
||||
size_t saved_rindex;
|
||||
@@ -47,7 +50,10 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
|
||||
@@ -47,7 +50,14 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
|
||||
|
||||
assert(ret);
|
||||
|
||||
- a = MAX(mtu, DNS_PACKET_HEADER_SIZE);
|
||||
+ /* When dns_packet_new() is called with mtu == 0, allocate more than the
|
||||
+ * absolute minimum (which is the dns packet header size), to avoid
|
||||
+ * resizing immediately again after appending the first data to the packet.
|
||||
+ */
|
||||
+ if (mtu < UDP_PACKET_HEADER_SIZE)
|
||||
+ a = DNS_PACKET_SIZE_START;
|
||||
+ else
|
||||
51
0080-resolved-define-various-packet-sizes-as-unsigned.patch
Normal file
51
0080-resolved-define-various-packet-sizes-as-unsigned.patch
Normal file
@ -0,0 +1,51 @@
|
||||
From d0553ece1ec2b4c586ac033ae2cb9baf22d0af33 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 27 Jun 2017 16:59:06 -0400
|
||||
Subject: [PATCH] resolved: define various packet sizes as unsigned
|
||||
|
||||
This seems like the right thing to do, and apparently at least some compilers
|
||||
warn about signed/unsigned comparisons with DNS_PACKET_SIZE_MAX.
|
||||
|
||||
(cherry picked from commit 64a21fdaca7c93f1c30b21f6fdbd2261798b161a)
|
||||
---
|
||||
src/resolve/resolved-dns-packet.c | 2 +-
|
||||
src/resolve/resolved-dns-packet.h | 6 +++---
|
||||
2 files changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
|
||||
index d1f0f760a4..a486216d68 100644
|
||||
--- a/src/resolve/resolved-dns-packet.c
|
||||
+++ b/src/resolve/resolved-dns-packet.c
|
||||
@@ -28,7 +28,7 @@
|
||||
|
||||
#define EDNS0_OPT_DO (1<<15)
|
||||
|
||||
-#define DNS_PACKET_SIZE_START 512
|
||||
+#define DNS_PACKET_SIZE_START 512u
|
||||
assert_cc(DNS_PACKET_SIZE_START > UDP_PACKET_HEADER_SIZE)
|
||||
|
||||
typedef struct DnsPacketRewinder {
|
||||
diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h
|
||||
index 3abcaf8cf3..5dff272fd9 100644
|
||||
--- a/src/resolve/resolved-dns-packet.h
|
||||
+++ b/src/resolve/resolved-dns-packet.h
|
||||
@@ -58,13 +58,13 @@ struct DnsPacketHeader {
|
||||
/* The various DNS protocols deviate in how large a packet can grow,
|
||||
but the TCP transport has a 16bit size field, hence that appears to
|
||||
be the absolute maximum. */
|
||||
-#define DNS_PACKET_SIZE_MAX 0xFFFF
|
||||
+#define DNS_PACKET_SIZE_MAX 0xFFFFu
|
||||
|
||||
/* RFC 1035 say 512 is the maximum, for classic unicast DNS */
|
||||
-#define DNS_PACKET_UNICAST_SIZE_MAX 512
|
||||
+#define DNS_PACKET_UNICAST_SIZE_MAX 512u
|
||||
|
||||
/* With EDNS0 we can use larger packets, default to 4096, which is what is commonly used */
|
||||
-#define DNS_PACKET_UNICAST_SIZE_LARGE_MAX 4096
|
||||
+#define DNS_PACKET_UNICAST_SIZE_LARGE_MAX 4096u
|
||||
|
||||
struct DnsPacket {
|
||||
int n_ref;
|
||||
--
|
||||
2.13.0
|
||||
|
||||
@ -121,10 +121,11 @@ Patch0072: 0072-zsh-add-completion-for-add-wants-and-add-requires-60.patch
|
||||
Patch0073: 0073-udev-stop-freeing-value-after-using-it-for-setting-s.patch
|
||||
Patch0074: 0074-core-mount-pass-c-flag-to-bin-umount-6093.patch
|
||||
Patch0075: 0075-man-systemd-timesyncd.service-8-6109.patch
|
||||
Patch0076: 0076-test-resolved-packet-add-a-simple-test-for-our-alloc.patch
|
||||
Patch0077: 0077-resolved-simplify-alloc-size-calculation.patch
|
||||
Patch0078: 0078-resolved-do-not-allocate-packets-with-minimum-size.patch
|
||||
Patch0079: 0079-fix-includes.patch
|
||||
Patch0076: 0076-fix-includes.patch
|
||||
Patch0077: 0077-test-resolved-packet-add-a-simple-test-for-our-alloc.patch
|
||||
Patch0078: 0078-resolved-simplify-alloc-size-calculation.patch
|
||||
Patch0079: 0079-resolved-do-not-allocate-packets-with-minimum-size.patch
|
||||
Patch0080: 0080-resolved-define-various-packet-sizes-as-unsigned.patch
|
||||
|
||||
|
||||
Source0990: hwdb.patch
|
||||
|
||||
Loading…
Reference in New Issue
Block a user