From 45046983af86539800d99603bb788012899d85a7 Mon Sep 17 00:00:00 2001 From: Jan Macku Date: Mon, 19 Jul 2021 10:12:32 +0200 Subject: [PATCH] review of CWE-170, CWE-772 Resolves: #1938887 --- 001-review-of-CWE-170-CWE-772.patch | 57 +++++++++++++++++++++++++++++ traceroute.spec | 9 ++++- 2 files changed, 65 insertions(+), 1 deletion(-) create mode 100644 001-review-of-CWE-170-CWE-772.patch diff --git a/001-review-of-CWE-170-CWE-772.patch b/001-review-of-CWE-170-CWE-772.patch new file mode 100644 index 0000000..252b7af --- /dev/null +++ b/001-review-of-CWE-170-CWE-772.patch @@ -0,0 +1,57 @@ +From 4bbfd43121e4c1f59074b1b0def9804c1890b2dc Mon Sep 17 00:00:00 2001 +From: Jan Macku +Date: Mon, 19 Jul 2021 09:48:19 +0200 +Subject: [PATCH] review of CWE-170, CWE-772 + +Resolves: #1938887 +--- + libsupp/clif.c | 2 ++ + traceroute/traceroute.c | 7 ++++++- + 2 files changed, 8 insertions(+), 1 deletion(-) + +diff --git a/libsupp/clif.c b/libsupp/clif.c +index 4ef20e4..60ec291 100644 +--- a/libsupp/clif.c ++++ b/libsupp/clif.c +@@ -229,10 +229,12 @@ static void err_bad_arg (const CLIF_option *optn, char c, int n) { + + if (c) { + s = show_short (&tmp); /* always without arg... */ ++ /* coverity[buffer_size_warning] - not a bug, s ends with '\0', see line 97 */ + strncpy (ss, s, sizeof (ss)); + s = show_short (optn); + } else { + s = show_long (&tmp); /* always without arg... */ ++ /* coverity[buffer_size_warning] - not a bug, s ends with '\0', see line 97 */ + strncpy (ss, s, sizeof (ss)); + s = show_long (optn); + } +diff --git a/traceroute/traceroute.c b/traceroute/traceroute.c +index 4be9b24..0a29e36 100644 +--- a/traceroute/traceroute.c ++++ b/traceroute/traceroute.c +@@ -217,8 +217,12 @@ static int getaddr (const char *name, sockaddr_any *addr) { + } + if (!ai) ai = res; /* anything... */ + +- if (ai->ai_addrlen > sizeof (*addr)) ++ if (ai->ai_addrlen > sizeof (*addr)) { ++ /* Avoid of leaking res (CWE-772) */ ++ freeaddrinfo (res); + return -1; /* paranoia */ ++ } ++ + memcpy (addr, ai->ai_addr, ai->ai_addrlen); + + freeaddrinfo (res); +@@ -244,6 +248,7 @@ static void make_fd_used (int fd) { + close (nfd); + } + ++ /* coverity[leaked_handle] - not a bug, see line 665 */ + return; + } + +-- +2.31.1 + diff --git a/traceroute.spec b/traceroute.spec index d0a8fcf..5aa4bbb 100644 --- a/traceroute.spec +++ b/traceroute.spec @@ -2,11 +2,13 @@ Summary: Traces the route taken by packets over an IPv4/IPv6 network Name: traceroute Epoch: 3 Version: 2.1.0 -Release: 14%{?dist} +Release: 15%{?dist} License: GPLv2+ URL: http://traceroute.sourceforge.net Source0: https://downloads.sourceforge.net/project/traceroute/traceroute/traceroute-%{version}/traceroute-%{version}.tar.gz +Patch001: 001-review-of-CWE-170-CWE-772.patch + Provides: tcptraceroute = 1.5-1 Obsoletes: tcptraceroute < 1.5-1 @@ -29,6 +31,8 @@ problems. %prep %setup -q +%patch001 -p1 + %build %make_build CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS" @@ -51,6 +55,9 @@ ln -s traceroute.8 $RPM_BUILD_ROOT%{_mandir}/man8/tcptraceroute.8 %changelog +* Mon Jul 19 2021 Jan Macku - 3:2.1.0-15 +- review of CWE-170 and CWE-772 (#1938887) + * Fri Apr 16 2021 Mohan Boddu - 3:2.1.0-14 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937