rpms/wireshark
7
0
Fork 0
Code Issues Pull Requests Releases Activity

New version 3.4.0

Browse Source 
Fix for CVE-2020-26575, CVE-2020-28030
This commit is contained in:
Michal Ruprich 2020-12-03 14:36:37 +01:00
parent dcd6e4a42d
commit 0315112421
2 changed files with 51 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
wireshark-0006-Move-tmp-to-var-tmp.patch
View File

@ -111,43 +111,50 @@ index fde66c8..b9531d2 100644
tempfile_->open(); tempfile_->open();
diff --git a/wsutil/tempfile.c b/wsutil/tempfile.c diff --git a/wsutil/tempfile.c b/wsutil/tempfile.c
index 8e1f8dc..dcf2f78 100644 index 5082452..f751a7c 100644
--- a/wsutil/tempfile.c --- a/wsutil/tempfile.c
+++ b/wsutil/tempfile.c +++ b/wsutil/tempfile.c
@@ -36,6 +36,7 @@ @@ -12,10 +12,12 @@
#include <glib.h>
#include "tempfile.h" #include "tempfile.h"
#include <wsutil/file_util.h> +#include <wsutil/file_util.h>
+#include <wsutil/wstmpdir.h> /* for get_tmp_dir() */ +#include <wsutil/wstmpdir.h> /* for get_tmp_dir() */
#ifndef __set_errno
#define __set_errno(x) errno=(x)
@@ -83,13 +83,14 @@ mkstemps(char *path_template, int suffixlen)
*/
char *get_tempfile_path(const char *filename)
{
- return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", g_get_tmp_dir(), filename);
+ return g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s", get_tmp_dir(), filename);
}
#define MAX_TEMPFILES 3
/** /**
- * Create a tempfile with the given prefix (e.g. "wireshark"). * Create a tempfile with the given prefix (e.g. "wireshark"). The path
+ * Create a tempfile with the given prefix (e.g. "wireshark"). The path - * is created using g_file_open_tmp.
+ * is created using get_tmp_dir and mkdtemp + * is created using get_tmp_dir.
* *
* @param namebuf If not NULL, receives the full path of the temp file. * @param namebuf [in,out] If not NULL, receives the full path of the temp file.
* Should NOT be freed. * Must be freed.
@@ -199,7 +200,7 @@ create_tempfile(char **namebuf, const char *pfx, const char *sfx) @@ -30,6 +31,9 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
tf[idx].path = (char *)g_malloc(tf[idx].len); {
} int fd;
gchar *safe_pfx = NULL;
+ gchar *tmp_file;
+ const char *tmp_dir;
+ int old_mask;
- tmp_dir = g_get_tmp_dir(); if (pfx) {
/* The characters in "delimiters" come from:
@@ -49,7 +53,15 @@ create_tempfile(gchar **namebuf, const char *pfx, const char *sfx, GError **err)
gchar* filetmpl = g_strdup_printf("%sXXXXXX%s", safe_pfx ? safe_pfx : "", sfx ? sfx : "");
g_free(safe_pfx);
- fd = g_file_open_tmp(filetmpl, namebuf, err);
+ tmp_dir = get_tmp_dir(); + tmp_dir = get_tmp_dir();
+ tmp_file = g_strconcat(tmp_dir, "/", filetmpl, NULL);
+
+ if (namebuf)
+ *namebuf = tmp_file;
+
+ old_mask = ws_umask(0077);
+ fd = mkstemps(tmp_file, sfx ? (int) strlen(sfx) : 0);
+ ws_umask(old_mask);
#ifdef _WIN32 g_free(filetmpl);
_tzset(); return fd;
diff --git a/wsutil/tempfile.h b/wsutil/tempfile.h diff --git a/wsutil/tempfile.h b/wsutil/tempfile.h
index 1dca2df..bb3160c 100644 index 1dca2df..bb3160c 100644
--- a/wsutil/tempfile.h --- a/wsutil/tempfile.h
@ -156,17 +163,17 @@ index 1dca2df..bb3160c 100644
/** /**
* Create a tempfile with the given prefix (e.g. "wireshark"). The path * Create a tempfile with the given prefix (e.g. "wireshark"). The path
- * is created using g_get_tmp_dir and mkstemp. - * is created using g_file_open_tmp.
+ * is created using get_tmp_dir and mkstemp. + * is created using get_tmp_dir and mkstemp.
* *
* @param namebuf [in,out] If not NULL, receives the full path of the temp file. * @param namebuf [in,out] If not NULL, receives the full path of the temp file.
* Must NOT be freed. * Must be freed.
diff --git a/wsutil/wstmpdir.c b/wsutil/wstmpdir.c diff --git a/wsutil/wstmpdir.c b/wsutil/wstmpdir.c
new file mode 100644 new file mode 100644
index 0000000..d8b733b index 0000000..d8b733b
--- /dev/null --- /dev/null
+++ b/wsutil/wstmpdir.c +++ b/wsutil/wstmpdir.c
@@ -0,0 +1,70 @@ @@ -0,0 +1,71 @@
+/* wstmpdir.c +/* wstmpdir.c
+ * + *
+ * Copyright (C) 2013 Red Hat, Inc. All right reserved. + * Copyright (C) 2013 Red Hat, Inc. All right reserved.
@ -224,6 +231,7 @@ index 0000000..d8b733b
+ k = strlen(tmp); + k = strlen(tmp);
+ if (k > 1 && G_IS_DIR_SEPARATOR(tmp[k - 1])) + if (k > 1 && G_IS_DIR_SEPARATOR(tmp[k - 1]))
+ tmp[k - 1] = '\0'; + tmp[k - 1] = '\0';
+ fprintf(stderr, "Using P_tmpdir: %s\n", P_tmpdir);
+ } + }
+#endif /* P_tmpdir */ +#endif /* P_tmpdir */
+ +

11
wireshark.spec
View File

@ -1,14 +1,14 @@
%undefine __cmake_in_source_build %undefine __cmake_in_source_build
%global with_lua 1 %global with_lua 1
%global with_maxminddb 1 %global with_maxminddb 1
%global plugins_version 3.2 %global plugins_version 3.4
# added temporarily due to errors in libqt5core # added temporarily due to errors in libqt5core
%define _lto_cflags %{nil} %define _lto_cflags %{nil}
Summary: Network traffic analyzer Summary: Network traffic analyzer
Name: wireshark Name: wireshark
Version: 3.2.7 Version: 3.4.0
Release: 2%{?dist} Release: 1%{?dist}
Epoch: 1 Epoch: 1
License: GPL+ License: GPL+
Url: http://www.wireshark.org/ Url: http://www.wireshark.org/
@ -60,6 +60,7 @@ BuildRequires: flex
BuildRequires: pcre-devel BuildRequires: pcre-devel
BuildRequires: perl(Pod::Html) BuildRequires: perl(Pod::Html)
BuildRequires: perl(Pod::Man) BuildRequires: perl(Pod::Man)
BuildRequires: perl(open)
Buildrequires: libssh-devel Buildrequires: libssh-devel
BuildRequires: qt5-linguist BuildRequires: qt5-linguist
BuildRequires: qt5-qtbase-devel BuildRequires: qt5-qtbase-devel
@ -268,6 +269,10 @@ getent group usbmon >/dev/null || groupadd -r usbmon
%{_libdir}/pkgconfig/%{name}.pc %{_libdir}/pkgconfig/%{name}.pc
%changelog %changelog
* Wed Dec 02 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.4.0-1
- New version 3.4.0
- Fix for CVE-2020-26575, CVE-2020-28030
* Fri Oct 09 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.7-1 * Fri Oct 09 2020 Michal Ruprich <mruprich@redhat.com> - 1:3.2.7-1
- New version 3.2.7 - New version 3.2.7
- Fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866 - Fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866