diff options
author | Cy Schubert <cy@FreeBSD.org> | 2019-12-20 15:38:11 +0000 |
---|---|---|
committer | Cy Schubert <cy@FreeBSD.org> | 2019-12-20 15:38:11 +0000 |
commit | ac6f714ee9819bbb28c6d96f2e7186e2f8f2c7f0 (patch) | |
tree | 1ef9f6b7e5b95a2d447d52667df9596fcd5568c2 /net/libpcap | |
parent | 28b15010645700ac5e583ddf2d983e754687d945 (diff) | |
download | ports-ac6f714ee9819bbb28c6d96f2e7186e2f8f2c7f0.tar.gz ports-ac6f714ee9819bbb28c6d96f2e7186e2f8f2c7f0.zip |
Fix libpcap issue #893: check for invalid IPv4 addresses.
This fixes errors such as:
tcpdump -i lagg0 net 999.999.999.999
This was originally discovered on a Red Hat 7.7 server and verified
to also be a bug on FreeBSD.
PR: 242719
Submitted by: cy
Reported by: cy
Approved by: garga (maintainer)
Obtained from: https://github.com/the-tcpdump-group/libpcap/commit/ \
07070918d5e81a515315b395f334e52589fe0fb
Fixed by: https://github.com/guyharris
Notes
Notes:
svn path=/head/; revision=520515
Diffstat (limited to 'net/libpcap')
-rw-r--r-- | net/libpcap/Makefile | 1 | ||||
-rw-r--r-- | net/libpcap/files/patch-gencode.c | 33 | ||||
-rw-r--r-- | net/libpcap/files/patch-nametoaddr.c | 21 |
3 files changed, 55 insertions, 0 deletions
diff --git a/net/libpcap/Makefile b/net/libpcap/Makefile index 9272c0f9c1d9..9d1cbc73e2d8 100644 --- a/net/libpcap/Makefile +++ b/net/libpcap/Makefile @@ -3,6 +3,7 @@ PORTNAME= libpcap PORTVERSION= 1.9.1 +PORTREVISION= 1 CATEGORIES= net MASTER_SITES= http://www.tcpdump.org/release/ diff --git a/net/libpcap/files/patch-gencode.c b/net/libpcap/files/patch-gencode.c new file mode 100644 index 000000000000..8d439e20edb9 --- /dev/null +++ b/net/libpcap/files/patch-gencode.c @@ -0,0 +1,33 @@ +diff --git a/gencode.c b/gencode.c +index bdc35e64..040a5531 100644 +--- gencode.c ++++ gencode.c +@@ -6947,11 +6947,15 @@ gen_mcode(compiler_state_t *cstate, const char *s1, const char *s2, + return (NULL); + + nlen = __pcap_atoin(s1, &n); ++ if (nlen < 0) ++ bpf_error(cstate, "invalid IPv4 address '%s'", s1); + /* Promote short ipaddr */ + n <<= 32 - nlen; + + if (s2 != NULL) { + mlen = __pcap_atoin(s2, &m); ++ if (mlen < 0) ++ bpf_error(cstate, "invalid IPv4 address '%s'", s2); + /* Promote short ipaddr */ + m <<= 32 - mlen; + if ((n & ~m) != 0) +@@ -7009,8 +7013,11 @@ gen_ncode(compiler_state_t *cstate, const char *s, bpf_u_int32 v, struct qual q) + vlen = __pcap_atodn(s, &v); + if (vlen == 0) + bpf_error(cstate, "malformed decnet address '%s'", s); +- } else ++ } else { + vlen = __pcap_atoin(s, &v); ++ if (vlen < 0) ++ bpf_error(cstate, "invalid IPv4 address '%s'", s); ++ } + + switch (q.addr) { + diff --git a/net/libpcap/files/patch-nametoaddr.c b/net/libpcap/files/patch-nametoaddr.c new file mode 100644 index 000000000000..a501d89a31d7 --- /dev/null +++ b/net/libpcap/files/patch-nametoaddr.c @@ -0,0 +1,21 @@ +diff --git a/nametoaddr.c b/nametoaddr.c +index 53070a28..13bf4c68 100644 +--- nametoaddr.c ++++ nametoaddr.c +@@ -674,8 +674,15 @@ __pcap_atoin(const char *s, bpf_u_int32 *addr) + len = 0; + for (;;) { + n = 0; +- while (*s && *s != '.') ++ while (*s && *s != '.') { ++ if (n > 25) { ++ /* The result will be > 255 */ ++ return -1; ++ } + n = n * 10 + *s++ - '0'; ++ } ++ if (n > 255) ++ return -1; + *addr <<= 8; + *addr |= n & 0xff; + len += 8; |