summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeiran Hong <peiran.hong@windriver.com>2019-10-09 10:43:15 -0400
committerArmin Kuster <akuster808@gmail.com>2019-10-19 08:25:27 -0700
commita24acf94d48d635eca668ea34598c6e5c857e3f8 (patch)
treedfa9bdc59958d4ca82c6370ee94271d0de772c89
parentfea53271d1fcd482ed1003e40f2cf5573cdb37a3 (diff)
downloadmeta-openembedded-warrior-next.tar.gz
tcpdump: Delete unused patchwarrior-nextwarrior
Delete patch "0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch" since it is not used in the tcpdump recipe anymore. Signed-off-by: Peiran Hong <peiran.hong@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 01b55a8a552d460acbe3673268733a78b47c5c03) Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r--meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch61
1 files changed, 0 insertions, 61 deletions
diff --git a/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch b/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch
deleted file mode 100644
index 919f2b009..000000000
--- a/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch
+++ /dev/null
@@ -1,61 +0,0 @@
1From c45443a0d3e16b92622bea6b589e5930e8f0d815 Mon Sep 17 00:00:00 2001
2From: Peiran Hong <peiran.hong@windriver.com>
3Date: Fri, 13 Sep 2019 17:02:57 -0400
4Subject: [PATCH] CVE-2017-16808/AoE: Add a missing bounds check.
5
6---
7 netdissect.h | 12 ++++++++++++
8 print-aoe.c | 1 +
9 2 files changed, 13 insertions(+)
10
11diff --git a/netdissect.h b/netdissect.h
12index 089b0406..cd05fdb9 100644
13--- a/netdissect.h
14+++ b/netdissect.h
15@@ -69,6 +69,11 @@ typedef struct {
16 typedef unsigned char nd_uint8_t;
17 typedef signed char nd_int8_t;
18
19+/*
20+ * Use this for MAC addresses.
21+ */
22+#define MAC_ADDR_LEN 6 /* length of MAC addresses */
23+
24 /* snprintf et al */
25
26 #include <stdarg.h>
27@@ -309,12 +314,19 @@ struct netdissect_options {
28 ((uintptr_t)ndo->ndo_snapend - (l) <= (uintptr_t)ndo->ndo_snapend && \
29 (uintptr_t)&(var) <= (uintptr_t)ndo->ndo_snapend - (l)))
30
31+#define ND_TTEST_LEN(p, l) \
32+ (IS_NOT_NEGATIVE(l) && \
33+ ((uintptr_t)ndo->ndo_snapend - (l) <= (uintptr_t)ndo->ndo_snapend && \
34+ (uintptr_t)(p) <= (uintptr_t)ndo->ndo_snapend - (l)))
35+
36 /* True if "var" was captured */
37 #define ND_TTEST(var) ND_TTEST2(var, sizeof(var))
38
39 /* Bail if "l" bytes of "var" were not captured */
40 #define ND_TCHECK2(var, l) if (!ND_TTEST2(var, l)) goto trunc
41
42+#define ND_TCHECK_LEN(p, l) if (!ND_TTEST_LEN(p, l)) goto trunc
43+
44 /* Bail if "var" was not captured */
45 #define ND_TCHECK(var) ND_TCHECK2(var, sizeof(var))
46
47diff --git a/print-aoe.c b/print-aoe.c
48index 97e93df2..ac097a04 100644
49--- a/print-aoe.c
50+++ b/print-aoe.c
51@@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo,
52 goto invalid;
53 /* addresses */
54 for (i = 0; i < nmacs; i++) {
55+ ND_TCHECK_LEN(cp, MAC_ADDR_LEN);
56 ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp)));
57 cp += ETHER_ADDR_LEN;
58 }
59--
602.21.0
61