diff options
author | Anuj Mittal <anuj.mittal@intel.com> | 2019-07-22 08:22:56 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-07-23 22:26:28 +0100 |
commit | f7e07e4acd8adfab1187460b4b8232c5bccf01e1 (patch) | |
tree | 1e8dac564c37e89a2549b0a6f6f5274b8aa6497a /meta/recipes-extended/iptables/iptables | |
parent | c46f497dbbf4c73259127e596983b0235498eb41 (diff) | |
download | poky-f7e07e4acd8adfab1187460b4b8232c5bccf01e1.tar.gz |
iptables: upgrade 1.8.2 -> 1.8.3
Remove upstreamed patches and manually package symlinks which aren't
handled by do_split_package.
Changelog:
http://git.netfilter.org/iptables/log/?qt=range&q=v1.8.3...v1.8.2
(From OE-Core rev: 845af88f86f143ca0b119f0489397cd505571cae)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/iptables/iptables')
-rw-r--r-- | meta/recipes-extended/iptables/iptables/0003-extensions-format-security-fixes-in-libipt_icmp.patch | 61 | ||||
-rw-r--r-- | meta/recipes-extended/iptables/iptables/CVE-2019-11360.patch | 117 |
2 files changed, 0 insertions, 178 deletions
diff --git a/meta/recipes-extended/iptables/iptables/0003-extensions-format-security-fixes-in-libipt_icmp.patch b/meta/recipes-extended/iptables/iptables/0003-extensions-format-security-fixes-in-libipt_icmp.patch deleted file mode 100644 index e26594d19b..0000000000 --- a/meta/recipes-extended/iptables/iptables/0003-extensions-format-security-fixes-in-libipt_icmp.patch +++ /dev/null | |||
@@ -1,61 +0,0 @@ | |||
1 | From 907e429d7548157016cd51aba4adc5d0c7d9f816 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Adam=20Go=C5=82=C4=99biowski?= <adamg@pld-linux.org> | ||
3 | Date: Wed, 14 Nov 2018 07:35:28 +0100 | ||
4 | Subject: extensions: format-security fixes in libip[6]t_icmp | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | commit 61d6c3834de3 ("xtables: add 'printf' attribute to xlate_add") | ||
10 | introduced support for gcc feature to check format string against passed | ||
11 | argument. This commit adds missing bits to extenstions's libipt_icmp.c | ||
12 | and libip6t_icmp6.c that were causing build to fail. | ||
13 | |||
14 | Fixes: 61d6c3834de3 ("xtables: add 'printf' attribute to xlate_add") | ||
15 | Signed-off-by: Adam Gołębiowski <adamg@pld-linux.org> | ||
16 | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||
17 | |||
18 | Upstream-Status: Backport | ||
19 | --- | ||
20 | extensions/libip6t_icmp6.c | 4 ++-- | ||
21 | extensions/libipt_icmp.c | 2 +- | ||
22 | 2 files changed, 3 insertions(+), 3 deletions(-) | ||
23 | |||
24 | diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c | ||
25 | index 45a71875..cc7bfaeb 100644 | ||
26 | --- a/extensions/libip6t_icmp6.c | ||
27 | +++ b/extensions/libip6t_icmp6.c | ||
28 | @@ -230,7 +230,7 @@ static unsigned int type_xlate_print(struct xt_xlate *xl, unsigned int icmptype, | ||
29 | type_name = icmp6_type_xlate(icmptype); | ||
30 | |||
31 | if (type_name) { | ||
32 | - xt_xlate_add(xl, type_name); | ||
33 | + xt_xlate_add(xl, "%s", type_name); | ||
34 | } else { | ||
35 | for (i = 0; i < ARRAY_SIZE(icmpv6_codes); ++i) | ||
36 | if (icmpv6_codes[i].type == icmptype && | ||
37 | @@ -239,7 +239,7 @@ static unsigned int type_xlate_print(struct xt_xlate *xl, unsigned int icmptype, | ||
38 | break; | ||
39 | |||
40 | if (i != ARRAY_SIZE(icmpv6_codes)) | ||
41 | - xt_xlate_add(xl, icmpv6_codes[i].name); | ||
42 | + xt_xlate_add(xl, "%s", icmpv6_codes[i].name); | ||
43 | else | ||
44 | return 0; | ||
45 | } | ||
46 | diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c | ||
47 | index 54189976..e76257c5 100644 | ||
48 | --- a/extensions/libipt_icmp.c | ||
49 | +++ b/extensions/libipt_icmp.c | ||
50 | @@ -236,7 +236,7 @@ static unsigned int type_xlate_print(struct xt_xlate *xl, unsigned int icmptype, | ||
51 | if (icmp_codes[i].type == icmptype && | ||
52 | icmp_codes[i].code_min == code_min && | ||
53 | icmp_codes[i].code_max == code_max) { | ||
54 | - xt_xlate_add(xl, icmp_codes[i].name); | ||
55 | + xt_xlate_add(xl, "%s", icmp_codes[i].name); | ||
56 | return 1; | ||
57 | } | ||
58 | } | ||
59 | -- | ||
60 | cgit v1.2.1 | ||
61 | |||
diff --git a/meta/recipes-extended/iptables/iptables/CVE-2019-11360.patch b/meta/recipes-extended/iptables/iptables/CVE-2019-11360.patch deleted file mode 100644 index f67164fbcc..0000000000 --- a/meta/recipes-extended/iptables/iptables/CVE-2019-11360.patch +++ /dev/null | |||
@@ -1,117 +0,0 @@ | |||
1 | From 2ae1099a42e6a0f06de305ca13a842ac83d4683e Mon Sep 17 00:00:00 2001 | ||
2 | From: Pablo Neira Ayuso <pablo@netfilter.org> | ||
3 | Date: Mon, 22 Apr 2019 23:17:27 +0200 | ||
4 | Subject: [PATCH] xshared: check for maximum buffer length in | ||
5 | add_param_to_argv() | ||
6 | |||
7 | Bail out if we go over the boundary, based on patch from Sebastian. | ||
8 | |||
9 | Reported-by: Sebastian Neef <contact@0day.work> | ||
10 | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||
11 | |||
12 | Upstream-Status: Backport | ||
13 | CVE: CVE-2019-11360 | ||
14 | Signed-off-by: Li Zhou <li.zhou@windriver.com> | ||
15 | --- | ||
16 | iptables/xshared.c | 46 ++++++++++++++++++++++++++++------------------ | ||
17 | 1 file changed, 28 insertions(+), 18 deletions(-) | ||
18 | |||
19 | diff --git a/iptables/xshared.c b/iptables/xshared.c | ||
20 | index fb186fb1..36a2ec5f 100644 | ||
21 | --- a/iptables/xshared.c | ||
22 | +++ b/iptables/xshared.c | ||
23 | @@ -433,10 +433,24 @@ void save_argv(void) | ||
24 | } | ||
25 | } | ||
26 | |||
27 | +struct xt_param_buf { | ||
28 | + char buffer[1024]; | ||
29 | + int len; | ||
30 | +}; | ||
31 | + | ||
32 | +static void add_param(struct xt_param_buf *param, const char *curchar) | ||
33 | +{ | ||
34 | + param->buffer[param->len++] = *curchar; | ||
35 | + if (param->len >= sizeof(param->buffer)) | ||
36 | + xtables_error(PARAMETER_PROBLEM, | ||
37 | + "Parameter too long!"); | ||
38 | +} | ||
39 | + | ||
40 | void add_param_to_argv(char *parsestart, int line) | ||
41 | { | ||
42 | - int quote_open = 0, escaped = 0, param_len = 0; | ||
43 | - char param_buffer[1024], *curchar; | ||
44 | + int quote_open = 0, escaped = 0; | ||
45 | + struct xt_param_buf param = {}; | ||
46 | + char *curchar; | ||
47 | |||
48 | /* After fighting with strtok enough, here's now | ||
49 | * a 'real' parser. According to Rusty I'm now no | ||
50 | @@ -445,7 +459,7 @@ void add_param_to_argv(char *parsestart, int line) | ||
51 | for (curchar = parsestart; *curchar; curchar++) { | ||
52 | if (quote_open) { | ||
53 | if (escaped) { | ||
54 | - param_buffer[param_len++] = *curchar; | ||
55 | + add_param(¶m, curchar); | ||
56 | escaped = 0; | ||
57 | continue; | ||
58 | } else if (*curchar == '\\') { | ||
59 | @@ -455,7 +469,7 @@ void add_param_to_argv(char *parsestart, int line) | ||
60 | quote_open = 0; | ||
61 | *curchar = '"'; | ||
62 | } else { | ||
63 | - param_buffer[param_len++] = *curchar; | ||
64 | + add_param(¶m, curchar); | ||
65 | continue; | ||
66 | } | ||
67 | } else { | ||
68 | @@ -471,36 +485,32 @@ void add_param_to_argv(char *parsestart, int line) | ||
69 | case ' ': | ||
70 | case '\t': | ||
71 | case '\n': | ||
72 | - if (!param_len) { | ||
73 | + if (!param.len) { | ||
74 | /* two spaces? */ | ||
75 | continue; | ||
76 | } | ||
77 | break; | ||
78 | default: | ||
79 | /* regular character, copy to buffer */ | ||
80 | - param_buffer[param_len++] = *curchar; | ||
81 | - | ||
82 | - if (param_len >= sizeof(param_buffer)) | ||
83 | - xtables_error(PARAMETER_PROBLEM, | ||
84 | - "Parameter too long!"); | ||
85 | + add_param(¶m, curchar); | ||
86 | continue; | ||
87 | } | ||
88 | |||
89 | - param_buffer[param_len] = '\0'; | ||
90 | + param.buffer[param.len] = '\0'; | ||
91 | |||
92 | /* check if table name specified */ | ||
93 | - if ((param_buffer[0] == '-' && | ||
94 | - param_buffer[1] != '-' && | ||
95 | - strchr(param_buffer, 't')) || | ||
96 | - (!strncmp(param_buffer, "--t", 3) && | ||
97 | - !strncmp(param_buffer, "--table", strlen(param_buffer)))) { | ||
98 | + if ((param.buffer[0] == '-' && | ||
99 | + param.buffer[1] != '-' && | ||
100 | + strchr(param.buffer, 't')) || | ||
101 | + (!strncmp(param.buffer, "--t", 3) && | ||
102 | + !strncmp(param.buffer, "--table", strlen(param.buffer)))) { | ||
103 | xtables_error(PARAMETER_PROBLEM, | ||
104 | "The -t option (seen in line %u) cannot be used in %s.\n", | ||
105 | line, xt_params->program_name); | ||
106 | } | ||
107 | |||
108 | - add_argv(param_buffer, 0); | ||
109 | - param_len = 0; | ||
110 | + add_argv(param.buffer, 0); | ||
111 | + param.len = 0; | ||
112 | } | ||
113 | } | ||
114 | |||
115 | -- | ||
116 | 2.17.1 | ||
117 | |||