diff options
Diffstat (limited to 'meta/recipes-connectivity/avahi')
13 files changed, 852 insertions, 55 deletions
diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb index c8a3f876aa..1f18d4491d 100644 --- a/meta/recipes-connectivity/avahi/avahi_0.8.bb +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb | |||
@@ -5,35 +5,47 @@ with no specific configuration. This tool implements IPv4LL, "Dynamic Configurat | |||
5 | IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \ | 5 | IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \ |
6 | configuration from the link-local 169.254.0.0/16 range without the need for a central \ | 6 | configuration from the link-local 169.254.0.0/16 range without the need for a central \ |
7 | server.' | 7 | server.' |
8 | AUTHOR = "Lennart Poettering <lennart@poettering.net>" | ||
9 | HOMEPAGE = "http://avahi.org" | 8 | HOMEPAGE = "http://avahi.org" |
10 | BUGTRACKER = "https://github.com/lathiat/avahi/issues" | 9 | BUGTRACKER = "https://github.com/avahi/avahi/issues" |
11 | SECTION = "network" | 10 | SECTION = "network" |
12 | 11 | ||
13 | # major part is under LGPLv2.1+, but several .dtd, .xsl, initscripts and | 12 | # major part is under LGPL-2.1-or-later, but several .dtd, .xsl, initscripts and |
14 | # python scripts are under GPLv2+ | 13 | # python scripts are under GPL-2.0-or-later |
15 | LICENSE = "GPLv2+ & LGPLv2.1+" | 14 | LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later" |
16 | LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ | 15 | LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ |
17 | file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \ | 16 | file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \ |
18 | file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \ | 17 | file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \ |
19 | file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ | 18 | file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ |
20 | file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" | 19 | file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" |
21 | 20 | ||
22 | SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}.tar.gz \ | 21 | SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \ |
23 | file://00avahi-autoipd \ | 22 | file://00avahi-autoipd \ |
24 | file://99avahi-autoipd \ | 23 | file://99avahi-autoipd \ |
25 | file://initscript.patch \ | 24 | file://initscript.patch \ |
26 | file://0001-Fix-opening-etc-resolv.conf-error.patch \ | 25 | file://0001-Fix-opening-etc-resolv.conf-error.patch \ |
26 | file://handle-hup.patch \ | ||
27 | file://local-ping.patch \ | ||
28 | file://invalid-service.patch \ | ||
29 | file://CVE-2023-1981.patch \ | ||
30 | file://CVE-2023-38469-1.patch \ | ||
31 | file://CVE-2023-38469-2.patch \ | ||
32 | file://CVE-2023-38470-1.patch \ | ||
33 | file://CVE-2023-38470-2.patch \ | ||
34 | file://CVE-2023-38471-1.patch \ | ||
35 | file://CVE-2023-38471-2.patch \ | ||
36 | file://CVE-2023-38472.patch \ | ||
37 | file://CVE-2023-38473.patch \ | ||
27 | " | 38 | " |
28 | 39 | ||
29 | UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" | 40 | GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/" |
30 | SRC_URI[md5sum] = "229c6aa30674fc43c202b22c5f8c2be7" | ||
31 | SRC_URI[sha256sum] = "060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de798fedda" | 41 | SRC_URI[sha256sum] = "060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de798fedda" |
32 | 42 | ||
33 | DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native" | 43 | CVE_STATUS[CVE-2021-26720] = "not-applicable-platform: Issue only affects Debian/SUSE" |
44 | |||
45 | DEPENDS = "expat libcap libdaemon glib-2.0 glib-2.0-native" | ||
34 | 46 | ||
35 | # For gtk related PACKAGECONFIGs: gtk, gtk3 | 47 | # For gtk related PACKAGECONFIGs: gtk, gtk3 |
36 | AVAHI_GTK ?= "gtk3" | 48 | AVAHI_GTK ?= "" |
37 | 49 | ||
38 | PACKAGECONFIG ??= "dbus ${@bb.utils.contains_any('DISTRO_FEATURES','x11 wayland','${AVAHI_GTK}','',d)}" | 50 | PACKAGECONFIG ??= "dbus ${@bb.utils.contains_any('DISTRO_FEATURES','x11 wayland','${AVAHI_GTK}','',d)}" |
39 | PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" | 51 | PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" |
@@ -43,7 +55,7 @@ PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus" | |||
43 | PACKAGECONFIG[libevent] = "--enable-libevent,--disable-libevent,libevent" | 55 | PACKAGECONFIG[libevent] = "--enable-libevent,--disable-libevent,libevent" |
44 | PACKAGECONFIG[qt5] = "--enable-qt5,--disable-qt5,qtbase" | 56 | PACKAGECONFIG[qt5] = "--enable-qt5,--disable-qt5,qtbase" |
45 | 57 | ||
46 | inherit autotools pkgconfig gettext gobject-introspection | 58 | inherit autotools pkgconfig gettext gobject-introspection github-releases |
47 | 59 | ||
48 | EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ | 60 | EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ |
49 | --disable-stack-protector \ | 61 | --disable-stack-protector \ |
@@ -62,23 +74,22 @@ EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ | |||
62 | 74 | ||
63 | # The distro choice determines what init scripts are installed | 75 | # The distro choice determines what init scripts are installed |
64 | EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}" | 76 | EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}" |
65 | EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_unitdir}/system/','--without-systemdsystemunitdir',d)}" | 77 | EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_system_unitdir}/','--without-systemdsystemunitdir',d)}" |
66 | 78 | ||
67 | do_configure_prepend() { | 79 | do_configure:prepend() { |
68 | # This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes | 80 | # This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes |
69 | rm "${S}/common/introspection.m4" || true | 81 | rm "${S}/common/introspection.m4" || true |
70 | } | 82 | } |
71 | 83 | ||
72 | do_compile_prepend() { | 84 | do_compile:prepend() { |
73 | export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs" | 85 | export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs" |
74 | } | 86 | } |
75 | 87 | ||
76 | RRECOMMENDS_${PN}_append_libc-glibc = " libnss-mdns" | 88 | RRECOMMENDS:${PN}:append:libc-glibc = " libnss-mdns" |
77 | 89 | ||
78 | do_install() { | 90 | do_install() { |
79 | autotools_do_install | 91 | autotools_do_install |
80 | rm -rf ${D}/run | 92 | rm -rf ${D}/run |
81 | rm -rf ${D}${datadir}/dbus-1/interfaces | ||
82 | test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 | 93 | test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 |
83 | rm -rf ${D}${libdir}/avahi | 94 | rm -rf ${D}${libdir}/avahi |
84 | 95 | ||
@@ -90,88 +101,88 @@ do_install() { | |||
90 | 101 | ||
91 | PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}" | 102 | PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}" |
92 | 103 | ||
93 | FILES_libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*" | 104 | FILES:libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*" |
94 | 105 | ||
95 | RPROVIDES_libavahi-compat-libdnssd = "libdns-sd" | 106 | RPROVIDES:libavahi-compat-libdnssd = "libdns-sd" |
96 | 107 | ||
97 | inherit update-rc.d systemd useradd | 108 | inherit update-rc.d systemd useradd |
98 | 109 | ||
99 | PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils avahi-discover avahi-ui" | 110 | PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils avahi-discover avahi-ui" |
100 | 111 | ||
101 | FILES_avahi-ui = "${libdir}/libavahi-ui*.so.*" | 112 | FILES:avahi-ui = "${libdir}/libavahi-ui*.so.*" |
102 | FILES_avahi-discover = "${datadir}/applications/avahi-discover.desktop \ | 113 | FILES:avahi-discover = "${datadir}/applications/avahi-discover.desktop \ |
103 | ${datadir}/avahi/interfaces/avahi-discover.ui \ | 114 | ${datadir}/avahi/interfaces/avahi-discover.ui \ |
104 | ${bindir}/avahi-discover-standalone \ | 115 | ${bindir}/avahi-discover-standalone \ |
105 | " | 116 | " |
106 | 117 | ||
107 | LICENSE_libavahi-gobject = "LGPLv2.1+" | 118 | LICENSE:libavahi-gobject = "LGPL-2.1-or-later" |
108 | LICENSE_avahi-daemon = "LGPLv2.1+" | 119 | LICENSE:avahi-daemon = "LGPL-2.1-or-later" |
109 | LICENSE_libavahi-common = "LGPLv2.1+" | 120 | LICENSE:libavahi-common = "LGPL-2.1-or-later" |
110 | LICENSE_libavahi-core = "LGPLv2.1+" | 121 | LICENSE:libavahi-core = "LGPL-2.1-or-later" |
111 | LICENSE_libavahi-client = "LGPLv2.1+" | 122 | LICENSE:libavahi-client = "LGPL-2.1-or-later" |
112 | LICENSE_avahi-dnsconfd = "LGPLv2.1+" | 123 | LICENSE:avahi-dnsconfd = "LGPL-2.1-or-later" |
113 | LICENSE_libavahi-glib = "LGPLv2.1+" | 124 | LICENSE:libavahi-glib = "LGPL-2.1-or-later" |
114 | LICENSE_avahi-autoipd = "LGPLv2.1+" | 125 | LICENSE:avahi-autoipd = "LGPL-2.1-or-later" |
115 | LICENSE_avahi-utils = "LGPLv2.1+" | 126 | LICENSE:avahi-utils = "LGPL-2.1-or-later" |
116 | 127 | ||
117 | # As avahi doesn't put any files into PN, clear the files list to avoid problems | 128 | # As avahi doesn't put any files into PN, clear the files list to avoid problems |
118 | # if extra libraries appear. | 129 | # if extra libraries appear. |
119 | FILES_${PN} = "" | 130 | FILES:${PN} = "" |
120 | FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \ | 131 | FILES:avahi-autoipd = "${sbindir}/avahi-autoipd \ |
121 | ${sysconfdir}/avahi/avahi-autoipd.action \ | 132 | ${sysconfdir}/avahi/avahi-autoipd.action \ |
122 | ${sysconfdir}/dhcp/*/avahi-autoipd \ | 133 | ${sysconfdir}/dhcp/*/avahi-autoipd \ |
123 | ${sysconfdir}/udhcpc.d/00avahi-autoipd \ | 134 | ${sysconfdir}/udhcpc.d/00avahi-autoipd \ |
124 | ${sysconfdir}/udhcpc.d/99avahi-autoipd" | 135 | ${sysconfdir}/udhcpc.d/99avahi-autoipd" |
125 | FILES_libavahi-common = "${libdir}/libavahi-common.so.*" | 136 | FILES:libavahi-common = "${libdir}/libavahi-common.so.*" |
126 | FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib" | 137 | FILES:libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib" |
127 | FILES_avahi-daemon = "${sbindir}/avahi-daemon \ | 138 | FILES:avahi-daemon = "${sbindir}/avahi-daemon \ |
128 | ${sysconfdir}/avahi/avahi-daemon.conf \ | 139 | ${sysconfdir}/avahi/avahi-daemon.conf \ |
129 | ${sysconfdir}/avahi/hosts \ | 140 | ${sysconfdir}/avahi/hosts \ |
130 | ${sysconfdir}/avahi/services \ | 141 | ${sysconfdir}/avahi/services \ |
131 | ${sysconfdir}/dbus-1 \ | 142 | ${sysconfdir}/dbus-1 \ |
132 | ${sysconfdir}/init.d/avahi-daemon \ | 143 | ${sysconfdir}/init.d/avahi-daemon \ |
133 | ${datadir}/avahi/introspection/*.introspect \ | 144 | ${datadir}/dbus-1/interfaces \ |
134 | ${datadir}/avahi/avahi-service.dtd \ | 145 | ${datadir}/avahi/avahi-service.dtd \ |
135 | ${datadir}/avahi/service-types \ | 146 | ${datadir}/avahi/service-types \ |
136 | ${datadir}/dbus-1/system-services" | 147 | ${datadir}/dbus-1/system-services" |
137 | FILES_libavahi-client = "${libdir}/libavahi-client.so.*" | 148 | FILES:libavahi-client = "${libdir}/libavahi-client.so.*" |
138 | FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \ | 149 | FILES:avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \ |
139 | ${sysconfdir}/avahi/avahi-dnsconfd.action \ | 150 | ${sysconfdir}/avahi/avahi-dnsconfd.action \ |
140 | ${sysconfdir}/init.d/avahi-dnsconfd" | 151 | ${sysconfdir}/init.d/avahi-dnsconfd" |
141 | FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*" | 152 | FILES:libavahi-glib = "${libdir}/libavahi-glib.so.*" |
142 | FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib" | 153 | FILES:libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib" |
143 | FILES_avahi-utils = "${bindir}/avahi-* ${bindir}/b* ${datadir}/applications/b*" | 154 | FILES:avahi-utils = "${bindir}/avahi-* ${bindir}/b* ${datadir}/applications/b*" |
144 | 155 | ||
145 | RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV})" | 156 | DEV_PKG_DEPENDENCY = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV})" |
146 | RDEPENDS_${PN}-dev += "${@["", " libavahi-client (= ${EXTENDPKGV})"][bb.utils.contains('PACKAGECONFIG', 'dbus', 1, 0, d)]}" | 157 | DEV_PKG_DEPENDENCY += "${@["", " libavahi-client (= ${EXTENDPKGV})"][bb.utils.contains('PACKAGECONFIG', 'dbus', 1, 0, d)]}" |
147 | RDEPENDS_${PN}-dnsconfd = "${PN}-daemon" | 158 | RDEPENDS:${PN}-dnsconfd = "${PN}-daemon" |
148 | 159 | ||
149 | RRECOMMENDS_avahi-daemon_append_libc-glibc = " libnss-mdns" | 160 | RRECOMMENDS:avahi-daemon:append:libc-glibc = " libnss-mdns" |
150 | 161 | ||
151 | CONFFILES_avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf" | 162 | CONFFILES:avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf" |
152 | 163 | ||
153 | USERADD_PACKAGES = "avahi-daemon avahi-autoipd" | 164 | USERADD_PACKAGES = "avahi-daemon avahi-autoipd" |
154 | USERADD_PARAM_avahi-daemon = "--system --home /run/avahi-daemon \ | 165 | USERADD_PARAM:avahi-daemon = "--system --home /run/avahi-daemon \ |
155 | --no-create-home --shell /bin/false \ | 166 | --no-create-home --shell /bin/false \ |
156 | --user-group avahi" | 167 | --user-group avahi" |
157 | 168 | ||
158 | USERADD_PARAM_avahi-autoipd = "--system --home /run/avahi-autoipd \ | 169 | USERADD_PARAM:avahi-autoipd = "--system --home /run/avahi-autoipd \ |
159 | --no-create-home --shell /bin/false \ | 170 | --no-create-home --shell /bin/false \ |
160 | --user-group \ | 171 | --user-group \ |
161 | -c \"Avahi autoip daemon\" \ | 172 | -c \"Avahi autoip daemon\" \ |
162 | avahi-autoipd" | 173 | avahi-autoipd" |
163 | 174 | ||
164 | INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd" | 175 | INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd" |
165 | INITSCRIPT_NAME_avahi-daemon = "avahi-daemon" | 176 | INITSCRIPT_NAME:avahi-daemon = "avahi-daemon" |
166 | INITSCRIPT_PARAMS_avahi-daemon = "defaults 21 19" | 177 | INITSCRIPT_PARAMS:avahi-daemon = "defaults 21 19" |
167 | INITSCRIPT_NAME_avahi-dnsconfd = "avahi-dnsconfd" | 178 | INITSCRIPT_NAME:avahi-dnsconfd = "avahi-dnsconfd" |
168 | INITSCRIPT_PARAMS_avahi-dnsconfd = "defaults 22 19" | 179 | INITSCRIPT_PARAMS:avahi-dnsconfd = "defaults 22 19" |
169 | 180 | ||
170 | SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd" | 181 | SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd" |
171 | SYSTEMD_SERVICE_${PN}-daemon = "avahi-daemon.service" | 182 | SYSTEMD_SERVICE:${PN}-daemon = "avahi-daemon.service" |
172 | SYSTEMD_SERVICE_${PN}-dnsconfd = "avahi-dnsconfd.service" | 183 | SYSTEMD_SERVICE:${PN}-dnsconfd = "avahi-dnsconfd.service" |
173 | 184 | ||
174 | do_install_append() { | 185 | do_install:append() { |
175 | install -d ${D}${sysconfdir}/udhcpc.d | 186 | install -d ${D}${sysconfdir}/udhcpc.d |
176 | install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d | 187 | install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d |
177 | install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d | 188 | install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d |
@@ -179,7 +190,7 @@ do_install_append() { | |||
179 | 190 | ||
180 | # At the time the postinst runs, dbus might not be setup so only restart if running | 191 | # At the time the postinst runs, dbus might not be setup so only restart if running |
181 | # Don't exit early, because update-rc.d needs to run subsequently. | 192 | # Don't exit early, because update-rc.d needs to run subsequently. |
182 | pkg_postinst_avahi-daemon () { | 193 | pkg_postinst:avahi-daemon () { |
183 | if [ -z "$D" ]; then | 194 | if [ -z "$D" ]; then |
184 | killall -q -HUP dbus-daemon || true | 195 | killall -q -HUP dbus-daemon || true |
185 | fi | 196 | fi |
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch new file mode 100644 index 0000000000..4d7924d13a --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch | |||
@@ -0,0 +1,58 @@ | |||
1 | From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com> | ||
3 | Date: Thu, 17 Nov 2022 01:51:53 +0100 | ||
4 | Subject: [PATCH] Emit error if requested service is not found | ||
5 | |||
6 | It currently just crashes instead of replying with error. Check return | ||
7 | value and emit error instead of passing NULL pointer to reply. | ||
8 | |||
9 | Fixes #375 | ||
10 | |||
11 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-1981.patch?h=ubuntu/jammy-security | ||
12 | Upstream commit https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f] | ||
13 | CVE: CVE-2023-1981 | ||
14 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
15 | --- | ||
16 | avahi-daemon/dbus-protocol.c | 20 ++++++++++++++------ | ||
17 | 1 file changed, 14 insertions(+), 6 deletions(-) | ||
18 | |||
19 | diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c | ||
20 | index 70d7687bc..406d0b441 100644 | ||
21 | --- a/avahi-daemon/dbus-protocol.c | ||
22 | +++ b/avahi-daemon/dbus-protocol.c | ||
23 | @@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM | ||
24 | } | ||
25 | |||
26 | t = avahi_alternative_host_name(n); | ||
27 | - avahi_dbus_respond_string(c, m, t); | ||
28 | - avahi_free(t); | ||
29 | + if (t) { | ||
30 | + avahi_dbus_respond_string(c, m, t); | ||
31 | + avahi_free(t); | ||
32 | |||
33 | - return DBUS_HANDLER_RESULT_HANDLED; | ||
34 | + return DBUS_HANDLER_RESULT_HANDLED; | ||
35 | + } else { | ||
36 | + return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Hostname not found"); | ||
37 | + } | ||
38 | } | ||
39 | |||
40 | static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DBusMessage *m, DBusError *error) { | ||
41 | @@ -389,10 +393,14 @@ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DB | ||
42 | } | ||
43 | |||
44 | t = avahi_alternative_service_name(n); | ||
45 | - avahi_dbus_respond_string(c, m, t); | ||
46 | - avahi_free(t); | ||
47 | + if (t) { | ||
48 | + avahi_dbus_respond_string(c, m, t); | ||
49 | + avahi_free(t); | ||
50 | |||
51 | - return DBUS_HANDLER_RESULT_HANDLED; | ||
52 | + return DBUS_HANDLER_RESULT_HANDLED; | ||
53 | + } else { | ||
54 | + return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Service not found"); | ||
55 | + } | ||
56 | } | ||
57 | |||
58 | static DBusHandlerResult dbus_create_new_entry_group(DBusConnection *c, DBusMessage *m, DBusError *error) { | ||
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch new file mode 100644 index 0000000000..a078f66102 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch | |||
@@ -0,0 +1,48 @@ | |||
1 | From 72842945085cc3adaccfdfa2853771b0e75ef991 Mon Sep 17 00:00:00 2001 | ||
2 | From: Evgeny Vereshchagin <evvers@ya.ru> | ||
3 | Date: Mon, 23 Oct 2023 20:29:31 +0000 | ||
4 | Subject: [PATCH] avahi: core: reject overly long TXT resource records | ||
5 | |||
6 | Closes https://github.com/lathiat/avahi/issues/455 | ||
7 | |||
8 | Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf] | ||
9 | CVE: CVE-2023-38469 | ||
10 | |||
11 | Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> | ||
12 | --- | ||
13 | avahi-core/rr.c | 9 ++++++++- | ||
14 | 1 file changed, 8 insertions(+), 1 deletion(-) | ||
15 | |||
16 | diff --git a/avahi-core/rr.c b/avahi-core/rr.c | ||
17 | index 7fa0bee..b03a24c 100644 | ||
18 | --- a/avahi-core/rr.c | ||
19 | +++ b/avahi-core/rr.c | ||
20 | @@ -32,6 +32,7 @@ | ||
21 | #include <avahi-common/malloc.h> | ||
22 | #include <avahi-common/defs.h> | ||
23 | |||
24 | +#include "dns.h" | ||
25 | #include "rr.h" | ||
26 | #include "log.h" | ||
27 | #include "util.h" | ||
28 | @@ -688,11 +689,17 @@ int avahi_record_is_valid(AvahiRecord *r) { | ||
29 | case AVAHI_DNS_TYPE_TXT: { | ||
30 | |||
31 | AvahiStringList *strlst; | ||
32 | + size_t used = 0; | ||
33 | |||
34 | - for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) | ||
35 | + for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) { | ||
36 | if (strlst->size > 255 || strlst->size <= 0) | ||
37 | return 0; | ||
38 | |||
39 | + used += 1+strlst->size; | ||
40 | + if (used > AVAHI_DNS_RDATA_MAX) | ||
41 | + return 0; | ||
42 | + } | ||
43 | + | ||
44 | return 1; | ||
45 | } | ||
46 | } | ||
47 | -- | ||
48 | 2.40.0 | ||
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch new file mode 100644 index 0000000000..f8f60ddca1 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch | |||
@@ -0,0 +1,65 @@ | |||
1 | From c6cab87df290448a63323c8ca759baa516166237 Mon Sep 17 00:00:00 2001 | ||
2 | From: Evgeny Vereshchagin <evvers@ya.ru> | ||
3 | Date: Wed, 25 Oct 2023 18:15:42 +0000 | ||
4 | Subject: [PATCH] tests: pass overly long TXT resource records | ||
5 | |||
6 | to make sure they don't crash avahi any more. | ||
7 | It reproduces https://github.com/lathiat/avahi/issues/455 | ||
8 | |||
9 | Canonical notes: | ||
10 | nickgalanis> removed first hunk since there is no .github dir in this release | ||
11 | |||
12 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38469-2.patch?h=ubuntu/jammy-security | ||
13 | Upstream commit https://github.com/lathiat/avahi/commit/c6cab87df290448a63323c8ca759baa516166237] | ||
14 | CVE: CVE-2023-38469 | ||
15 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
16 | --- | ||
17 | avahi-client/client-test.c | 14 ++++++++++++++ | ||
18 | 1 files changed, 14 insertions(+) | ||
19 | |||
20 | Index: avahi-0.8/avahi-client/client-test.c | ||
21 | =================================================================== | ||
22 | --- avahi-0.8.orig/avahi-client/client-test.c | ||
23 | +++ avahi-0.8/avahi-client/client-test.c | ||
24 | @@ -22,6 +22,7 @@ | ||
25 | #endif | ||
26 | |||
27 | #include <stdio.h> | ||
28 | +#include <string.h> | ||
29 | #include <assert.h> | ||
30 | |||
31 | #include <avahi-client/client.h> | ||
32 | @@ -33,6 +34,8 @@ | ||
33 | #include <avahi-common/malloc.h> | ||
34 | #include <avahi-common/timeval.h> | ||
35 | |||
36 | +#include <avahi-core/dns.h> | ||
37 | + | ||
38 | static const AvahiPoll *poll_api = NULL; | ||
39 | static AvahiSimplePoll *simple_poll = NULL; | ||
40 | |||
41 | @@ -222,6 +225,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA | ||
42 | uint32_t cookie; | ||
43 | struct timeval tv; | ||
44 | AvahiAddress a; | ||
45 | + uint8_t rdata[AVAHI_DNS_RDATA_MAX+1]; | ||
46 | + AvahiStringList *txt = NULL; | ||
47 | + int r; | ||
48 | |||
49 | simple_poll = avahi_simple_poll_new(); | ||
50 | poll_api = avahi_simple_poll_get(simple_poll); | ||
51 | @@ -258,6 +264,14 @@ int main (AVAHI_GCC_UNUSED int argc, AVA | ||
52 | printf("%s\n", avahi_strerror(avahi_entry_group_add_service (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "Lathiat's Site", "_http._tcp", NULL, NULL, 80, "foo=bar", NULL))); | ||
53 | printf("add_record: %d\n", avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "\5booya", 6)); | ||
54 | |||
55 | + memset(rdata, 1, sizeof(rdata)); | ||
56 | + r = avahi_string_list_parse(rdata, sizeof(rdata), &txt); | ||
57 | + assert(r >= 0); | ||
58 | + assert(avahi_string_list_serialize(txt, NULL, 0) == sizeof(rdata)); | ||
59 | + error = avahi_entry_group_add_service_strlst(group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", "_qotd._tcp", NULL, NULL, 123, txt); | ||
60 | + assert(error == AVAHI_ERR_INVALID_RECORD); | ||
61 | + avahi_string_list_free(txt); | ||
62 | + | ||
63 | avahi_entry_group_commit (group); | ||
64 | |||
65 | domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u"); | ||
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch new file mode 100644 index 0000000000..91f9e677ac --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch | |||
@@ -0,0 +1,59 @@ | |||
1 | From af7bfad67ca53a7c4042a4a2d85456b847e9f249 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com> | ||
3 | Date: Tue, 11 Apr 2023 15:29:59 +0200 | ||
4 | Subject: [PATCH] avahi: Ensure each label is at least one byte long | ||
5 | |||
6 | The only allowed exception is single dot, where it should return empty | ||
7 | string. | ||
8 | |||
9 | Fixes #454. | ||
10 | |||
11 | Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c] | ||
12 | CVE: CVE-2023-38470 | ||
13 | |||
14 | Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> | ||
15 | --- | ||
16 | avahi-common/domain-test.c | 14 ++++++++++++++ | ||
17 | avahi-common/domain.c | 2 +- | ||
18 | 2 files changed, 15 insertions(+), 1 deletion(-) | ||
19 | |||
20 | diff --git a/avahi-common/domain-test.c b/avahi-common/domain-test.c | ||
21 | index cf763ec..3acc1c1 100644 | ||
22 | --- a/avahi-common/domain-test.c | ||
23 | +++ b/avahi-common/domain-test.c | ||
24 | @@ -45,6 +45,20 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) { | ||
25 | printf("%s\n", s = avahi_normalize_name_strdup("fo\\\\o\\..f oo.")); | ||
26 | avahi_free(s); | ||
27 | |||
28 | + printf("%s\n", s = avahi_normalize_name_strdup(".")); | ||
29 | + avahi_free(s); | ||
30 | + | ||
31 | + s = avahi_normalize_name_strdup(",.=.}.=.?-.}.=.?.?.}.}.?.?.?.z.?.?.}.}." | ||
32 | + "}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.}.}.}" | ||
33 | + ".?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.?.zM.?`" | ||
34 | + "?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}??.}.}.?.?." | ||
35 | + "?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.?`?.}.}.}." | ||
36 | + "??.?.zM.?`?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}?" | ||
37 | + "?.}.}.?.?.?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM." | ||
38 | + "?`?.}.}.}.?.?.?.r.=.=.?.?`.?.?}.}.}.?.?.?.r.=.?.}.=.?.?." | ||
39 | + "}.?.?.?.}.=.?.?.}"); | ||
40 | + assert(s == NULL); | ||
41 | + | ||
42 | printf("%i\n", avahi_domain_equal("\\065aa bbb\\.\\046cc.cc\\\\.dee.fff.", "Aaa BBB\\.\\.cc.cc\\\\.dee.fff")); | ||
43 | printf("%i\n", avahi_domain_equal("A", "a")); | ||
44 | |||
45 | diff --git a/avahi-common/domain.c b/avahi-common/domain.c | ||
46 | index 3b1ab68..e66d241 100644 | ||
47 | --- a/avahi-common/domain.c | ||
48 | +++ b/avahi-common/domain.c | ||
49 | @@ -201,7 +201,7 @@ char *avahi_normalize_name(const char *s, char *ret_s, size_t size) { | ||
50 | } | ||
51 | |||
52 | if (!empty) { | ||
53 | - if (size < 1) | ||
54 | + if (size < 2) | ||
55 | return NULL; | ||
56 | |||
57 | *(r++) = '.'; | ||
58 | -- | ||
59 | 2.40.0 | ||
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch new file mode 100644 index 0000000000..e0736bf210 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch | |||
@@ -0,0 +1,52 @@ | |||
1 | From 20dec84b2480821704258bc908e7b2bd2e883b24 Mon Sep 17 00:00:00 2001 | ||
2 | From: Evgeny Vereshchagin <evvers@ya.ru> | ||
3 | Date: Tue, 19 Sep 2023 03:21:25 +0000 | ||
4 | Subject: [PATCH] [common] bail out when escaped labels can't fit into ret | ||
5 | |||
6 | Fixes: | ||
7 | ``` | ||
8 | ==93410==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7f9e76f14c16 at pc 0x00000047208d bp 0x7ffee90a6a00 sp 0x7ffee90a61c8 | ||
9 | READ of size 1110 at 0x7f9e76f14c16 thread T0 | ||
10 | #0 0x47208c in __interceptor_strlen (out/fuzz-domain+0x47208c) (BuildId: 731b20c1eef22c2104e75a6496a399b10cfc7cba) | ||
11 | #1 0x534eb0 in avahi_strdup avahi/avahi-common/malloc.c:167:12 | ||
12 | #2 0x53862c in avahi_normalize_name_strdup avahi/avahi-common/domain.c:226:12 | ||
13 | ``` | ||
14 | and | ||
15 | ``` | ||
16 | fuzz-domain: fuzz/fuzz-domain.c:38: int LLVMFuzzerTestOneInput(const uint8_t *, size_t): Assertion `avahi_domain_equal(s, t)' failed. | ||
17 | ==101571== ERROR: libFuzzer: deadly signal | ||
18 | #0 0x501175 in __sanitizer_print_stack_trace (/home/vagrant/avahi/out/fuzz-domain+0x501175) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8) | ||
19 | #1 0x45ad2c in fuzzer::PrintStackTrace() (/home/vagrant/avahi/out/fuzz-domain+0x45ad2c) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8) | ||
20 | #2 0x43fc07 in fuzzer::Fuzzer::CrashCallback() (/home/vagrant/avahi/out/fuzz-domain+0x43fc07) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8) | ||
21 | #3 0x7f1581d7ebaf (/lib64/libc.so.6+0x3dbaf) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) | ||
22 | #4 0x7f1581dcf883 in __pthread_kill_implementation (/lib64/libc.so.6+0x8e883) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) | ||
23 | #5 0x7f1581d7eafd in gsignal (/lib64/libc.so.6+0x3dafd) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) | ||
24 | #6 0x7f1581d6787e in abort (/lib64/libc.so.6+0x2687e) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) | ||
25 | #7 0x7f1581d6779a in __assert_fail_base.cold (/lib64/libc.so.6+0x2679a) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) | ||
26 | #8 0x7f1581d77186 in __assert_fail (/lib64/libc.so.6+0x36186) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25) | ||
27 | #9 0x5344a4 in LLVMFuzzerTestOneInput /home/vagrant/avahi/fuzz/fuzz-domain.c:38:9 | ||
28 | ``` | ||
29 | |||
30 | It's a follow-up to 94cb6489114636940ac683515417990b55b5d66c | ||
31 | |||
32 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38470-2.patch?h=ubuntu/jammy-security | ||
33 | CVE: CVE-2023-38470 #Follow-up patch | ||
34 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
35 | --- | ||
36 | avahi-common/domain.c | 3 ++- | ||
37 | 1 file changed, 2 insertions(+), 1 deletion(-) | ||
38 | |||
39 | Index: avahi-0.8/avahi-common/domain.c | ||
40 | =================================================================== | ||
41 | --- avahi-0.8.orig/avahi-common/domain.c | ||
42 | +++ avahi-0.8/avahi-common/domain.c | ||
43 | @@ -210,7 +210,8 @@ char *avahi_normalize_name(const char *s | ||
44 | } else | ||
45 | empty = 0; | ||
46 | |||
47 | - avahi_escape_label(label, strlen(label), &r, &size); | ||
48 | + if (!(avahi_escape_label(label, strlen(label), &r, &size))) | ||
49 | + return NULL; | ||
50 | } | ||
51 | |||
52 | return ret_s; | ||
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch new file mode 100644 index 0000000000..b3f716495d --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch | |||
@@ -0,0 +1,73 @@ | |||
1 | From 48d745db7fd554fc33e96ec86d3675ebd530bb8e Mon Sep 17 00:00:00 2001 | ||
2 | From: Michal Sekletar <msekleta@redhat.com> | ||
3 | Date: Mon, 23 Oct 2023 13:38:35 +0200 | ||
4 | Subject: [PATCH] avahi: core: extract host name using avahi_unescape_label() | ||
5 | |||
6 | Previously we could create invalid escape sequence when we split the | ||
7 | string on dot. For example, from valid host name "foo\\.bar" we have | ||
8 | created invalid name "foo\\" and tried to set that as the host name | ||
9 | which crashed the daemon. | ||
10 | |||
11 | Fixes #453 | ||
12 | |||
13 | Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09] | ||
14 | CVE: CVE-2023-38471 | ||
15 | |||
16 | Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> | ||
17 | --- | ||
18 | avahi-core/server.c | 27 +++++++++++++++++++++------ | ||
19 | 1 file changed, 21 insertions(+), 6 deletions(-) | ||
20 | |||
21 | diff --git a/avahi-core/server.c b/avahi-core/server.c | ||
22 | index e507750..40f1d68 100644 | ||
23 | --- a/avahi-core/server.c | ||
24 | +++ b/avahi-core/server.c | ||
25 | @@ -1295,7 +1295,11 @@ static void update_fqdn(AvahiServer *s) { | ||
26 | } | ||
27 | |||
28 | int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { | ||
29 | - char *hn = NULL; | ||
30 | + char label_escaped[AVAHI_LABEL_MAX*4+1]; | ||
31 | + char label[AVAHI_LABEL_MAX]; | ||
32 | + char *hn = NULL, *h; | ||
33 | + size_t len; | ||
34 | + | ||
35 | assert(s); | ||
36 | |||
37 | AVAHI_CHECK_VALIDITY(s, !host_name || avahi_is_valid_host_name(host_name), AVAHI_ERR_INVALID_HOST_NAME); | ||
38 | @@ -1305,17 +1309,28 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { | ||
39 | else | ||
40 | hn = avahi_normalize_name_strdup(host_name); | ||
41 | |||
42 | - hn[strcspn(hn, ".")] = 0; | ||
43 | + h = hn; | ||
44 | + if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) { | ||
45 | + avahi_free(h); | ||
46 | + return AVAHI_ERR_INVALID_HOST_NAME; | ||
47 | + } | ||
48 | + | ||
49 | + avahi_free(h); | ||
50 | + | ||
51 | + h = label_escaped; | ||
52 | + len = sizeof(label_escaped); | ||
53 | + if (!avahi_escape_label(label, strlen(label), &h, &len)) | ||
54 | + return AVAHI_ERR_INVALID_HOST_NAME; | ||
55 | |||
56 | - if (avahi_domain_equal(s->host_name, hn) && s->state != AVAHI_SERVER_COLLISION) { | ||
57 | - avahi_free(hn); | ||
58 | + if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION) | ||
59 | return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE); | ||
60 | - } | ||
61 | |||
62 | withdraw_host_rrs(s); | ||
63 | |||
64 | avahi_free(s->host_name); | ||
65 | - s->host_name = hn; | ||
66 | + s->host_name = avahi_strdup(label_escaped); | ||
67 | + if (!s->host_name) | ||
68 | + return AVAHI_ERR_NO_MEMORY; | ||
69 | |||
70 | update_fqdn(s); | ||
71 | |||
72 | -- | ||
73 | 2.40.0 | ||
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch new file mode 100644 index 0000000000..44737bfc2e --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch | |||
@@ -0,0 +1,52 @@ | |||
1 | From b675f70739f404342f7f78635d6e2dcd85a13460 Mon Sep 17 00:00:00 2001 | ||
2 | From: Evgeny Vereshchagin <evvers@ya.ru> | ||
3 | Date: Tue, 24 Oct 2023 22:04:51 +0000 | ||
4 | Subject: [PATCH] core: return errors from avahi_server_set_host_name properly | ||
5 | |||
6 | It's a follow-up to 894f085f402e023a98cbb6f5a3d117bd88d93b09 | ||
7 | |||
8 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38471-2.patch?h=ubuntu/jammy-security | ||
9 | Upstream commit https://github.com/lathiat/avahi/commit/b675f70739f404342f7f78635d6e2dcd85a13460] | ||
10 | CVE: CVE-2023-38471 #Follow-up Patch | ||
11 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
12 | --- | ||
13 | avahi-core/server.c | 9 ++++++--- | ||
14 | 1 file changed, 6 insertions(+), 3 deletions(-) | ||
15 | |||
16 | Index: avahi-0.8/avahi-core/server.c | ||
17 | =================================================================== | ||
18 | --- avahi-0.8.orig/avahi-core/server.c | ||
19 | +++ avahi-0.8/avahi-core/server.c | ||
20 | @@ -1309,10 +1309,13 @@ int avahi_server_set_host_name(AvahiServ | ||
21 | else | ||
22 | hn = avahi_normalize_name_strdup(host_name); | ||
23 | |||
24 | + if (!hn) | ||
25 | + return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); | ||
26 | + | ||
27 | h = hn; | ||
28 | if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) { | ||
29 | avahi_free(h); | ||
30 | - return AVAHI_ERR_INVALID_HOST_NAME; | ||
31 | + return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); | ||
32 | } | ||
33 | |||
34 | avahi_free(h); | ||
35 | @@ -1320,7 +1323,7 @@ int avahi_server_set_host_name(AvahiServ | ||
36 | h = label_escaped; | ||
37 | len = sizeof(label_escaped); | ||
38 | if (!avahi_escape_label(label, strlen(label), &h, &len)) | ||
39 | - return AVAHI_ERR_INVALID_HOST_NAME; | ||
40 | + return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); | ||
41 | |||
42 | if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION) | ||
43 | return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE); | ||
44 | @@ -1330,7 +1333,7 @@ int avahi_server_set_host_name(AvahiServ | ||
45 | avahi_free(s->host_name); | ||
46 | s->host_name = avahi_strdup(label_escaped); | ||
47 | if (!s->host_name) | ||
48 | - return AVAHI_ERR_NO_MEMORY; | ||
49 | + return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); | ||
50 | |||
51 | update_fqdn(s); | ||
52 | |||
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch new file mode 100644 index 0000000000..85dbded73b --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch | |||
@@ -0,0 +1,46 @@ | |||
1 | From b024ae5749f4aeba03478e6391687c3c9c8dee40 Mon Sep 17 00:00:00 2001 | ||
2 | From: Michal Sekletar <msekleta@redhat.com> | ||
3 | Date: Thu, 19 Oct 2023 17:36:44 +0200 | ||
4 | Subject: [PATCH] core: make sure there is rdata to process before parsing it | ||
5 | |||
6 | Fixes #452 | ||
7 | |||
8 | CVE-2023-38472 | ||
9 | |||
10 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38472.patch?h=ubuntu/jammy-security | ||
11 | Upstream commit https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40] | ||
12 | CVE: CVE-2023-38472 | ||
13 | Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> | ||
14 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
15 | --- | ||
16 | avahi-client/client-test.c | 3 +++ | ||
17 | avahi-daemon/dbus-entry-group.c | 2 +- | ||
18 | 2 files changed, 4 insertions(+), 1 deletion(-) | ||
19 | |||
20 | Index: avahi-0.8/avahi-client/client-test.c | ||
21 | =================================================================== | ||
22 | --- avahi-0.8.orig/avahi-client/client-test.c | ||
23 | +++ avahi-0.8/avahi-client/client-test.c | ||
24 | @@ -272,6 +272,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA | ||
25 | assert(error == AVAHI_ERR_INVALID_RECORD); | ||
26 | avahi_string_list_free(txt); | ||
27 | |||
28 | + error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0); | ||
29 | + assert(error != AVAHI_OK); | ||
30 | + | ||
31 | avahi_entry_group_commit (group); | ||
32 | |||
33 | domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u"); | ||
34 | Index: avahi-0.8/avahi-daemon/dbus-entry-group.c | ||
35 | =================================================================== | ||
36 | --- avahi-0.8.orig/avahi-daemon/dbus-entry-group.c | ||
37 | +++ avahi-0.8/avahi-daemon/dbus-entry-group.c | ||
38 | @@ -340,7 +340,7 @@ DBusHandlerResult avahi_dbus_msg_entry_g | ||
39 | if (!(r = avahi_record_new_full (name, clazz, type, ttl))) | ||
40 | return avahi_dbus_respond_error(c, m, AVAHI_ERR_NO_MEMORY, NULL); | ||
41 | |||
42 | - if (avahi_rdata_parse (r, rdata, size) < 0) { | ||
43 | + if (!rdata || avahi_rdata_parse (r, rdata, size) < 0) { | ||
44 | avahi_record_unref (r); | ||
45 | return avahi_dbus_respond_error(c, m, AVAHI_ERR_INVALID_RDATA, NULL); | ||
46 | } | ||
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch new file mode 100644 index 0000000000..707acb60fe --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch | |||
@@ -0,0 +1,110 @@ | |||
1 | From 88cbbc48d5efff9726694557ca6c3f698f3affe4 Mon Sep 17 00:00:00 2001 | ||
2 | From: Michal Sekletar <msekleta@redhat.com> | ||
3 | Date: Wed, 11 Oct 2023 17:45:44 +0200 | ||
4 | Subject: [PATCH] avahi: common: derive alternative host name from its | ||
5 | unescaped version | ||
6 | |||
7 | Normalization of input makes sure we don't have to deal with special | ||
8 | cases like unescaped dot at the end of label. | ||
9 | |||
10 | Fixes #451 #487 | ||
11 | |||
12 | Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797] | ||
13 | CVE: CVE-2023-38473 | ||
14 | |||
15 | Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> | ||
16 | --- | ||
17 | avahi-common/alternative-test.c | 3 +++ | ||
18 | avahi-common/alternative.c | 27 +++++++++++++++++++-------- | ||
19 | 2 files changed, 22 insertions(+), 8 deletions(-) | ||
20 | |||
21 | diff --git a/avahi-common/alternative-test.c b/avahi-common/alternative-test.c | ||
22 | index 9255435..681fc15 100644 | ||
23 | --- a/avahi-common/alternative-test.c | ||
24 | +++ b/avahi-common/alternative-test.c | ||
25 | @@ -31,6 +31,9 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) { | ||
26 | const char* const test_strings[] = { | ||
27 | "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", | ||
28 | "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXüüüüüüü", | ||
29 | + ").", | ||
30 | + "\\.", | ||
31 | + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\\\", | ||
32 | "gurke", | ||
33 | "-", | ||
34 | " #", | ||
35 | diff --git a/avahi-common/alternative.c b/avahi-common/alternative.c | ||
36 | index b3d39f0..a094e6d 100644 | ||
37 | --- a/avahi-common/alternative.c | ||
38 | +++ b/avahi-common/alternative.c | ||
39 | @@ -49,15 +49,20 @@ static void drop_incomplete_utf8(char *c) { | ||
40 | } | ||
41 | |||
42 | char *avahi_alternative_host_name(const char *s) { | ||
43 | + char label[AVAHI_LABEL_MAX], alternative[AVAHI_LABEL_MAX*4+1]; | ||
44 | + char *alt, *r, *ret; | ||
45 | const char *e; | ||
46 | - char *r; | ||
47 | + size_t len; | ||
48 | |||
49 | assert(s); | ||
50 | |||
51 | if (!avahi_is_valid_host_name(s)) | ||
52 | return NULL; | ||
53 | |||
54 | - if ((e = strrchr(s, '-'))) { | ||
55 | + if (!avahi_unescape_label(&s, label, sizeof(label))) | ||
56 | + return NULL; | ||
57 | + | ||
58 | + if ((e = strrchr(label, '-'))) { | ||
59 | const char *p; | ||
60 | |||
61 | e++; | ||
62 | @@ -74,19 +79,18 @@ char *avahi_alternative_host_name(const char *s) { | ||
63 | |||
64 | if (e) { | ||
65 | char *c, *m; | ||
66 | - size_t l; | ||
67 | int n; | ||
68 | |||
69 | n = atoi(e)+1; | ||
70 | if (!(m = avahi_strdup_printf("%i", n))) | ||
71 | return NULL; | ||
72 | |||
73 | - l = e-s-1; | ||
74 | + len = e-label-1; | ||
75 | |||
76 | - if (l >= AVAHI_LABEL_MAX-1-strlen(m)-1) | ||
77 | - l = AVAHI_LABEL_MAX-1-strlen(m)-1; | ||
78 | + if (len >= AVAHI_LABEL_MAX-1-strlen(m)-1) | ||
79 | + len = AVAHI_LABEL_MAX-1-strlen(m)-1; | ||
80 | |||
81 | - if (!(c = avahi_strndup(s, l))) { | ||
82 | + if (!(c = avahi_strndup(label, len))) { | ||
83 | avahi_free(m); | ||
84 | return NULL; | ||
85 | } | ||
86 | @@ -100,7 +104,7 @@ char *avahi_alternative_host_name(const char *s) { | ||
87 | } else { | ||
88 | char *c; | ||
89 | |||
90 | - if (!(c = avahi_strndup(s, AVAHI_LABEL_MAX-1-2))) | ||
91 | + if (!(c = avahi_strndup(label, AVAHI_LABEL_MAX-1-2))) | ||
92 | return NULL; | ||
93 | |||
94 | drop_incomplete_utf8(c); | ||
95 | @@ -109,6 +113,13 @@ char *avahi_alternative_host_name(const char *s) { | ||
96 | avahi_free(c); | ||
97 | } | ||
98 | |||
99 | + alt = alternative; | ||
100 | + len = sizeof(alternative); | ||
101 | + ret = avahi_escape_label(r, strlen(r), &alt, &len); | ||
102 | + | ||
103 | + avahi_free(r); | ||
104 | + r = avahi_strdup(ret); | ||
105 | + | ||
106 | assert(avahi_is_valid_host_name(r)); | ||
107 | |||
108 | return r; | ||
109 | -- | ||
110 | 2.40.0 | ||
diff --git a/meta/recipes-connectivity/avahi/files/handle-hup.patch b/meta/recipes-connectivity/avahi/files/handle-hup.patch new file mode 100644 index 0000000000..26632e5443 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/handle-hup.patch | |||
@@ -0,0 +1,41 @@ | |||
1 | CVE: CVE-2021-3468 | ||
2 | Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/330] | ||
3 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
4 | |||
5 | From 447affe29991ee99c6b9732fc5f2c1048a611d3b Mon Sep 17 00:00:00 2001 | ||
6 | From: Riccardo Schirone <sirmy15@gmail.com> | ||
7 | Date: Fri, 26 Mar 2021 11:50:24 +0100 | ||
8 | Subject: [PATCH] Avoid infinite-loop in avahi-daemon by handling HUP event in | ||
9 | client_work | ||
10 | |||
11 | If a client fills the input buffer, client_work() disables the | ||
12 | AVAHI_WATCH_IN event, thus preventing the function from executing the | ||
13 | `read` syscall the next times it is called. However, if the client then | ||
14 | terminates the connection, the socket file descriptor receives a HUP | ||
15 | event, which is not handled, thus the kernel keeps marking the HUP event | ||
16 | as occurring. While iterating over the file descriptors that triggered | ||
17 | an event, the client file descriptor will keep having the HUP event and | ||
18 | the client_work() function is always called with AVAHI_WATCH_HUP but | ||
19 | without nothing being done, thus entering an infinite loop. | ||
20 | |||
21 | See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938 | ||
22 | --- | ||
23 | avahi-daemon/simple-protocol.c | 5 +++++ | ||
24 | 1 file changed, 5 insertions(+) | ||
25 | |||
26 | diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c | ||
27 | index 3e0ebb11..6c0274d6 100644 | ||
28 | --- a/avahi-daemon/simple-protocol.c | ||
29 | +++ b/avahi-daemon/simple-protocol.c | ||
30 | @@ -424,6 +424,11 @@ static void client_work(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AvahiWatchEv | ||
31 | } | ||
32 | } | ||
33 | |||
34 | + if (events & AVAHI_WATCH_HUP) { | ||
35 | + client_free(c); | ||
36 | + return; | ||
37 | + } | ||
38 | + | ||
39 | c->server->poll_api->watch_update( | ||
40 | watch, | ||
41 | (c->outbuf_length > 0 ? AVAHI_WATCH_OUT : 0) | | ||
diff --git a/meta/recipes-connectivity/avahi/files/invalid-service.patch b/meta/recipes-connectivity/avahi/files/invalid-service.patch new file mode 100644 index 0000000000..8f188aff2c --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/invalid-service.patch | |||
@@ -0,0 +1,29 @@ | |||
1 | From 46490e95151d415cd22f02565e530eb5efcef680 Mon Sep 17 00:00:00 2001 | ||
2 | From: Asger Hautop Drewsen <asger@princh.com> | ||
3 | Date: Mon, 9 Aug 2021 14:25:08 +0200 | ||
4 | Subject: [PATCH] Fix avahi-browse: Invalid service type | ||
5 | |||
6 | Invalid service types will stop the browse from completing, or | ||
7 | in simple terms "my washing machine stops me from printing". | ||
8 | |||
9 | Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/472] | ||
10 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
11 | --- | ||
12 | avahi-core/browse-service.c | 4 +++- | ||
13 | 1 file changed, 3 insertions(+), 1 deletion(-) | ||
14 | |||
15 | diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c | ||
16 | index 63e0275a..ac3d2ecb 100644 | ||
17 | --- a/avahi-core/browse-service.c | ||
18 | +++ b/avahi-core/browse-service.c | ||
19 | @@ -103,7 +103,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_prepare( | ||
20 | AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_PROTO_VALID(protocol), AVAHI_ERR_INVALID_PROTOCOL); | ||
21 | AVAHI_CHECK_VALIDITY_RETURN_NULL(server, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME); | ||
22 | AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_FLAGS_VALID(flags, AVAHI_LOOKUP_USE_WIDE_AREA|AVAHI_LOOKUP_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS); | ||
23 | - AVAHI_CHECK_VALIDITY_RETURN_NULL(server, avahi_is_valid_service_type_generic(service_type), AVAHI_ERR_INVALID_SERVICE_TYPE); | ||
24 | + | ||
25 | + if (!avahi_is_valid_service_type_generic(service_type)) | ||
26 | + service_type = "_invalid._tcp"; | ||
27 | |||
28 | if (!domain) | ||
29 | domain = server->domain_name; | ||
diff --git a/meta/recipes-connectivity/avahi/files/local-ping.patch b/meta/recipes-connectivity/avahi/files/local-ping.patch new file mode 100644 index 0000000000..29c192d296 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/local-ping.patch | |||
@@ -0,0 +1,153 @@ | |||
1 | CVE: CVE-2021-36217 | ||
2 | CVE: CVE-2021-3502 | ||
3 | Upstream-Status: Backport | ||
4 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
5 | |||
6 | From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001 | ||
7 | From: Tommi Rantala <tommi.t.rantala@nokia.com> | ||
8 | Date: Mon, 8 Feb 2021 11:04:43 +0200 | ||
9 | Subject: [PATCH] Fix NULL pointer crashes from #175 | ||
10 | |||
11 | avahi-daemon is crashing when running "ping .local". | ||
12 | The crash is due to failing assertion from NULL pointer. | ||
13 | Add missing NULL pointer checks to fix it. | ||
14 | |||
15 | Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd | ||
16 | --- | ||
17 | avahi-core/browse-dns-server.c | 5 ++++- | ||
18 | avahi-core/browse-domain.c | 5 ++++- | ||
19 | avahi-core/browse-service-type.c | 3 +++ | ||
20 | avahi-core/browse-service.c | 3 +++ | ||
21 | avahi-core/browse.c | 3 +++ | ||
22 | avahi-core/resolve-address.c | 5 ++++- | ||
23 | avahi-core/resolve-host-name.c | 5 ++++- | ||
24 | avahi-core/resolve-service.c | 5 ++++- | ||
25 | 8 files changed, 29 insertions(+), 5 deletions(-) | ||
26 | |||
27 | diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c | ||
28 | index 049752e9..c2d914fa 100644 | ||
29 | --- a/avahi-core/browse-dns-server.c | ||
30 | +++ b/avahi-core/browse-dns-server.c | ||
31 | @@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new( | ||
32 | AvahiSDNSServerBrowser* b; | ||
33 | |||
34 | b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata); | ||
35 | + if (!b) | ||
36 | + return NULL; | ||
37 | + | ||
38 | avahi_s_dns_server_browser_start(b); | ||
39 | |||
40 | return b; | ||
41 | -} | ||
42 | \ No newline at end of file | ||
43 | +} | ||
44 | diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c | ||
45 | index f145d56a..06fa70c0 100644 | ||
46 | --- a/avahi-core/browse-domain.c | ||
47 | +++ b/avahi-core/browse-domain.c | ||
48 | @@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new( | ||
49 | AvahiSDomainBrowser *b; | ||
50 | |||
51 | b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata); | ||
52 | + if (!b) | ||
53 | + return NULL; | ||
54 | + | ||
55 | avahi_s_domain_browser_start(b); | ||
56 | |||
57 | return b; | ||
58 | -} | ||
59 | \ No newline at end of file | ||
60 | +} | ||
61 | diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c | ||
62 | index fdd22dcd..b1fc7af8 100644 | ||
63 | --- a/avahi-core/browse-service-type.c | ||
64 | +++ b/avahi-core/browse-service-type.c | ||
65 | @@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new( | ||
66 | AvahiSServiceTypeBrowser *b; | ||
67 | |||
68 | b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata); | ||
69 | + if (!b) | ||
70 | + return NULL; | ||
71 | + | ||
72 | avahi_s_service_type_browser_start(b); | ||
73 | |||
74 | return b; | ||
75 | diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c | ||
76 | index 5531360c..63e0275a 100644 | ||
77 | --- a/avahi-core/browse-service.c | ||
78 | +++ b/avahi-core/browse-service.c | ||
79 | @@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new( | ||
80 | AvahiSServiceBrowser *b; | ||
81 | |||
82 | b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata); | ||
83 | + if (!b) | ||
84 | + return NULL; | ||
85 | + | ||
86 | avahi_s_service_browser_start(b); | ||
87 | |||
88 | return b; | ||
89 | diff --git a/avahi-core/browse.c b/avahi-core/browse.c | ||
90 | index 2941e579..e8a915e9 100644 | ||
91 | --- a/avahi-core/browse.c | ||
92 | +++ b/avahi-core/browse.c | ||
93 | @@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new( | ||
94 | AvahiSRecordBrowser *b; | ||
95 | |||
96 | b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata); | ||
97 | + if (!b) | ||
98 | + return NULL; | ||
99 | + | ||
100 | avahi_s_record_browser_start_query(b); | ||
101 | |||
102 | return b; | ||
103 | diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c | ||
104 | index ac0b29b1..e61dd242 100644 | ||
105 | --- a/avahi-core/resolve-address.c | ||
106 | +++ b/avahi-core/resolve-address.c | ||
107 | @@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new( | ||
108 | AvahiSAddressResolver *b; | ||
109 | |||
110 | b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata); | ||
111 | + if (!b) | ||
112 | + return NULL; | ||
113 | + | ||
114 | avahi_s_address_resolver_start(b); | ||
115 | |||
116 | return b; | ||
117 | -} | ||
118 | \ No newline at end of file | ||
119 | +} | ||
120 | diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c | ||
121 | index 808b0e72..4e8e5973 100644 | ||
122 | --- a/avahi-core/resolve-host-name.c | ||
123 | +++ b/avahi-core/resolve-host-name.c | ||
124 | @@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new( | ||
125 | AvahiSHostNameResolver *b; | ||
126 | |||
127 | b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata); | ||
128 | + if (!b) | ||
129 | + return NULL; | ||
130 | + | ||
131 | avahi_s_host_name_resolver_start(b); | ||
132 | |||
133 | return b; | ||
134 | -} | ||
135 | \ No newline at end of file | ||
136 | +} | ||
137 | diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c | ||
138 | index 66bf3cae..43771763 100644 | ||
139 | --- a/avahi-core/resolve-service.c | ||
140 | +++ b/avahi-core/resolve-service.c | ||
141 | @@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new( | ||
142 | AvahiSServiceResolver *b; | ||
143 | |||
144 | b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata); | ||
145 | + if (!b) | ||
146 | + return NULL; | ||
147 | + | ||
148 | avahi_s_service_resolver_start(b); | ||
149 | |||
150 | return b; | ||
151 | -} | ||
152 | \ No newline at end of file | ||
153 | +} | ||