net-snmp: uprev it to 5.7.2.1

Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
author: Roy Li <rongqing.li@windriver.com> 2014-08-12 19:06:33 +0800
committer: Martin Jansa <Martin.Jansa@gmail.com> 2014-08-13 23:28:06 +0200
commit: 434d5d8d6cf3c5c3aa2f3299612419f82e42a48f (patch)
tree: 0f8dfe2e36136635b2ad23ce719608020f23ea19
parent: 61362da81197584c23125e5dcef7a7d8a550c877 (diff)
download: meta-openembedded-434d5d8d6cf3c5c3aa2f3299612419f82e42a48f.tar.gz
3 files changed, 3 insertions, 159 deletions
diff --git a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch b/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch
deleted file mode 100644
index 4ad906432e..0000000000
--- a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch
+++ /dev/null
@@ -1,126 +0,0 @@
-diff -urpN a/agent/mibgroup/mibII/icmp.c b/agent/mibgroup/mibII/icmp.c
--- a/agent/mibgroup/mibII/icmp.c
-+++ b/agent/mibgroup/mibII/icmp.c
-@@ -106,10 +106,20 @@ struct icmp_msg_stats_table_entry {
-         int flags;
- };
- 
-+#ifdef linux
-+/* Linux keeps track of all possible message types */
-+#define ICMP_MSG_STATS_IPV4_COUNT 256
-+#else
- #define ICMP_MSG_STATS_IPV4_COUNT 11
-+#endif
- 
- #ifdef NETSNMP_ENABLE_IPV6
-+#ifdef linux
-+/* Linux keeps track of all possible message types */
-+#define ICMP_MSG_STATS_IPV6_COUNT 256
-+#else
- #define ICMP_MSG_STATS_IPV6_COUNT 14
-+#endif
- #else
- #define ICMP_MSG_STATS_IPV6_COUNT 0
- #endif /* NETSNMP_ENABLE_IPV6 */
-@@ -177,7 +187,7 @@ icmp_msg_stats_load(netsnmp_cache *cache
-     inc = 0;
-     linux_read_icmp_msg_stat(&v4icmp, &v4icmpmsg, &flag);
-     if (flag) {
-        while (254 != k) {
-+        while (255 >= k) {
-             if (v4icmpmsg.vals[k].InType) {
-                 icmp_msg_stats_table[i].ipVer = 1;
-                 icmp_msg_stats_table[i].icmpMsgStatsType = k;
-@@ -1050,6 +1060,12 @@ icmp_stats_table_handler(netsnmp_mib_han
-                                        continue;
-                                table_info = netsnmp_extract_table_info(request);
-                                subid      = table_info->colnum;
-+                               DEBUGMSGTL(( "mibII/icmpStatsTable", "oid: " ));
-+                               DEBUGMSGOID(( "mibII/icmpStatsTable", request->requestvb->name,
-+                                                request->requestvb->name_length ));
-+                               DEBUGMSG(( "mibII/icmpStatsTable", " In %d InErr %d Out %d OutErr %d\n",
-+                                             entry->icmpStatsInMsgs, entry->icmpStatsInErrors,
-+                                             entry->icmpStatsOutMsgs, entry->icmpStatsOutErrors ));
- 
-                                switch (subid) {
-                                        case ICMP_STAT_INMSG:
-@@ -1117,6 +1133,11 @@ icmp_msg_stats_table_handler(netsnmp_mib
-                     continue;
-                 table_info = netsnmp_extract_table_info(request);
-                 subid = table_info->colnum;
-+               DEBUGMSGTL(( "mibII/icmpMsgStatsTable", "oid: " ));
-+               DEBUGMSGOID(( "mibII/icmpMsgStatsTable", request->requestvb->name,
-+                               request->requestvb->name_length ));
-+               DEBUGMSG(( "mibII/icmpMsgStatsTable", " In %d Out %d Flags 0x%x\n",
-+                               entry->icmpMsgStatsInPkts, entry->icmpMsgStatsOutPkts, entry->flags ));
- 
-                 switch (subid) {
-                     case ICMP_MSG_STAT_IN_PKTS:
-diff -urpN a/agent/mibgroup/mibII/kernel_linux.c b/agent/mibgroup/mibII/kernel_linux.c
--- a/agent/mibgroup/mibII/kernel_linux.c
-+++ b/agent/mibgroup/mibII/kernel_linux.c
-@@ -81,9 +81,9 @@ decode_icmp_msg(char *line, char *data, 
-             index = strtol(token, &delim, 0);
-             if (ERANGE == errno) {
-                 continue;
-            } else if (index > LONG_MAX) {
-+            } else if (index > 255) {
-                 continue;
-            } else if (index < LONG_MIN) {
-+            } else if (index < 0) {
-                 continue;
-             }
-             if (NULL == (token = strtok_r(dataptr, " ", &saveptr1)))
-@@ -94,9 +94,9 @@ decode_icmp_msg(char *line, char *data, 
-             index = strtol(token, &delim, 0);
-             if (ERANGE == errno) {
-                 continue;
-            } else if (index > LONG_MAX) {
-+            } else if (index > 255) {
-                 continue;
-            } else if (index < LONG_MIN) {
-+            } else if (index < 0) {
-                 continue;
-             }
-             if(NULL == (token = strtok_r(dataptr, " ", &saveptr1)))
-@@ -426,14 +426,21 @@ linux_read_icmp6_parse(struct icmp6_mib 
- 
-         vals = name;
-         if (NULL != icmp6msgstat) {
-+            int type;
-             if (0 == strncmp(name, "Icmp6OutType", 12)) {
-                 strsep(&vals, "e");
-                icmp6msgstat->vals[atoi(vals)].OutType = stats;
-+                type = atoi(vals);
-+                if ( type < 0 || type > 255 )
-+                    continue;
-+                icmp6msgstat->vals[type].OutType = stats;
-                 *support = 1;
-                 continue;
-             } else if (0 == strncmp(name, "Icmp6InType", 11)) {
-                 strsep(&vals, "e");
-                icmp6msgstat->vals[atoi(vals)].InType = stats;
-+                type = atoi(vals);
-+                if ( type < 0 || type > 255 )
-+                    continue;
-+                icmp6msgstat->vals[type].OutType = stats;
-                 *support = 1;
-                 continue;
-             }
-diff -urpN a/agent/mibgroup/mibII/kernel_linux.h b/agent/mibgroup/mibII/kernel_linux.h
--- a/agent/mibgroup/mibII/kernel_linux.h
-+++ b/agent/mibgroup/mibII/kernel_linux.h
-@@ -121,11 +121,11 @@ struct icmp_msg_mib {
- 
- /* Lets use wrapper structures for future expansion */
- struct icmp4_msg_mib {
-    struct icmp_msg_mib vals[255];
-+    struct icmp_msg_mib vals[256];
- };
- 
- struct icmp6_msg_mib {
-    struct icmp_msg_mib vals[255];
-+    struct icmp_msg_mib vals[256];
- };
- 
- struct udp_mib {
diff --git a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch b/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch
deleted file mode 100644
index 8267eeb75d..0000000000
--- a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch
+++ /dev/null
@@ -1,26 +0,0 @@
--- a/perl/TrapReceiver/TrapReceiver.xs
-+++ b/perl/TrapReceiver/TrapReceiver.xs
-@@ -81,18 +81,18 @@ int   perl_trapd_handler( netsnmp_pdu   
-         STOREPDUi("securitymodel", pdu->securityModel);
-         STOREPDUi("securitylevel", pdu->securityLevel);
-         STOREPDU("contextName",
-                 newSVpv(pdu->contextName, pdu->contextNameLen));
-+                 newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen));
-         STOREPDU("contextEngineID",
-                 newSVpv((char *) pdu->contextEngineID,
-+                 newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "",
-                                     pdu->contextEngineIDLen));
-         STOREPDU("securityEngineID",
-                 newSVpv((char *) pdu->securityEngineID,
-+                 newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "",
-                                     pdu->securityEngineIDLen));
-         STOREPDU("securityName",
-                 newSVpv((char *) pdu->securityName, pdu->securityNameLen));
-+                 newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen));
-     } else {
-         STOREPDU("community",
-                 newSVpv((char *) pdu->community, pdu->community_len));
-+                 newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len));
-     }
- 
-     if (transport && transport->f_fmtaddr) {
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb
index f1e3a5d349..eb97748306 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb
@@ -6,9 +6,7 @@ LIC_FILES_CHKSUM = "file://README;beginline=3;endline=8;md5=7f7f00ba639ac8e8deb5
 DEPENDS = "openssl libnl pciutils"
-PR = "r1"
+SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.zip \
-SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \
        file://init \
        file://snmpd.conf \
        file://snmptrapd.conf \
@@ -16,12 +14,10 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \
        file://snmpd.service \
        file://snmptrapd.service \
        file://ifmib.patch \
-        file://net-snmp-5.7.2-fix-CVE-2014-2284.patch \
-        file://net-snmp-5.7.2-fix-CVE-2014-2285.patch \
 "
-SRC_URI[md5sum] = "5bddd02e2f82b62daa79f82717737a14"
+SRC_URI[md5sum] = "a2c83518648b0f2a5d378625e45c0e18"
-SRC_URI[sha256sum] = "09ed31b4cc1f3c0411ef9a16eff79ef3b30d89c32ca46d5a01a41826c4ceb816"
+SRC_URI[sha256sum] = "ac9105539971f7cfb1456a86d479e18e8a8b3712212595ad40504347ba5843da"
 inherit autotools update-rc.d siteinfo systemd
author	Roy Li <rongqing.li@windriver.com>	2014-08-12 19:06:33 +0800
committer	Martin Jansa <Martin.Jansa@gmail.com>	2014-08-13 23:28:06 +0200
commit	434d5d8d6cf3c5c3aa2f3299612419f82e42a48f (patch)
tree	0f8dfe2e36136635b2ad23ce719608020f23ea19
parent	61362da81197584c23125e5dcef7a7d8a550c877 (diff)
download	meta-openembedded-434d5d8d6cf3c5c3aa2f3299612419f82e42a48f.tar.gz

diff --git a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch b/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch deleted file mode 100644 index 4ad906432e..0000000000 --- a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch +++ /dev/null
@@ -1,126 +0,0 @@
1	diff -urpN a/agent/mibgroup/mibII/icmp.c b/agent/mibgroup/mibII/icmp.c
2	--- a/agent/mibgroup/mibII/icmp.c
3	+++ b/agent/mibgroup/mibII/icmp.c
4	@@ -106,10 +106,20 @@ struct icmp_msg_stats_table_entry {
5	int flags;
6	};
7
8	+#ifdef linux
9	+/* Linux keeps track of all possible message types */
10	+#define ICMP_MSG_STATS_IPV4_COUNT 256
11	+#else
12	#define ICMP_MSG_STATS_IPV4_COUNT 11
13	+#endif
14
15	#ifdef NETSNMP_ENABLE_IPV6
16	+#ifdef linux
17	+/* Linux keeps track of all possible message types */
18	+#define ICMP_MSG_STATS_IPV6_COUNT 256
19	+#else
20	#define ICMP_MSG_STATS_IPV6_COUNT 14
21	+#endif
22	#else
23	#define ICMP_MSG_STATS_IPV6_COUNT 0
24	#endif /* NETSNMP_ENABLE_IPV6 */
25	@@ -177,7 +187,7 @@ icmp_msg_stats_load(netsnmp_cache *cache
26	inc = 0;
27	linux_read_icmp_msg_stat(&v4icmp, &v4icmpmsg, &flag);
28	if (flag) {
29	- while (254 != k) {
30	+ while (255 >= k) {
31	if (v4icmpmsg.vals[k].InType) {
32	icmp_msg_stats_table[i].ipVer = 1;
33	icmp_msg_stats_table[i].icmpMsgStatsType = k;
34	@@ -1050,6 +1060,12 @@ icmp_stats_table_handler(netsnmp_mib_han
35	continue;
36	table_info = netsnmp_extract_table_info(request);
37	subid = table_info->colnum;
38	+ DEBUGMSGTL(( "mibII/icmpStatsTable", "oid: " ));
39	+ DEBUGMSGOID(( "mibII/icmpStatsTable", request->requestvb->name,
40	+ request->requestvb->name_length ));
41	+ DEBUGMSG(( "mibII/icmpStatsTable", " In %d InErr %d Out %d OutErr %d\n",
42	+ entry->icmpStatsInMsgs, entry->icmpStatsInErrors,
43	+ entry->icmpStatsOutMsgs, entry->icmpStatsOutErrors ));
44
45	switch (subid) {
46	case ICMP_STAT_INMSG:
47	@@ -1117,6 +1133,11 @@ icmp_msg_stats_table_handler(netsnmp_mib
48	continue;
49	table_info = netsnmp_extract_table_info(request);
50	subid = table_info->colnum;
51	+ DEBUGMSGTL(( "mibII/icmpMsgStatsTable", "oid: " ));
52	+ DEBUGMSGOID(( "mibII/icmpMsgStatsTable", request->requestvb->name,
53	+ request->requestvb->name_length ));
54	+ DEBUGMSG(( "mibII/icmpMsgStatsTable", " In %d Out %d Flags 0x%x\n",
55	+ entry->icmpMsgStatsInPkts, entry->icmpMsgStatsOutPkts, entry->flags ));
56
57	switch (subid) {
58	case ICMP_MSG_STAT_IN_PKTS:
59	diff -urpN a/agent/mibgroup/mibII/kernel_linux.c b/agent/mibgroup/mibII/kernel_linux.c
60	--- a/agent/mibgroup/mibII/kernel_linux.c
61	+++ b/agent/mibgroup/mibII/kernel_linux.c
62	@@ -81,9 +81,9 @@ decode_icmp_msg(char line, char data,
63	index = strtol(token, &delim, 0);
64	if (ERANGE == errno) {
65	continue;
66	- } else if (index > LONG_MAX) {
67	+ } else if (index > 255) {
68	continue;
69	- } else if (index < LONG_MIN) {
70	+ } else if (index < 0) {
71	continue;
72	}
73	if (NULL == (token = strtok_r(dataptr, " ", &saveptr1)))
74	@@ -94,9 +94,9 @@ decode_icmp_msg(char line, char data,
75	index = strtol(token, &delim, 0);
76	if (ERANGE == errno) {
77	continue;
78	- } else if (index > LONG_MAX) {
79	+ } else if (index > 255) {
80	continue;
81	- } else if (index < LONG_MIN) {
82	+ } else if (index < 0) {
83	continue;
84	}
85	if(NULL == (token = strtok_r(dataptr, " ", &saveptr1)))
86	@@ -426,14 +426,21 @@ linux_read_icmp6_parse(struct icmp6_mib
87
88	vals = name;
89	if (NULL != icmp6msgstat) {
90	+ int type;
91	if (0 == strncmp(name, "Icmp6OutType", 12)) {
92	strsep(&vals, "e");
93	- icmp6msgstat->vals[atoi(vals)].OutType = stats;
94	+ type = atoi(vals);
95	+ if ( type < 0 \|\| type > 255 )
96	+ continue;
97	+ icmp6msgstat->vals[type].OutType = stats;
98	*support = 1;
99	continue;
100	} else if (0 == strncmp(name, "Icmp6InType", 11)) {
101	strsep(&vals, "e");
102	- icmp6msgstat->vals[atoi(vals)].InType = stats;
103	+ type = atoi(vals);
104	+ if ( type < 0 \|\| type > 255 )
105	+ continue;
106	+ icmp6msgstat->vals[type].OutType = stats;
107	*support = 1;
108	continue;
109	}
110	diff -urpN a/agent/mibgroup/mibII/kernel_linux.h b/agent/mibgroup/mibII/kernel_linux.h
111	--- a/agent/mibgroup/mibII/kernel_linux.h
112	+++ b/agent/mibgroup/mibII/kernel_linux.h
113	@@ -121,11 +121,11 @@ struct icmp_msg_mib {
114
115	/* Lets use wrapper structures for future expansion */
116	struct icmp4_msg_mib {
117	- struct icmp_msg_mib vals[255];
118	+ struct icmp_msg_mib vals[256];
119	};
120
121	struct icmp6_msg_mib {
122	- struct icmp_msg_mib vals[255];
123	+ struct icmp_msg_mib vals[256];
124	};
125
126	struct udp_mib {


diff --git a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch b/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch deleted file mode 100644 index 8267eeb75d..0000000000 --- a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch +++ /dev/null
@@ -1,26 +0,0 @@
1	--- a/perl/TrapReceiver/TrapReceiver.xs
2	+++ b/perl/TrapReceiver/TrapReceiver.xs
3	@@ -81,18 +81,18 @@ int perl_trapd_handler( netsnmp_pdu
4	STOREPDUi("securitymodel", pdu->securityModel);
5	STOREPDUi("securitylevel", pdu->securityLevel);
6	STOREPDU("contextName",
7	- newSVpv(pdu->contextName, pdu->contextNameLen));
8	+ newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen));
9	STOREPDU("contextEngineID",
10	- newSVpv((char *) pdu->contextEngineID,
11	+ newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "",
12	pdu->contextEngineIDLen));
13	STOREPDU("securityEngineID",
14	- newSVpv((char *) pdu->securityEngineID,
15	+ newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "",
16	pdu->securityEngineIDLen));
17	STOREPDU("securityName",
18	- newSVpv((char *) pdu->securityName, pdu->securityNameLen));
19	+ newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen));
20	} else {
21	STOREPDU("community",
22	- newSVpv((char *) pdu->community, pdu->community_len));
23	+ newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len));
24	}
25
26	if (transport && transport->f_fmtaddr) {


diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb index f1e3a5d349..eb97748306 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb
@@ -6,9 +6,7 @@ LIC_FILES_CHKSUM = "file://README;beginline=3;endline=8;md5=7f7f00ba639ac8e8deb5
6		6
7	DEPENDS = "openssl libnl pciutils"	7	DEPENDS = "openssl libnl pciutils"
8		8
9	PR = "r1"	9	SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.zip \
10
11	SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \
12	file://init \	10	file://init \
13	file://snmpd.conf \	11	file://snmpd.conf \
14	file://snmptrapd.conf \	12	file://snmptrapd.conf \
@@ -16,12 +14,10 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \
16	file://snmpd.service \	14	file://snmpd.service \
17	file://snmptrapd.service \	15	file://snmptrapd.service \
18	file://ifmib.patch \	16	file://ifmib.patch \
19	file://net-snmp-5.7.2-fix-CVE-2014-2284.patch \
20	file://net-snmp-5.7.2-fix-CVE-2014-2285.patch \
21	"	17	"
22		18
23	SRC_URI[md5sum] = "5bddd02e2f82b62daa79f82717737a14"	19	SRC_URI[md5sum] = "a2c83518648b0f2a5d378625e45c0e18"
24	SRC_URI[sha256sum] = "09ed31b4cc1f3c0411ef9a16eff79ef3b30d89c32ca46d5a01a41826c4ceb816"	20	SRC_URI[sha256sum] = "ac9105539971f7cfb1456a86d479e18e8a8b3712212595ad40504347ba5843da"
25		21
26	inherit autotools update-rc.d siteinfo systemd	22	inherit autotools update-rc.d siteinfo systemd
27		23