libpcap: Security fix for CVE-2023-7256 & CVE-2024-8006

Reference: https://security-tracker.debian.org/tracker/CVE-2023-7256 https://security-tracker.debian.org/tracker/CVE-2024-8006 Upstream commits: https://github.com/the-tcpdump-group/libpcap/commit/73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f https://github.com/the-tcpdump-group/libpcap/commit/2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6 (From OE-Core rev: 00e809013a51c1af4979bcff0b3ae3eb7a4d4a20) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Vijay Anusuri <vanusuri@mvista.com> 2024-09-18 16:39:49 +0530
committer: Steve Sakoman <steve@sakoman.com> 2024-09-25 05:07:47 -0700
commit: 263e0c2f1ab5f7c86a7698d4d2b4c4a70dc6f418 (patch)
tree: 6a9bd0f3189d64c083584213d8ec34205b66ad54 /meta/recipes-connectivity
parent: 5413343d48e1da4a47236c569064b9d167d1f8f1 (diff)
download: poky-263e0c2f1ab5f7c86a7698d4d2b4c4a70dc6f418.tar.gz
4 files changed, 450 insertions, 1 deletions
diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch
new file mode 100644
index 0000000000..64abfb85cd
--- /dev/null
+++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch
@@ -0,0 +1,37 @@
+From 73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f Mon Sep 17 00:00:00 2001
+From: Rose <83477269+AtariDreams@users.noreply.github.com>
+Date: Tue, 16 May 2023 12:37:11 -0400
+Subject: [PATCH] Remove unused variable retval in sock_present2network
+This quiets the compiler since it is not even returned anyway, and is a misleading variable name.
+(cherry picked from commit c7b90298984c46d820d3cee79a96d24870b5f200)
+Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f]
+CVE: CVE-2023-7256 #Dependency Patch
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ sockutils.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+diff --git a/sockutils.c b/sockutils.c
+index 1c07f76fd1..6752f296af 100644
+--- a/sockutils.c
+++ b/sockutils.c
+@@ -2082,7 +2082,6 @@ int sock_getascii_addrport(const struct sockaddr_storage *sockaddr, char *addres
+  */
+ int sock_present2network(const char *address, struct sockaddr_storage *sockaddr, int addr_family, char *errbuf, int errbuflen)
+ {
+-       int retval;
+        struct addrinfo *addrinfo;
+        struct addrinfo hints;
+ 
+@@ -2090,7 +2089,7 @@ int sock_present2network(const char *address, struct sockaddr_storage *sockaddr,
+ 
+        hints.ai_family = addr_family;
+ 
+-       if ((retval = sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen)) == -1)
+       if (sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen) == -1)
+                return 0;
+ 
+        if (addrinfo->ai_family == PF_INET)
diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch
new file mode 100644
index 0000000000..fffcb2704a
--- /dev/null
+++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch
@@ -0,0 +1,365 @@
+From 2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d Mon Sep 17 00:00:00 2001
+From: Guy Harris <gharris@sonic.net>
+Date: Thu, 28 Sep 2023 00:37:57 -0700
+Subject: [PATCH] Have sock_initaddress() return the list of addrinfo
+ structures or NULL.
+Its return address is currently 0 for success and -1 for failure, with a
+pointer to the first element of the list of struct addrinfos returned
+through a pointer on success; change it to return that pointer on
+success and NULL on failure.
+That way, we don't have to worry about what happens to the pointer
+pointeed to by the argument in question on failure; we know that we got
+NULL back if no struct addrinfos were found because getaddrinfo()
+failed.  Thus, we know that we have something to free iff
+sock_initaddress() returned a pointer to that something rather than
+returning NULL.
+This avoids a double-free in some cases.
+This is apparently CVE-2023-40400.
+(backported from commit 262e4f34979872d822ccedf9f318ed89c4d31c03)
+Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d]
+CVE: CVE-2023-7256
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ pcap-rpcap.c    | 48 ++++++++++++++++++++--------------------
+ rpcapd/daemon.c |  8 +++++--
+ rpcapd/rpcapd.c |  8 +++++--
+ sockutils.c     | 58 ++++++++++++++++++++++++++++---------------------
+ sockutils.h     |  5 ++---
+ 5 files changed, 72 insertions(+), 55 deletions(-)
+diff --git a/pcap-rpcap.c b/pcap-rpcap.c
+index ef0cd6e49c..f1992e4aea 100644
+--- a/pcap-rpcap.c
+++ b/pcap-rpcap.c
+@@ -1024,7 +1024,6 @@ rpcap_remoteact_getsock(const char *host, int *error, char *errbuf)
+ {
+        struct activehosts *temp;                       /* temp var needed to scan the host list chain */
+        struct addrinfo hints, *addrinfo, *ai_next;     /* temp var needed to translate between hostname to its address */
+-       int retval;
+ 
+        /* retrieve the network address corresponding to 'host' */
+        addrinfo = NULL;
+@@ -1032,9 +1031,9 @@ rpcap_remoteact_getsock(const char *host, int *error, char *errbuf)
+        hints.ai_family = PF_UNSPEC;
+        hints.ai_socktype = SOCK_STREAM;
+ 
+-       retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
+       addrinfo = sock_initaddress(host, NULL, &hints, errbuf,
+            PCAP_ERRBUF_SIZE);
+-       if (retval != 0)
+       if (addrinfo == NULL)
+        {
+                *error = 1;
+                return NULL;
+@@ -1186,7 +1185,9 @@ static int pcap_startcapture_remote(pcap_t *fp)
+                hints.ai_flags = AI_PASSIVE;    /* Data connection is opened by the server toward the client */
+ 
+                /* Let's the server pick up a free network port for us */
+-               if (sock_initaddress(NULL, NULL, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
+               addrinfo = sock_initaddress(NULL, NULL, &hints, fp->errbuf,
+                   PCAP_ERRBUF_SIZE);
+               if (addrinfo == NULL)
+                        goto error_nodiscard;
+ 
+                if ((sockdata = sock_open(NULL, addrinfo, SOCKOPEN_SERVER,
+@@ -1311,7 +1312,9 @@ static int pcap_startcapture_remote(pcap_t *fp)
+                        snprintf(portstring, PCAP_BUF_SIZE, "%d", ntohs(startcapreply.portdata));
+ 
+                        /* Let's the server pick up a free network port for us */
+-                       if (sock_initaddress(host, portstring, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
+                       addrinfo = sock_initaddress(host, portstring, &hints,
+                           fp->errbuf, PCAP_ERRBUF_SIZE);
+                       if (addrinfo == NULL)
+                                goto error;
+ 
+                        if ((sockdata = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0, fp->errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
+@@ -2340,16 +2343,16 @@ rpcap_setup_session(const char *source, struct pcap_rmtauth *auth,
+                if (port[0] == 0)
+                {
+                        /* the user chose not to specify the port */
+-                       if (sock_initaddress(host, RPCAP_DEFAULT_NETPORT,
+-                           &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
+-                               return -1;
+                       addrinfo = sock_initaddress(host, RPCAP_DEFAULT_NETPORT,
+                           &hints, errbuf, PCAP_ERRBUF_SIZE);
+                }
+                else
+                {
+-                       if (sock_initaddress(host, port, &hints, &addrinfo,
+-                           errbuf, PCAP_ERRBUF_SIZE) == -1)
+-                               return -1;
+                       addrinfo = sock_initaddress(host, port, &hints,
+                           errbuf, PCAP_ERRBUF_SIZE);
+                }
+               if (addrinfo == NULL)
+                       return -1;
+ 
+                if ((*sockctrlp = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0,
+                    errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
+@@ -2950,19 +2953,19 @@ SOCKET pcap_remoteact_accept_ex(const char *address, const char *port, const cha
+        /* Do the work */
+        if ((port == NULL) || (port[0] == 0))
+        {
+-               if (sock_initaddress(address, RPCAP_DEFAULT_NETPORT_ACTIVE, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
+-               {
+-                       return (SOCKET)-2;
+-               }
+               addrinfo = sock_initaddress(address,
+                   RPCAP_DEFAULT_NETPORT_ACTIVE, &hints, errbuf,
+                   PCAP_ERRBUF_SIZE);
+        }
+        else
+        {
+-               if (sock_initaddress(address, port, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
+-               {
+-                       return (SOCKET)-2;
+-               }
+               addrinfo = sock_initaddress(address, port, &hints, errbuf,
+                   PCAP_ERRBUF_SIZE);
+       }
+       if (addrinfo == NULL)
+       {
+               return (SOCKET)-2;
+        }
+-
+ 
+        if ((sockmain = sock_open(NULL, addrinfo, SOCKOPEN_SERVER, 1, errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
+        {
+@@ -3122,7 +3125,6 @@ int pcap_remoteact_close(const char *host, char *errbuf)
+ {
+        struct activehosts *temp, *prev;        /* temp var needed to scan the host list chain */
+        struct addrinfo hints, *addrinfo, *ai_next;     /* temp var needed to translate between hostname to its address */
+-       int retval;
+ 
+        temp = activeHosts;
+        prev = NULL;
+@@ -3133,9 +3135,9 @@ int pcap_remoteact_close(const char *host, char *errbuf)
+        hints.ai_family = PF_UNSPEC;
+        hints.ai_socktype = SOCK_STREAM;
+ 
+-       retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
+       addrinfo = sock_initaddress(host, NULL, &hints, errbuf,
+            PCAP_ERRBUF_SIZE);
+-       if (retval != 0)
+       if (addrinfo == NULL)
+        {
+                return -1;
+        }
+diff --git a/rpcapd/daemon.c b/rpcapd/daemon.c
+index 8d620dd604..b04b29f107 100644
+--- a/rpcapd/daemon.c
+++ b/rpcapd/daemon.c
+@@ -2085,7 +2085,9 @@ daemon_msg_startcap_req(uint8 ver, struct daemon_slpars *pars, uint32 plen,
+                        goto error;
+                }
+ 
+-               if (sock_initaddress(peerhost, portdata, &hints, &addrinfo, errmsgbuf, PCAP_ERRBUF_SIZE) == -1)
+               addrinfo = sock_initaddress(peerhost, portdata, &hints,
+                   errmsgbuf, PCAP_ERRBUF_SIZE);
+               if (addrinfo == NULL)
+                        goto error;
+ 
+                if ((session->sockdata = sock_open(peerhost, addrinfo, SOCKOPEN_CLIENT, 0, errmsgbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
+@@ -2096,7 +2098,9 @@ daemon_msg_startcap_req(uint8 ver, struct daemon_slpars *pars, uint32 plen,
+                hints.ai_flags = AI_PASSIVE;
+ 
+                // Make the server socket pick up a free network port for us
+-               if (sock_initaddress(NULL, NULL, &hints, &addrinfo, errmsgbuf, PCAP_ERRBUF_SIZE) == -1)
+               addrinfo = sock_initaddress(NULL, NULL, &hints, errmsgbuf,
+                   PCAP_ERRBUF_SIZE);
+               if (addrinfo == NULL)
+                        goto error;
+ 
+                if ((session->sockdata = sock_open(NULL, addrinfo, SOCKOPEN_SERVER, 1 /* max 1 connection in queue */, errmsgbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
+diff --git a/rpcapd/rpcapd.c b/rpcapd/rpcapd.c
+index e1f3f05299..d166522c9f 100644
+--- a/rpcapd/rpcapd.c
+++ b/rpcapd/rpcapd.c
+@@ -611,7 +611,9 @@ void main_startup(void)
+                //
+                // Get a list of sockets on which to listen.
+                //
+-               if (sock_initaddress((address[0]) ? address : NULL, port, &mainhints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
+               addrinfo = sock_initaddress((address[0]) ? address : NULL,
+                   port, &mainhints, errbuf, PCAP_ERRBUF_SIZE);
+               if (addrinfo == NULL)
+                {
+                        rpcapd_log(LOGPRIO_DEBUG, "%s", errbuf);
+                        return;
+@@ -1350,7 +1352,9 @@ main_active(void *ptr)
+        memset(errbuf, 0, sizeof(errbuf));
+ 
+        // Do the work
+-       if (sock_initaddress(activepars->address, activepars->port, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
+       addrinfo = sock_initaddress(activepars->address, activepars->port,
+           &hints, errbuf, PCAP_ERRBUF_SIZE);
+       if (addrinfo == NULL)
+        {
+                rpcapd_log(LOGPRIO_DEBUG, "%s", errbuf);
+                return 0;
+diff --git a/sockutils.c b/sockutils.c
+index a1bfa1b5e2..823c2363e0 100644
+--- a/sockutils.c
+++ b/sockutils.c
+@@ -1069,20 +1069,21 @@ get_gai_errstring(char *errbuf, int errbuflen, const char *prefix, int err,
+  * \param errbuflen: length of the buffer that will contains the error. The error message cannot be
+  * larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
+  *
+- * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
+- * in the 'errbuf' variable. The addrinfo variable that has to be used in the following sockets calls is
+- * returned into the addrinfo parameter.
+ * \return a pointer to the first element in a list of addrinfo structures
+ * if everything is fine, NULL if some errors occurred. The error message
+ * is returned in the 'errbuf' variable.
+  *
+- * \warning The 'addrinfo' variable has to be deleted by the programmer by calling freeaddrinfo() when
+- * it is no longer needed.
+ * \warning The list of addrinfo structures returned has to be deleted by
+ * the programmer by calling freeaddrinfo() when it is no longer needed.
+  *
+  * \warning This function requires the 'hints' variable as parameter. The semantic of this variable is the same
+  * of the one of the corresponding variable used into the standard getaddrinfo() socket function. We suggest
+  * the programmer to look at that function in order to set the 'hints' variable appropriately.
+  */
+-int sock_initaddress(const char *host, const char *port,
+-    struct addrinfo *hints, struct addrinfo **addrinfo, char *errbuf, int errbuflen)
+struct addrinfo *sock_initaddress(const char *host, const char *port,
+    struct addrinfo *hints, char *errbuf, int errbuflen)
+ {
+       struct addrinfo *addrinfo;
+        int retval;
+ 
+        /*
+@@ -1094,9 +1095,13 @@ int sock_initaddress(const char *host, const char *port,
+         * as those messages won't talk about a problem with the port if
+         * no port was specified.
+         */
+-       retval = getaddrinfo(host, port == NULL ? "0" : port, hints, addrinfo);
+       retval = getaddrinfo(host, port == NULL ? "0" : port, hints, &addrinfo);
+        if (retval != 0)
+        {
+               /*
+                * That call failed.
+                * Determine whether the problem is that the host is bad.
+                */
+                if (errbuf)
+                {
+                        if (host != NULL && port != NULL) {
+@@ -1108,7 +1113,7 @@ int sock_initaddress(const char *host, const char *port,
+                                int try_retval;
+ 
+                                try_retval = getaddrinfo(host, NULL, hints,
+-                                   addrinfo);
+                                   &addrinfo);
+                                if (try_retval == 0) {
+                                        /*
+                                         * Worked with just the host,
+@@ -1117,14 +1122,16 @@ int sock_initaddress(const char *host, const char *port,
+                                         *
+                                         * Free up the address info first.
+                                         */
+-                                       freeaddrinfo(*addrinfo);
+                                       freeaddrinfo(addrinfo);
+                                        get_gai_errstring(errbuf, errbuflen,
+                                            "", retval, NULL, port);
+                                } else {
+                                        /*
+                                         * Didn't work with just the host,
+                                         * so assume the problem is
+-                                        * with the host.
+                                        * with the host; we assume
+                                        * the original error indicates
+                                        * the underlying problem.
+                                         */
+                                        get_gai_errstring(errbuf, errbuflen,
+                                            "", retval, host, NULL);
+@@ -1132,13 +1139,14 @@ int sock_initaddress(const char *host, const char *port,
+                        } else {
+                                /*
+                                 * Either the host or port was null, so
+-                                * there's nothing to determine.
+                                * there's nothing to determine; report
+                                * the error from the original call.
+                                 */
+                                get_gai_errstring(errbuf, errbuflen, "",
+                                    retval, host, port);
+                        }
+                }
+-               return -1;
+               return NULL;
+        }
+        /*
+         * \warning SOCKET: I should check all the accept() in order to bind to all addresses in case
+@@ -1153,30 +1161,28 @@ int sock_initaddress(const char *host, const char *port,
+         * ignore all addresses that are neither?  (What, no IPX
+         * support? :-))
+         */
+-       if (((*addrinfo)->ai_family != PF_INET) &&
+-           ((*addrinfo)->ai_family != PF_INET6))
+       if ((addrinfo->ai_family != PF_INET) &&
+           (addrinfo->ai_family != PF_INET6))
+        {
+                if (errbuf)
+                        snprintf(errbuf, errbuflen, "getaddrinfo(): socket type not supported");
+-               freeaddrinfo(*addrinfo);
+-               *addrinfo = NULL;
+-               return -1;
+               freeaddrinfo(addrinfo);
+               return NULL;
+        }
+ 
+        /*
+         * You can't do multicast (or broadcast) TCP.
+         */
+-       if (((*addrinfo)->ai_socktype == SOCK_STREAM) &&
+-           (sock_ismcastaddr((*addrinfo)->ai_addr) == 0))
+       if ((addrinfo->ai_socktype == SOCK_STREAM) &&
+           (sock_ismcastaddr(addrinfo->ai_addr) == 0))
+        {
+                if (errbuf)
+                        snprintf(errbuf, errbuflen, "getaddrinfo(): multicast addresses are not valid when using TCP streams");
+-               freeaddrinfo(*addrinfo);
+-               *addrinfo = NULL;
+-               return -1;
+               freeaddrinfo(addrinfo);
+               return NULL;
+        }
+ 
+-       return 0;
+       return addrinfo;
+ }
+ 
+ /*
+@@ -2089,7 +2095,9 @@ int sock_present2network(const char *address, struct sockaddr_storage *sockaddr,
+ 
+        hints.ai_family = addr_family;
+ 
+-       if (sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen) == -1)
+       addrinfo = sock_initaddress(address, "22222" /* fake port */, &hints,
+           errbuf, errbuflen);
+       if (addrinfo == NULL)
+                return 0;
+ 
+        if (addrinfo->ai_family == PF_INET)
+diff --git a/sockutils.h b/sockutils.h
+index a488d8fcb4..30b8cfe0b7 100644
+--- a/sockutils.h
+++ b/sockutils.h
+@@ -138,9 +138,8 @@ void sock_fmterrmsg(char *errbuf, size_t errbuflen, int errcode,
+     PCAP_FORMAT_STRING(const char *fmt), ...) PCAP_PRINTFLIKE(4, 5);
+ void sock_geterrmsg(char *errbuf, size_t errbuflen,
+     PCAP_FORMAT_STRING(const char *fmt), ...)  PCAP_PRINTFLIKE(3, 4);
+-int sock_initaddress(const char *address, const char *port,
+-    struct addrinfo *hints, struct addrinfo **addrinfo,
+-    char *errbuf, int errbuflen);
+struct addrinfo *sock_initaddress(const char *address, const char *port,
+    struct addrinfo *hints, char *errbuf, int errbuflen);
+ int sock_recv(SOCKET sock, SSL *, void *buffer, size_t size, int receiveall,
+     char *errbuf, int errbuflen);
+ int sock_recv_dgram(SOCKET sock, SSL *, void *buffer, size_t size,
diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch
new file mode 100644
index 0000000000..6819aedd20
--- /dev/null
+++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch
@@ -0,0 +1,42 @@
+From 8a633ee5b9ecd9d38a587ac9b204e2380713b0d6 Mon Sep 17 00:00:00 2001
+From: Nicolas Badoux <n.badoux@hotmail.com>
+Date: Mon, 19 Aug 2024 12:31:53 +0200
+Subject: [PATCH] makes pcap_findalldevs_ex errors out if the directory does
+ not exist
+(backported from commit 0f8a103469ce87d2b8d68c5130a46ddb7fb5eb29)
+Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6]
+CVE: CVE-2024-8006
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ pcap-new.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+diff --git a/pcap-new.c b/pcap-new.c
+index be91b3f8db..d449ee623c 100644
+--- a/pcap-new.c
+++ b/pcap-new.c
+@@ -230,6 +230,13 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
+ #else
+                /* opening the folder */
+                unixdir= opendir(path);
+               if (unixdir == NULL) {
+                       DIAG_OFF_FORMAT_TRUNCATION
+                       snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                           "Error when listing files: does folder '%s' exist?", path);
+                       DIAG_ON_FORMAT_TRUNCATION
+                       return -1;
+               }
+ 
+                /* get the first file into it */
+                filedata= readdir(unixdir);
+@@ -237,7 +244,7 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
+                if (filedata == NULL)
+                {
+                        DIAG_OFF_FORMAT_TRUNCATION
+-                       snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error when listing files: does folder '%s' exist?", path);
+                       snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error when listing files: does folder '%s' contain files?", path);
+                        DIAG_ON_FORMAT_TRUNCATION
+                        closedir(unixdir);
+                        return -1;
diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
index 166654e280..36eb4bca75 100644
--- a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
+++ b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
@@ -10,7 +10,12 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453 \
                    file://pcap.h;beginline=1;endline=32;md5=39af3510e011f34b8872f120b1dc31d2"
 DEPENDS = "flex-native bison-native"
-SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz"
+SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \
+           file://CVE-2023-7256-pre1.patch \
+           file://CVE-2023-7256.patch \
+           file://CVE-2024-8006.patch \
+          "
 SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f"
 inherit autotools binconfig-disabled pkgconfig
author	Vijay Anusuri <vanusuri@mvista.com>	2024-09-18 16:39:49 +0530
committer	Steve Sakoman <steve@sakoman.com>	2024-09-25 05:07:47 -0700
commit	263e0c2f1ab5f7c86a7698d4d2b4c4a70dc6f418 (patch)
tree	6a9bd0f3189d64c083584213d8ec34205b66ad54 /meta/recipes-connectivity
parent	5413343d48e1da4a47236c569064b9d167d1f8f1 (diff)
download	poky-263e0c2f1ab5f7c86a7698d4d2b4c4a70dc6f418.tar.gz

diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch new file mode 100644 index 0000000000..64abfb85cd --- /dev/null +++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch
@@ -0,0 +1,37 @@
		1	From 73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f Mon Sep 17 00:00:00 2001
		2	From: Rose <83477269+AtariDreams@users.noreply.github.com>
		3	Date: Tue, 16 May 2023 12:37:11 -0400
		4	Subject: [PATCH] Remove unused variable retval in sock_present2network
		5
		6	This quiets the compiler since it is not even returned anyway, and is a misleading variable name.
		7
		8	(cherry picked from commit c7b90298984c46d820d3cee79a96d24870b5f200)
		9
		10	Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f]
		11	CVE: CVE-2023-7256 #Dependency Patch
		12	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
		13	---
		14	sockutils.c \| 3 +--
		15	1 file changed, 1 insertion(+), 2 deletions(-)
		16
		17	diff --git a/sockutils.c b/sockutils.c
		18	index 1c07f76fd1..6752f296af 100644
		19	--- a/sockutils.c
		20	+++ b/sockutils.c
		21	@@ -2082,7 +2082,6 @@ int sock_getascii_addrport(const struct sockaddr_storage sockaddr, char addres
		22	*/
		23	int sock_present2network(const char address, struct sockaddr_storage sockaddr, int addr_family, char *errbuf, int errbuflen)
		24	{
		25	- int retval;
		26	struct addrinfo *addrinfo;
		27	struct addrinfo hints;
		28
		29	@@ -2090,7 +2089,7 @@ int sock_present2network(const char address, struct sockaddr_storage sockaddr,
		30
		31	hints.ai_family = addr_family;
		32
		33	- if ((retval = sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen)) == -1)
		34	+ if (sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen) == -1)
		35	return 0;
		36
		37	if (addrinfo->ai_family == PF_INET)


diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch new file mode 100644 index 0000000000..fffcb2704a --- /dev/null +++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch
@@ -0,0 +1,365 @@
		1	From 2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d Mon Sep 17 00:00:00 2001
		2	From: Guy Harris <gharris@sonic.net>
		3	Date: Thu, 28 Sep 2023 00:37:57 -0700
		4	Subject: [PATCH] Have sock_initaddress() return the list of addrinfo
		5	structures or NULL.
		6
		7	Its return address is currently 0 for success and -1 for failure, with a
		8	pointer to the first element of the list of struct addrinfos returned
		9	through a pointer on success; change it to return that pointer on
		10	success and NULL on failure.
		11
		12	That way, we don't have to worry about what happens to the pointer
		13	pointeed to by the argument in question on failure; we know that we got
		14	NULL back if no struct addrinfos were found because getaddrinfo()
		15	failed. Thus, we know that we have something to free iff
		16	sock_initaddress() returned a pointer to that something rather than
		17	returning NULL.
		18
		19	This avoids a double-free in some cases.
		20
		21	This is apparently CVE-2023-40400.
		22
		23	(backported from commit 262e4f34979872d822ccedf9f318ed89c4d31c03)
		24
		25	Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d]
		26	CVE: CVE-2023-7256
		27	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
		28	---
		29	pcap-rpcap.c \| 48 ++++++++++++++++++++--------------------
		30	rpcapd/daemon.c \| 8 +++++--
		31	rpcapd/rpcapd.c \| 8 +++++--
		32	sockutils.c \| 58 ++++++++++++++++++++++++++++---------------------
		33	sockutils.h \| 5 ++---
		34	5 files changed, 72 insertions(+), 55 deletions(-)
		35
		36	diff --git a/pcap-rpcap.c b/pcap-rpcap.c
		37	index ef0cd6e49c..f1992e4aea 100644
		38	--- a/pcap-rpcap.c
		39	+++ b/pcap-rpcap.c
		40	@@ -1024,7 +1024,6 @@ rpcap_remoteact_getsock(const char host, int error, char *errbuf)
		41	{
		42	struct activehosts temp; / temp var needed to scan the host list chain */
		43	struct addrinfo hints, addrinfo, ai_next; /* temp var needed to translate between hostname to its address */
		44	- int retval;
		45
		46	/* retrieve the network address corresponding to 'host' */
		47	addrinfo = NULL;
		48	@@ -1032,9 +1031,9 @@ rpcap_remoteact_getsock(const char host, int error, char *errbuf)
		49	hints.ai_family = PF_UNSPEC;
		50	hints.ai_socktype = SOCK_STREAM;
		51
		52	- retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
		53	+ addrinfo = sock_initaddress(host, NULL, &hints, errbuf,
		54	PCAP_ERRBUF_SIZE);
		55	- if (retval != 0)
		56	+ if (addrinfo == NULL)
		57	{
		58	*error = 1;
		59	return NULL;
		60	@@ -1186,7 +1185,9 @@ static int pcap_startcapture_remote(pcap_t *fp)
		61	hints.ai_flags = AI_PASSIVE; /* Data connection is opened by the server toward the client */
		62
		63	/* Let's the server pick up a free network port for us */
		64	- if (sock_initaddress(NULL, NULL, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
		65	+ addrinfo = sock_initaddress(NULL, NULL, &hints, fp->errbuf,
		66	+ PCAP_ERRBUF_SIZE);
		67	+ if (addrinfo == NULL)
		68	goto error_nodiscard;
		69
		70	if ((sockdata = sock_open(NULL, addrinfo, SOCKOPEN_SERVER,
		71	@@ -1311,7 +1312,9 @@ static int pcap_startcapture_remote(pcap_t *fp)
		72	snprintf(portstring, PCAP_BUF_SIZE, "%d", ntohs(startcapreply.portdata));
		73
		74	/* Let's the server pick up a free network port for us */
		75	- if (sock_initaddress(host, portstring, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
		76	+ addrinfo = sock_initaddress(host, portstring, &hints,
		77	+ fp->errbuf, PCAP_ERRBUF_SIZE);
		78	+ if (addrinfo == NULL)
		79	goto error;
		80
		81	if ((sockdata = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0, fp->errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
		82	@@ -2340,16 +2343,16 @@ rpcap_setup_session(const char source, struct pcap_rmtauth auth,
		83	if (port[0] == 0)
		84	{
		85	/* the user chose not to specify the port */
		86	- if (sock_initaddress(host, RPCAP_DEFAULT_NETPORT,
		87	- &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
		88	- return -1;
		89	+ addrinfo = sock_initaddress(host, RPCAP_DEFAULT_NETPORT,
		90	+ &hints, errbuf, PCAP_ERRBUF_SIZE);
		91	}
		92	else
		93	{
		94	- if (sock_initaddress(host, port, &hints, &addrinfo,
		95	- errbuf, PCAP_ERRBUF_SIZE) == -1)
		96	- return -1;
		97	+ addrinfo = sock_initaddress(host, port, &hints,
		98	+ errbuf, PCAP_ERRBUF_SIZE);
		99	}
		100	+ if (addrinfo == NULL)
		101	+ return -1;
		102
		103	if ((*sockctrlp = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0,
		104	errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
		105	@@ -2950,19 +2953,19 @@ SOCKET pcap_remoteact_accept_ex(const char address, const char port, const cha
		106	/* Do the work */
		107	if ((port == NULL) \|\| (port[0] == 0))
		108	{
		109	- if (sock_initaddress(address, RPCAP_DEFAULT_NETPORT_ACTIVE, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
		110	- {
		111	- return (SOCKET)-2;
		112	- }
		113	+ addrinfo = sock_initaddress(address,
		114	+ RPCAP_DEFAULT_NETPORT_ACTIVE, &hints, errbuf,
		115	+ PCAP_ERRBUF_SIZE);
		116	}
		117	else
		118	{
		119	- if (sock_initaddress(address, port, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
		120	- {
		121	- return (SOCKET)-2;
		122	- }
		123	+ addrinfo = sock_initaddress(address, port, &hints, errbuf,
		124	+ PCAP_ERRBUF_SIZE);
		125	+ }
		126	+ if (addrinfo == NULL)
		127	+ {
		128	+ return (SOCKET)-2;
		129	}
		130	-
		131
		132	if ((sockmain = sock_open(NULL, addrinfo, SOCKOPEN_SERVER, 1, errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
		133	{
		134	@@ -3122,7 +3125,6 @@ int pcap_remoteact_close(const char host, char errbuf)
		135	{
		136	struct activehosts temp, prev; /* temp var needed to scan the host list chain */
		137	struct addrinfo hints, addrinfo, ai_next; /* temp var needed to translate between hostname to its address */
		138	- int retval;
		139
		140	temp = activeHosts;
		141	prev = NULL;
		142	@@ -3133,9 +3135,9 @@ int pcap_remoteact_close(const char host, char errbuf)
		143	hints.ai_family = PF_UNSPEC;
		144	hints.ai_socktype = SOCK_STREAM;
		145
		146	- retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
		147	+ addrinfo = sock_initaddress(host, NULL, &hints, errbuf,
		148	PCAP_ERRBUF_SIZE);
		149	- if (retval != 0)
		150	+ if (addrinfo == NULL)
		151	{
		152	return -1;
		153	}
		154	diff --git a/rpcapd/daemon.c b/rpcapd/daemon.c
		155	index 8d620dd604..b04b29f107 100644
		156	--- a/rpcapd/daemon.c
		157	+++ b/rpcapd/daemon.c
		158	@@ -2085,7 +2085,9 @@ daemon_msg_startcap_req(uint8 ver, struct daemon_slpars *pars, uint32 plen,
		159	goto error;
		160	}
		161
		162	- if (sock_initaddress(peerhost, portdata, &hints, &addrinfo, errmsgbuf, PCAP_ERRBUF_SIZE) == -1)
		163	+ addrinfo = sock_initaddress(peerhost, portdata, &hints,
		164	+ errmsgbuf, PCAP_ERRBUF_SIZE);
		165	+ if (addrinfo == NULL)
		166	goto error;
		167
		168	if ((session->sockdata = sock_open(peerhost, addrinfo, SOCKOPEN_CLIENT, 0, errmsgbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
		169	@@ -2096,7 +2098,9 @@ daemon_msg_startcap_req(uint8 ver, struct daemon_slpars *pars, uint32 plen,
		170	hints.ai_flags = AI_PASSIVE;
		171
		172	// Make the server socket pick up a free network port for us
		173	- if (sock_initaddress(NULL, NULL, &hints, &addrinfo, errmsgbuf, PCAP_ERRBUF_SIZE) == -1)
		174	+ addrinfo = sock_initaddress(NULL, NULL, &hints, errmsgbuf,
		175	+ PCAP_ERRBUF_SIZE);
		176	+ if (addrinfo == NULL)
		177	goto error;
		178
		179	if ((session->sockdata = sock_open(NULL, addrinfo, SOCKOPEN_SERVER, 1 /* max 1 connection in queue */, errmsgbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
		180	diff --git a/rpcapd/rpcapd.c b/rpcapd/rpcapd.c
		181	index e1f3f05299..d166522c9f 100644
		182	--- a/rpcapd/rpcapd.c
		183	+++ b/rpcapd/rpcapd.c
		184	@@ -611,7 +611,9 @@ void main_startup(void)
		185	//
		186	// Get a list of sockets on which to listen.
		187	//
		188	- if (sock_initaddress((address[0]) ? address : NULL, port, &mainhints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
		189	+ addrinfo = sock_initaddress((address[0]) ? address : NULL,
		190	+ port, &mainhints, errbuf, PCAP_ERRBUF_SIZE);
		191	+ if (addrinfo == NULL)
		192	{
		193	rpcapd_log(LOGPRIO_DEBUG, "%s", errbuf);
		194	return;
		195	@@ -1350,7 +1352,9 @@ main_active(void *ptr)
		196	memset(errbuf, 0, sizeof(errbuf));
		197
		198	// Do the work
		199	- if (sock_initaddress(activepars->address, activepars->port, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
		200	+ addrinfo = sock_initaddress(activepars->address, activepars->port,
		201	+ &hints, errbuf, PCAP_ERRBUF_SIZE);
		202	+ if (addrinfo == NULL)
		203	{
		204	rpcapd_log(LOGPRIO_DEBUG, "%s", errbuf);
		205	return 0;
		206	diff --git a/sockutils.c b/sockutils.c
		207	index a1bfa1b5e2..823c2363e0 100644
		208	--- a/sockutils.c
		209	+++ b/sockutils.c
		210	@@ -1069,20 +1069,21 @@ get_gai_errstring(char errbuf, int errbuflen, const char prefix, int err,
		211	* \param errbuflen: length of the buffer that will contains the error. The error message cannot be
		212	* larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
		213	*
		214	- * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
		215	- * in the 'errbuf' variable. The addrinfo variable that has to be used in the following sockets calls is
		216	- * returned into the addrinfo parameter.
		217	+ * \return a pointer to the first element in a list of addrinfo structures
		218	+ * if everything is fine, NULL if some errors occurred. The error message
		219	+ * is returned in the 'errbuf' variable.
		220	*
		221	- * \warning The 'addrinfo' variable has to be deleted by the programmer by calling freeaddrinfo() when
		222	- * it is no longer needed.
		223	+ * \warning The list of addrinfo structures returned has to be deleted by
		224	+ * the programmer by calling freeaddrinfo() when it is no longer needed.
		225	*
		226	* \warning This function requires the 'hints' variable as parameter. The semantic of this variable is the same
		227	* of the one of the corresponding variable used into the standard getaddrinfo() socket function. We suggest
		228	* the programmer to look at that function in order to set the 'hints' variable appropriately.
		229	*/
		230	-int sock_initaddress(const char host, const char port,
		231	- struct addrinfo hints, struct addrinfo addrinfo, char errbuf, int errbuflen)
		232	+struct addrinfo sock_initaddress(const char host, const char *port,
		233	+ struct addrinfo hints, char errbuf, int errbuflen)
		234	{
		235	+ struct addrinfo *addrinfo;
		236	int retval;
		237
		238	/*
		239	@@ -1094,9 +1095,13 @@ int sock_initaddress(const char host, const char port,
		240	* as those messages won't talk about a problem with the port if
		241	* no port was specified.
		242	*/
		243	- retval = getaddrinfo(host, port == NULL ? "0" : port, hints, addrinfo);
		244	+ retval = getaddrinfo(host, port == NULL ? "0" : port, hints, &addrinfo);
		245	if (retval != 0)
		246	{
		247	+ /*
		248	+ * That call failed.
		249	+ * Determine whether the problem is that the host is bad.
		250	+ */
		251	if (errbuf)
		252	{
		253	if (host != NULL && port != NULL) {
		254	@@ -1108,7 +1113,7 @@ int sock_initaddress(const char host, const char port,
		255	int try_retval;
		256
		257	try_retval = getaddrinfo(host, NULL, hints,
		258	- addrinfo);
		259	+ &addrinfo);
		260	if (try_retval == 0) {
		261	/*
		262	* Worked with just the host,
		263	@@ -1117,14 +1122,16 @@ int sock_initaddress(const char host, const char port,
		264	*
		265	* Free up the address info first.
		266	*/
		267	- freeaddrinfo(*addrinfo);
		268	+ freeaddrinfo(addrinfo);
		269	get_gai_errstring(errbuf, errbuflen,
		270	"", retval, NULL, port);
		271	} else {
		272	/*
		273	* Didn't work with just the host,
		274	* so assume the problem is
		275	- * with the host.
		276	+ * with the host; we assume
		277	+ * the original error indicates
		278	+ * the underlying problem.
		279	*/
		280	get_gai_errstring(errbuf, errbuflen,
		281	"", retval, host, NULL);
		282	@@ -1132,13 +1139,14 @@ int sock_initaddress(const char host, const char port,
		283	} else {
		284	/*
		285	* Either the host or port was null, so
		286	- * there's nothing to determine.
		287	+ * there's nothing to determine; report
		288	+ * the error from the original call.
		289	*/
		290	get_gai_errstring(errbuf, errbuflen, "",
		291	retval, host, port);
		292	}
		293	}
		294	- return -1;
		295	+ return NULL;
		296	}
		297	/*
		298	* \warning SOCKET: I should check all the accept() in order to bind to all addresses in case
		299	@@ -1153,30 +1161,28 @@ int sock_initaddress(const char host, const char port,
		300	* ignore all addresses that are neither? (What, no IPX
		301	* support? :-))
		302	*/
		303	- if (((*addrinfo)->ai_family != PF_INET) &&
		304	- ((*addrinfo)->ai_family != PF_INET6))
		305	+ if ((addrinfo->ai_family != PF_INET) &&
		306	+ (addrinfo->ai_family != PF_INET6))
		307	{
		308	if (errbuf)
		309	snprintf(errbuf, errbuflen, "getaddrinfo(): socket type not supported");
		310	- freeaddrinfo(*addrinfo);
		311	- *addrinfo = NULL;
		312	- return -1;
		313	+ freeaddrinfo(addrinfo);
		314	+ return NULL;
		315	}
		316
		317	/*
		318	* You can't do multicast (or broadcast) TCP.
		319	*/
		320	- if (((*addrinfo)->ai_socktype == SOCK_STREAM) &&
		321	- (sock_ismcastaddr((*addrinfo)->ai_addr) == 0))
		322	+ if ((addrinfo->ai_socktype == SOCK_STREAM) &&
		323	+ (sock_ismcastaddr(addrinfo->ai_addr) == 0))
		324	{
		325	if (errbuf)
		326	snprintf(errbuf, errbuflen, "getaddrinfo(): multicast addresses are not valid when using TCP streams");
		327	- freeaddrinfo(*addrinfo);
		328	- *addrinfo = NULL;
		329	- return -1;
		330	+ freeaddrinfo(addrinfo);
		331	+ return NULL;
		332	}
		333
		334	- return 0;
		335	+ return addrinfo;
		336	}
		337
		338	/*
		339	@@ -2089,7 +2095,9 @@ int sock_present2network(const char address, struct sockaddr_storage sockaddr,
		340
		341	hints.ai_family = addr_family;
		342
		343	- if (sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen) == -1)
		344	+ addrinfo = sock_initaddress(address, "22222" /* fake port */, &hints,
		345	+ errbuf, errbuflen);
		346	+ if (addrinfo == NULL)
		347	return 0;
		348
		349	if (addrinfo->ai_family == PF_INET)
		350	diff --git a/sockutils.h b/sockutils.h
		351	index a488d8fcb4..30b8cfe0b7 100644
		352	--- a/sockutils.h
		353	+++ b/sockutils.h
		354	@@ -138,9 +138,8 @@ void sock_fmterrmsg(char *errbuf, size_t errbuflen, int errcode,
		355	PCAP_FORMAT_STRING(const char *fmt), ...) PCAP_PRINTFLIKE(4, 5);
		356	void sock_geterrmsg(char *errbuf, size_t errbuflen,
		357	PCAP_FORMAT_STRING(const char *fmt), ...) PCAP_PRINTFLIKE(3, 4);
		358	-int sock_initaddress(const char address, const char port,
		359	- struct addrinfo hints, struct addrinfo *addrinfo,
		360	- char *errbuf, int errbuflen);
		361	+struct addrinfo sock_initaddress(const char address, const char *port,
		362	+ struct addrinfo hints, char errbuf, int errbuflen);
		363	int sock_recv(SOCKET sock, SSL , void buffer, size_t size, int receiveall,
		364	char *errbuf, int errbuflen);
		365	int sock_recv_dgram(SOCKET sock, SSL , void buffer, size_t size,


diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch new file mode 100644 index 0000000000..6819aedd20 --- /dev/null +++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch
@@ -0,0 +1,42 @@
		1	From 8a633ee5b9ecd9d38a587ac9b204e2380713b0d6 Mon Sep 17 00:00:00 2001
		2	From: Nicolas Badoux <n.badoux@hotmail.com>
		3	Date: Mon, 19 Aug 2024 12:31:53 +0200
		4	Subject: [PATCH] makes pcap_findalldevs_ex errors out if the directory does
		5	not exist
		6
		7	(backported from commit 0f8a103469ce87d2b8d68c5130a46ddb7fb5eb29)
		8
		9	Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6]
		10	CVE: CVE-2024-8006
		11	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
		12	---
		13	pcap-new.c \| 9 ++++++++-
		14	1 file changed, 8 insertions(+), 1 deletion(-)
		15
		16	diff --git a/pcap-new.c b/pcap-new.c
		17	index be91b3f8db..d449ee623c 100644
		18	--- a/pcap-new.c
		19	+++ b/pcap-new.c
		20	@@ -230,6 +230,13 @@ int pcap_findalldevs_ex(const char source, struct pcap_rmtauth auth, pcap_if_t
		21	#else
		22	/* opening the folder */
		23	unixdir= opendir(path);
		24	+ if (unixdir == NULL) {
		25	+ DIAG_OFF_FORMAT_TRUNCATION
		26	+ snprintf(errbuf, PCAP_ERRBUF_SIZE,
		27	+ "Error when listing files: does folder '%s' exist?", path);
		28	+ DIAG_ON_FORMAT_TRUNCATION
		29	+ return -1;
		30	+ }
		31
		32	/* get the first file into it */
		33	filedata= readdir(unixdir);
		34	@@ -237,7 +244,7 @@ int pcap_findalldevs_ex(const char source, struct pcap_rmtauth auth, pcap_if_t
		35	if (filedata == NULL)
		36	{
		37	DIAG_OFF_FORMAT_TRUNCATION
		38	- snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error when listing files: does folder '%s' exist?", path);
		39	+ snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error when listing files: does folder '%s' contain files?", path);
		40	DIAG_ON_FORMAT_TRUNCATION
		41	closedir(unixdir);
		42	return -1;


diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb index 166654e280..36eb4bca75 100644 --- a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb +++ b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
@@ -10,7 +10,12 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453 \
10	file://pcap.h;beginline=1;endline=32;md5=39af3510e011f34b8872f120b1dc31d2"	10	file://pcap.h;beginline=1;endline=32;md5=39af3510e011f34b8872f120b1dc31d2"
11	DEPENDS = "flex-native bison-native"	11	DEPENDS = "flex-native bison-native"
12		12
13	SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz"	13	SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \
		14	file://CVE-2023-7256-pre1.patch \
		15	file://CVE-2023-7256.patch \
		16	file://CVE-2024-8006.patch \
		17	"
		18
14	SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f"	19	SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f"
15		20
16	inherit autotools binconfig-disabled pkgconfig	21	inherit autotools binconfig-disabled pkgconfig