diff options
author | Guillem Jover <guillem@hadrons.org> | 2011-12-28 02:53:21 +0100 |
---|---|---|
committer | Guillem Jover <guillem@hadrons.org> | 2011-12-28 02:53:46 +0100 |
commit | fd459180ea2928cac6cf46b6435204063421757f (patch) | |
tree | b895eb37f03e1555a449e9984fa60df5b247ad6c | |
parent | 324bb3e1d005050a148c28220a2a3e1bb334f61e (diff) | |
download | inetutils-fd459180ea2928cac6cf46b6435204063421757f.tar.gz |
Abort on error from ping's sendto(2) call
Instead of trying to continue sending echo packets in vain.
Closes: #323165
-rw-r--r-- | debian/changelog | 2 | ||||
-rw-r--r-- | debian/patches/30_ping-Abort-on-sendto-error.patch | 93 | ||||
-rw-r--r-- | debian/patches/series | 1 |
3 files changed, 96 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 8b5e977..6288311 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,8 @@ inetutils (2:1.8-6) UNRELEASED; urgency=high * Fix buffer overflow in telnetd allowing remote attackers to execute arbitrary code via a long encryption key. Patch taken from FreeBSD. CVE-2011-4862 + * Abort on error from ping's sendto(2) call, instead of trying to continue + sending echo packets in vain. (Closes: #323165) -- Guillem Jover <guillem@debian.org> Wed, 28 Dec 2011 02:25:37 +0100 diff --git a/debian/patches/30_ping-Abort-on-sendto-error.patch b/debian/patches/30_ping-Abort-on-sendto-error.patch new file mode 100644 index 0000000..af1d54b --- /dev/null +++ b/debian/patches/30_ping-Abort-on-sendto-error.patch @@ -0,0 +1,93 @@ +From 8920f43f1957ac1f94850af19905896e19cbc8d3 Mon Sep 17 00:00:00 2001 +From: Guillem Jover <guillem@hadrons.org> +Date: Tue, 27 Dec 2011 23:44:05 +0100 +Subject: [PATCH] ping: Abort on sendto () error + +* ping/libping.c (ping_xmit): Return -1 instead of calling perror () on +sendto () error. +* ping/ping6.c (ping_xmit): Likewise. +(send_echo): Error out instead of continuing sending packets. +* ping/ping.c (send_echo): Likewise. +--- + ping/libping.c | 2 +- + ping/ping.c | 8 +++++++- + ping/ping6.c | 10 ++++++++-- + 3 files changed, 16 insertions(+), 4 deletions(-) + +diff --git a/ping/libping.c b/ping/libping.c +index 99b5cd5..6e6f415 100644 +--- a/ping/libping.c ++++ b/ping/libping.c +@@ -144,7 +144,7 @@ ping_xmit (PING * p) + i = sendto (p->ping_fd, (char *) p->ping_buffer, buflen, 0, + (struct sockaddr *) &p->ping_dest.ping_sockaddr, sizeof (struct sockaddr_in)); + if (i < 0) +- perror ("ping: sendto"); ++ return -1; + else + { + p->ping_num_xmit++; +diff --git a/ping/ping.c b/ping/ping.c +index b90ebec..db77f46 100644 +--- a/ping/ping.c ++++ b/ping/ping.c +@@ -425,6 +425,7 @@ int + send_echo (PING * ping) + { + int off = 0; ++ int rc; + + if (PING_TIMING (data_length)) + { +@@ -437,7 +438,12 @@ send_echo (PING * ping) + ping_set_data (ping, data_buffer, off, + data_length > PING_HEADER_LEN ? + data_length - PING_HEADER_LEN : data_length, USE_IPV6); +- return ping_xmit (ping); ++ ++ rc = ping_xmit (ping); ++ if (rc < 0) ++ error (EXIT_FAILURE, errno, "sending packet"); ++ ++ return rc; + } + + int +diff --git a/ping/ping6.c b/ping/ping6.c +index 6bb7618..a7425f4 100644 +--- a/ping/ping6.c ++++ b/ping/ping6.c +@@ -381,6 +381,7 @@ static int + send_echo (PING * ping) + { + int off = 0; ++ int rc; + + if (PING_TIMING (data_length)) + { +@@ -393,7 +394,12 @@ send_echo (PING * ping) + ping_set_data (ping, data_buffer, off, + data_length > PING_HEADER_LEN ? + data_length - PING_HEADER_LEN : data_length, USE_IPV6); +- return ping_xmit (ping); ++ ++ rc = ping_xmit (ping); ++ if (rc < 0) ++ error (EXIT_FAILURE, errno, "sending packet"); ++ ++ return rc; + } + + static int +@@ -784,7 +790,7 @@ ping_xmit (PING * p) + i = sendto (p->ping_fd, (char *) p->ping_buffer, buflen, 0, + (struct sockaddr *) &p->ping_dest.ping_sockaddr6, sizeof (p->ping_dest.ping_sockaddr6)); + if (i < 0) +- perror ("ping: sendto"); ++ return -1; + else + { + p->ping_num_xmit++; +-- +1.7.7.3 + diff --git a/debian/patches/series b/debian/patches/series index 559f31c..ecf488c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,6 +2,7 @@ 02_remove_unused_opie_check.patch 03_reduce_shared_lib_depends.patch 22_syslogd_conf.patch +30_ping-Abort-on-sendto-error.patch 50_split_load_conffile.patch 51_add_load_confdir_support.patch 60_inetd_support_argless_services.patch |