diff options
author | sbd <sbd> | 2011-02-11 05:40:44 +0000 |
---|---|---|
committer | sbd <sbd> | 2011-02-11 05:40:44 +0000 |
commit | 99ea7739fdf13cc442ab98984a502dd9db7ec23e (patch) | |
tree | a1420fc39e3a781437fed144a1d59890268db58d | |
parent | f9bee4489d08f45efbd154abc3d238e92ea91e66 (diff) | |
download | pkgsrc-99ea7739fdf13cc442ab98984a502dd9db7ec23e.tar.gz |
Pullup ticket #3351 - requested by drochner
wireshark security patches
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.59
- pkgsrc/net/wireshark/distinfo 1.41
- pkgsrc/net/wireshark/patches/patch-af 1.1
- pkgsrc/net/wireshark/patches/patch-ag 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Thu Feb 10 11:00:57 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Added Files:
pkgsrc/net/wireshark/patches: patch-af patch-ag
Log Message:
add two patches from upstream:
-fix possible free() of an uninitialized pointer when reading a
malformed pcap-ng file (CVE-2011-0538)
-add length check in pcap-ng reader
bump PKGREV
-rw-r--r-- | net/wireshark/Makefile | 3 | ||||
-rw-r--r-- | net/wireshark/distinfo | 4 | ||||
-rw-r--r-- | net/wireshark/patches/patch-af | 13 | ||||
-rw-r--r-- | net/wireshark/patches/patch-ag | 44 |
4 files changed, 62 insertions, 2 deletions
diff --git a/net/wireshark/Makefile b/net/wireshark/Makefile index a528a76839a..dff4e4f00b9 100644 --- a/net/wireshark/Makefile +++ b/net/wireshark/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.56.2.1 2011/01/12 07:26:06 sbd Exp $ +# $NetBSD: Makefile,v 1.56.2.2 2011/02/11 05:40:44 sbd Exp $ DISTNAME= wireshark-1.4.3 +PKGREVISION= 2 CATEGORIES= net MASTER_SITES= http://www.wireshark.org/download/src/ \ ${MASTER_SITE_SOURCEFORGE:=wireshark/} diff --git a/net/wireshark/distinfo b/net/wireshark/distinfo index b6e6cf6142b..68e1e4f1f00 100644 --- a/net/wireshark/distinfo +++ b/net/wireshark/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.38.2.1 2011/01/12 07:26:06 sbd Exp $ +$NetBSD: distinfo,v 1.38.2.2 2011/02/11 05:40:44 sbd Exp $ SHA1 (wireshark-1.4.3.tar.bz2) = 776c757e6a6a085232ac843ec28b026bf4ca9c8d RMD160 (wireshark-1.4.3.tar.bz2) = 6a63023f165b2e875296340f6a57595427a13fe7 @@ -7,6 +7,8 @@ SHA1 (patch-aa) = d0744f069ac2d3a8a43b810e1f958360d99200a9 SHA1 (patch-ab) = 5ae79916603f04c2d362c764d39f0c99728e716c SHA1 (patch-ac) = 4e985520ea4b118aea6fc001f256b5de96de7840 SHA1 (patch-ad) = a09b5ac9e836ef01fbd6ba103de00d08c0af2800 +SHA1 (patch-af) = 908f2050cbf0db6156f8802e93e3f193a87ef916 +SHA1 (patch-ag) = 28c2c23355090f5737f01d2c7740c430ca2b607b SHA1 (patch-ba) = 49825d82605a665f54a5cdb6ccb364e55c0e0ffa SHA1 (patch-bb) = 1e16337d1894f196f61b233423d729246dea33b5 SHA1 (patch-bc) = 052ede4ba58502117fe7b355e22a906ff65b773e diff --git a/net/wireshark/patches/patch-af b/net/wireshark/patches/patch-af new file mode 100644 index 00000000000..d3c484faf85 --- /dev/null +++ b/net/wireshark/patches/patch-af @@ -0,0 +1,13 @@ +$NetBSD: patch-af,v 1.1.2.2 2011/02/11 05:40:44 sbd Exp $ + +--- tshark.c.orig 2011-01-11 19:24:25.000000000 +0000 ++++ tshark.c +@@ -2523,7 +2523,7 @@ load_cap_file(capture_file *cf, char *sa + int snapshot_length; + wtap_dumper *pdh; + int err; +- gchar *err_info; ++ gchar *err_info = NULL; + gint64 data_offset; + char *save_file_string = NULL; + gboolean filtering_tap_listeners; diff --git a/net/wireshark/patches/patch-ag b/net/wireshark/patches/patch-ag new file mode 100644 index 00000000000..c9a03efe593 --- /dev/null +++ b/net/wireshark/patches/patch-ag @@ -0,0 +1,44 @@ +$NetBSD: patch-ag,v 1.1.2.2 2011/02/11 05:40:44 sbd Exp $ + +--- wiretap/pcapng.c.orig 2011-01-11 19:24:22.000000000 +0000 ++++ wiretap/pcapng.c +@@ -806,18 +806,26 @@ pcapng_read_packet_block(FILE_T fh, pcap + pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than packet_len %u.", + wblock->data.packet.cap_len, wblock->data.packet.packet_len); + *err = WTAP_ERR_BAD_RECORD; ++ *err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than packet_len"); + return 0; + } + if (wblock->data.packet.cap_len > WTAP_MAX_PACKET_SIZE) { + pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than WTAP_MAX_PACKET_SIZE %u.", + wblock->data.packet.cap_len, WTAP_MAX_PACKET_SIZE); + *err = WTAP_ERR_BAD_RECORD; ++ *err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than WTAP_MAX_PACKET_SIZE"); + return 0; + } + pcapng_debug3("pcapng_read_packet_block: packet data: packet_len %u captured_len %u interface_id %u", + wblock->data.packet.packet_len, + wblock->data.packet.cap_len, + wblock->data.packet.interface_id); ++ if (wblock->data.packet.packet_len > WTAP_MAX_PACKET_SIZE) { ++ *err = WTAP_ERR_BAD_RECORD; ++ *err_info = g_strdup_printf("pcapng_read_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.", ++ wblock->data.packet.packet_len, WTAP_MAX_PACKET_SIZE); ++ return 0; ++ } + + wtap_encap = pcapng_get_encap(wblock->data.packet.interface_id, pn); + pcapng_debug3("pcapng_read_packet_block: encapsulation = %d (%s), pseudo header size = %d.", +@@ -980,6 +988,12 @@ pcapng_read_simple_packet_block(FILE_T f + } + pcapng_debug1("pcapng_read_simple_packet_block: packet data: packet_len %u", + wblock->data.simple_packet.packet_len); ++ if (wblock->data.simple_packet.packet_len > WTAP_MAX_PACKET_SIZE) { ++ *err = WTAP_ERR_BAD_RECORD; ++ *err_info = g_strdup_printf("pcapng_read_simple_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.", ++ wblock->data.simple_packet.packet_len, WTAP_MAX_PACKET_SIZE); ++ return 0; ++ } + + encap = pcapng_get_encap(0, pn); + pcapng_debug1("pcapng_read_simple_packet_block: Need to read pseudo header of size %d", |