add two patches from upstream:

-fix possible free() of an uninitialized pointer when reading a malformed pcap-ng file (CVE-2011-0538) -add length check in pcap-ng reader bump PKGREV
author: drochner <drochner@pkgsrc.org> 2011-02-10 11:00:56 +0000
committer: drochner <drochner@pkgsrc.org> 2011-02-10 11:00:56 +0000
commit: 31e65b3914a08ff8a42eeb9bf812a7a11ea431dd (patch)
tree: 3468bd63fa43c14a168609e0b39c32fb1cee4ea2 /net/wireshark
parent: f67e6656a2733f1346801caa3ef54b3cb2757c28 (diff)
download: pkgsrc-31e65b3914a08ff8a42eeb9bf812a7a11ea431dd.tar.gz
4 files changed, 62 insertions, 3 deletions
diff --git a/net/wireshark/Makefile b/net/wireshark/Makefile
index 8a3c56f660f..335769712ac 100644
--- a/net/wireshark/Makefile
+++ b/net/wireshark/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.58 2011/01/13 13:53:34 wiz Exp $
+# $NetBSD: Makefile,v 1.59 2011/02/10 11:00:56 drochner Exp $
 
 DISTNAME=		wireshark-1.4.3
-PKGREVISION=		1
+PKGREVISION=		2
 CATEGORIES=		net
 MASTER_SITES=		http://www.wireshark.org/download/src/ \
 			${MASTER_SITE_SOURCEFORGE:=wireshark/}
diff --git a/net/wireshark/distinfo b/net/wireshark/distinfo
index 8305132fe0f..16c2c2b4229 100644
--- a/net/wireshark/distinfo
+++ b/net/wireshark/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.40 2011/01/31 12:21:34 adam Exp $
+$NetBSD: distinfo,v 1.41 2011/02/10 11:00:56 drochner Exp $
 
 SHA1 (wireshark-1.4.3.tar.bz2) = 776c757e6a6a085232ac843ec28b026bf4ca9c8d
 RMD160 (wireshark-1.4.3.tar.bz2) = 6a63023f165b2e875296340f6a57595427a13fe7
@@ -8,6 +8,8 @@ SHA1 (patch-ab) = 5ae79916603f04c2d362c764d39f0c99728e716c
 SHA1 (patch-ac) = 4e985520ea4b118aea6fc001f256b5de96de7840
 SHA1 (patch-ad) = a09b5ac9e836ef01fbd6ba103de00d08c0af2800
 SHA1 (patch-ae) = 7af195e797f8636a9636d30cdea4ee464fd853df
+SHA1 (patch-af) = 908f2050cbf0db6156f8802e93e3f193a87ef916
+SHA1 (patch-ag) = 28c2c23355090f5737f01d2c7740c430ca2b607b
 SHA1 (patch-ba) = 49825d82605a665f54a5cdb6ccb364e55c0e0ffa
 SHA1 (patch-bb) = 1e16337d1894f196f61b233423d729246dea33b5
 SHA1 (patch-bc) = 052ede4ba58502117fe7b355e22a906ff65b773e
diff --git a/net/wireshark/patches/patch-af b/net/wireshark/patches/patch-af
new file mode 100644
index 00000000000..c36aa7ba01b
--- /dev/null
+++ b/net/wireshark/patches/patch-af
@@ -0,0 +1,13 @@
+$NetBSD: patch-af,v 1.1 2011/02/10 11:00:57 drochner Exp $
+
+--- tshark.c.orig	2011-01-11 19:24:25.000000000 +0000
++++ tshark.c
+@@ -2523,7 +2523,7 @@ load_cap_file(capture_file *cf, char *sa
+   int          snapshot_length;
+   wtap_dumper *pdh;
+   int          err;
+-  gchar        *err_info;
++  gchar        *err_info = NULL;
+   gint64       data_offset;
+   char         *save_file_string = NULL;
+   gboolean     filtering_tap_listeners;
diff --git a/net/wireshark/patches/patch-ag b/net/wireshark/patches/patch-ag
new file mode 100644
index 00000000000..328060d8bd7
--- /dev/null
+++ b/net/wireshark/patches/patch-ag
@@ -0,0 +1,44 @@
+$NetBSD: patch-ag,v 1.1 2011/02/10 11:00:57 drochner Exp $
+
+--- wiretap/pcapng.c.orig	2011-01-11 19:24:22.000000000 +0000
++++ wiretap/pcapng.c
+@@ -806,18 +806,26 @@ pcapng_read_packet_block(FILE_T fh, pcap
+ 		pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than packet_len %u.",
+ 		              wblock->data.packet.cap_len, wblock->data.packet.packet_len);
+ 		*err = WTAP_ERR_BAD_RECORD;
++		*err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than packet_len");
+ 		return 0;
+ 	}
+ 	if (wblock->data.packet.cap_len > WTAP_MAX_PACKET_SIZE) {
+ 		pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than WTAP_MAX_PACKET_SIZE %u.",
+ 		              wblock->data.packet.cap_len, WTAP_MAX_PACKET_SIZE);
+ 		*err = WTAP_ERR_BAD_RECORD;
++		*err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than WTAP_MAX_PACKET_SIZE");
+ 		return 0;
+ 	}
+ 	pcapng_debug3("pcapng_read_packet_block: packet data: packet_len %u captured_len %u interface_id %u",
+ 	              wblock->data.packet.packet_len,
+ 	              wblock->data.packet.cap_len,
+ 	              wblock->data.packet.interface_id);
++	if (wblock->data.packet.packet_len > WTAP_MAX_PACKET_SIZE) {
++		*err = WTAP_ERR_BAD_RECORD;
++		*err_info = g_strdup_printf("pcapng_read_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.",
++			wblock->data.packet.packet_len, WTAP_MAX_PACKET_SIZE);
++		return 0;
++	}
+ 
+ 	wtap_encap = pcapng_get_encap(wblock->data.packet.interface_id, pn);
+ 	pcapng_debug3("pcapng_read_packet_block: encapsulation = %d (%s), pseudo header size = %d.",
+@@ -980,6 +988,12 @@ pcapng_read_simple_packet_block(FILE_T f
+ 	}
+ 	pcapng_debug1("pcapng_read_simple_packet_block: packet data: packet_len %u",
+ 	               wblock->data.simple_packet.packet_len);
++	if (wblock->data.simple_packet.packet_len > WTAP_MAX_PACKET_SIZE) {
++		*err = WTAP_ERR_BAD_RECORD;
++		*err_info = g_strdup_printf("pcapng_read_simple_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.",
++			wblock->data.simple_packet.packet_len, WTAP_MAX_PACKET_SIZE);
++		return 0;
++	}
+ 
+ 	encap = pcapng_get_encap(0, pn);
+ 	pcapng_debug1("pcapng_read_simple_packet_block: Need to read pseudo header of size %d",
author	drochner <drochner@pkgsrc.org>	2011-02-10 11:00:56 +0000
committer	drochner <drochner@pkgsrc.org>	2011-02-10 11:00:56 +0000
commit	31e65b3914a08ff8a42eeb9bf812a7a11ea431dd (patch)
tree	3468bd63fa43c14a168609e0b39c32fb1cee4ea2 /net/wireshark
parent	f67e6656a2733f1346801caa3ef54b3cb2757c28 (diff)
download	pkgsrc-31e65b3914a08ff8a42eeb9bf812a7a11ea431dd.tar.gz