diff options
author | tron <tron@pkgsrc.org> | 2005-04-28 16:46:44 +0000 |
---|---|---|
committer | tron <tron@pkgsrc.org> | 2005-04-28 16:46:44 +0000 |
commit | 0c0db0e6406708fd242c0ddf64d4d569d8e09b52 (patch) | |
tree | 13b2be5ca0bc6f0f5588b4736301defa9fc81900 /net | |
parent | 03c87839f9e33b44da93485d602e1e4c90d2e87f (diff) | |
download | pkgsrc-0c0db0e6406708fd242c0ddf64d4d569d8e09b52.tar.gz |
Avoid endless loop in the rsvp dissector which allowed a remote DoS.
Bump package revision because of this change.
Diffstat (limited to 'net')
-rw-r--r-- | net/ethereal/Makefile | 8 | ||||
-rw-r--r-- | net/ethereal/distinfo | 3 | ||||
-rw-r--r-- | net/ethereal/patches/patch-aa | 130 |
3 files changed, 139 insertions, 2 deletions
diff --git a/net/ethereal/Makefile b/net/ethereal/Makefile index e578b3ffb74..a8400a1250a 100644 --- a/net/ethereal/Makefile +++ b/net/ethereal/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.106 2005/04/11 21:46:46 tv Exp $ +# $NetBSD: Makefile,v 1.107 2005/04/28 16:46:44 tron Exp $ DISTNAME= ethereal-0.10.10 +PKGREVISION= 1 CATEGORIES= net MASTER_SITES= http://www.ethereal.com/distribution/ \ http://ethereal.planetmirror.com/distribution/ \ @@ -47,6 +48,11 @@ PTHREAD_OPTS= require USE_BUILTIN.libpcap= no .endif +# This work arround should be removed when the packages gets updated +# to a newer version. +post-patch: + ${TOUCH} ${WRKSRC}/epan/dissectors/register.c + .include "../../devel/glib2/buildlink3.mk" .include "../../devel/pcre/buildlink3.mk" .include "../../devel/pkgconfig/buildlink3.mk" diff --git a/net/ethereal/distinfo b/net/ethereal/distinfo index f45a54e171d..09cdd6e7d62 100644 --- a/net/ethereal/distinfo +++ b/net/ethereal/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.36 2005/03/14 15:09:28 salo Exp $ +$NetBSD: distinfo,v 1.37 2005/04/28 16:46:45 tron Exp $ SHA1 (ethereal-0.10.10.tar.bz2) = 611259edaf36a34a49331ed6fbc194c2407bd528 RMD160 (ethereal-0.10.10.tar.bz2) = 1867f061c704482ea15c78077d3289ac67984001 Size (ethereal-0.10.10.tar.bz2) = 5799231 bytes +SHA1 (patch-aa) = bbf886b22d1ad79951fe971fe1603d93903e842f diff --git a/net/ethereal/patches/patch-aa b/net/ethereal/patches/patch-aa new file mode 100644 index 00000000000..7aae28a2805 --- /dev/null +++ b/net/ethereal/patches/patch-aa @@ -0,0 +1,130 @@ +$NetBSD: patch-aa,v 1.13 2005/04/28 16:46:45 tron Exp $ + +--- epan/dissectors/packet-rsvp.c.orig 2005-03-10 15:53:40.000000000 +0000 ++++ epan/dissectors/packet-rsvp.c 2005-04-28 16:56:00.000000000 +0100 +@@ -1346,9 +1346,9 @@ + tvbuff_t *tvb, int offset, int obj_length, + int subtree_type) + { +- guint16 tlv_off; ++ guint tlv_off; + guint16 tlv_type; +- guint16 tlv_len; ++ guint tlv_len; + char *ifindex_name; + proto_tree *rsvp_ifid_subtree, *ti2; + int offset2 = offset + 4; +@@ -1356,6 +1356,12 @@ + for (tlv_off = 0; tlv_off < obj_length - 12; ) { + tlv_type = tvb_get_ntohs(tvb, offset+tlv_off); + tlv_len = tvb_get_ntohs(tvb, offset+tlv_off+2); ++ ++ if (tlv_len == 0) { ++ proto_tree_add_text(rsvp_object_tree, tvb, offset+tlv_off+2, 2, ++ "Invalid length (0)"); ++ return; ++ } + switch(tlv_type) { + case 1: + ti2 = proto_tree_add_text(rsvp_object_tree, tvb, +@@ -3330,6 +3336,11 @@ + + } + ++ if (tvb_get_guint8(tvb, offset+l+1) < 1) { ++ proto_tree_add_text(rsvp_ro_subtree, tvb, offset+l+1, 1, ++ "Invalid length: %u", tvb_get_guint8(tvb, offset+l+1)); ++ return; ++ } + l += tvb_get_guint8(tvb, offset+l+1); + if (l < obj_length - 4) { + if (i < 4) +@@ -4020,6 +4031,11 @@ + } + + l += tvb_get_guint8(tvb, offset2+l+1); ++ if (l < 1) { ++ proto_tree_add_text(rsvp_gen_uni_subtree, tvb, offset2+l+1, 1, ++ "Invalid length: %u", tvb_get_guint8(tvb, offset2+l+1)); ++ return; ++ } + if (l < mylen) { + if (i < 4) + proto_item_append_text(ti, ", "); +@@ -4070,7 +4086,7 @@ + proto_tree_add_text(rsvp_object_tree, tvb, offset+2, 1, + "Class number: %u - %s", + class, type_str); +- proto_item_set_text(ti, "CALL-ID"); ++ proto_item_set_text(ti, "CALL-ID: "); + type = tvb_get_guint8 (tvb, offset2); + switch(c_type) { + case 1: +@@ -4084,6 +4100,8 @@ + val_to_str(type, address_type_vals, "Unknown (%u)")); + proto_tree_add_text(rsvp_object_tree, tvb, offset2+1, 3, "Reserved: %u", + tvb_get_ntoh24(tvb, offset2+1)); ++ proto_item_append_text(ti, "Operator-Specific. Addr Type: %s. ", ++ val_to_str(type, address_type_vals, "Unknown (%u)")); + } + else { + offset3 = offset2 + 16; +@@ -4095,10 +4113,13 @@ + str = tvb_get_string (tvb, offset2 + 1, 3); + proto_tree_add_text(rsvp_object_tree, tvb, offset2 + 1, 3, + "International Segment: %s", str); ++ proto_item_append_text(ti, "Globally-Unique. Addr Type: %s. Intl Segment: %s. ", ++ val_to_str(type, address_type_vals, "Unknown (%u)"), str); + g_free (str); + str = tvb_get_string (tvb, offset2 + 4, 12); + proto_tree_add_text(rsvp_object_tree, tvb, offset2 + 4, 12, + "National Segment: %s", str); ++ proto_item_append_text(ti, "Natl Segment: %s. ", str); + g_free (str); + } + +@@ -4107,30 +4128,36 @@ + offset4 = offset3 + 4; + proto_tree_add_text(rsvp_object_tree, tvb, offset3, 4, "Source Transport Network addr: %s", + ip_to_str(tvb_get_ptr(tvb, offset3, 4))); ++ proto_item_append_text(ti, "Src TNA: %s. ", ip_to_str(tvb_get_ptr(tvb, offset3, 4))); + break; + + case 2: + offset4 = offset3 + 16; + proto_tree_add_text(rsvp_object_tree, tvb, offset3, 16, "Source Transport Network addr: %s", + ip6_to_str((const struct e_in6_addr *) tvb_get_ptr(tvb, offset3, 16))); ++ proto_item_append_text(ti, "Src TNA: %s. ", ++ ip6_to_str((const struct e_in6_addr *) tvb_get_ptr(tvb, offset3, 16))); + break; + + case 3: + offset4 = offset3 + 20; + proto_tree_add_text(rsvp_object_tree, tvb, offset3, 20, "Source Transport Network addr: %s", + tvb_bytes_to_str(tvb, offset3, 20)); ++ proto_item_append_text(ti, "Src TNA: %s. ", tvb_bytes_to_str(tvb, offset3, 20)); + break; + + case 4: + offset4 = offset3 + 6; + proto_tree_add_text(rsvp_object_tree, tvb, offset3, 6, "Source Transport Network addr: %s", + tvb_bytes_to_str(tvb, offset3, 6)); ++ proto_item_append_text(ti, "Src TNA: %s. ", tvb_bytes_to_str(tvb, offset3, 6)); + break; + + case 0x7F: + offset4 = offset3 + len; + proto_tree_add_text(rsvp_object_tree, tvb, offset3, len, "Source Transport Network addr: %s", + tvb_bytes_to_str(tvb, offset3, len)); ++ proto_item_append_text(ti, "Src TNA: %s. ", tvb_bytes_to_str(tvb, offset3, len)); + break; + + default: +@@ -4141,6 +4168,7 @@ + + proto_tree_add_text(rsvp_object_tree, tvb, offset4, 8, "Local Identifier: %s", + tvb_bytes_to_str(tvb, offset4, 8)); ++ proto_item_append_text(ti, "Local ID: %s. ", tvb_bytes_to_str(tvb, offset4, 8)); + break; + + default: |